Hello readers, welcome to the world of Cybersecurity. Today in this article I will explain and help you get started in Cybersecurity.
Firstly let’s see what is Cybersecurity?
Cybersecurity is the practice of protecting computer systems, networks, and sensitive information from unauthorized access, theft, damage, or other malicious acts. It involves the use of various technologies, tools, and procedures to safeguard data and prevent cyber attacks.
As we all know in the 21st Century, we all are growing and living in Digital World. Nowadays everything is digitalized like currency, Property, Assets, etc. We call these digitalized assets ‘DATA’. According to a survey, the data generated by Humans by performing operations is 2.5 quintillion bytes which is equal to 1000 Petabytes, this data contains digital currency, cryptocurrency, photos, videos, documents, etc. With the increase in data, threats and scams also increasing.
So the world needs a lot of Cybersecurity experts to protect and secure data from being compromised and misused.
If you are also interested and want to pursue a career in cybersecurity, then here is the guide/roadmap.
In this roadmap, I will explain to you the phases you need to go through to become a cybersecurity expert.
Phase 1:- Prerequisites
Phase 1 is a prerequisite phase that will help you to lay a strong foundation in the field of computer networks.
In this phase, you need to learn completely about Computer Networking, how the internet works, how exactly we are able to communicate using the internet, etc
Here is the list of contents you need to learn in this phase –
1. Network devices
2. Data Transmission
3. Clients and Servers
4. Network Cables
5. Network Protocols
6. Communication Rules and Principles
7. OSI & TCP/IP Model
8. Building Network Topologies (Practise on Cisco Packet Tracer software)
9. Switching Protocols
10. Routing Tables
11. Routing Protocols
The best certification course for phase 1 is CCNA Switching and Routing
The certificate is not necessary, but you need to have sound knowledge of networking
Resources:
1. https://skillsforall.com/course/getting-started-cisco-packet-tracer?userLang=en-US
2. https://skillsforall.com/course/networking-basics?userLang=en-US
3. https://www.youtube.com/watch?v=S7MNX_UD7vY&list=PLIhvC56v63IJVXv0GJcl9vO5Z6znCVb1P
4. https://t.me/COMPTIA_CCNA (Telegram link)
Phase 2:- Foundation phase
Phase 2 is the foundation phase. In this phase, you will gain a strong foundation in computer architecture.
In this phase, you will learn in detail about the Operating System Architecture, and start learning one or two programming language
Here is the list of contents you need to learn in this phase –
1. Windows Architecture
2. Windows File System
3. BIOS- Legacy and UEFI
4. Installing Windows and Linux
5. Linux History
6. Debian-based Linux – Kali Linux, Ubuntu Servers
7. Linux Commands
8. Linux File System
9. Bios – GRUB boot loader
10. Programming Language – Python and Bash
11. and everything related to Operating systems
Phase 3:-
From this phase, your journey toward cybersecurity splits into multiple ways
Here you have different domains/expertise you can choose anyone
- Red-Team
Red teamers are an essential part of the cybersecurity industry, but not many people know who they are or what they do. First, let’s define what a red teamer is. A red teamer is someone who is tasked with finding vulnerabilities in a system or network by attempting to breach it. They do this by using the same tools and techniques as a malicious attacker would use, but with the goal of improving the security of the system or network, rather than causing harm. Red teamers are often contrasted with blue teamers. While red teamers are responsible for trying to breach a system, blue teamers are responsible for defending it. Together, these two teams work to improve the overall security posture of the system or network. So, what exactly does a red teamer do? Their job is to simulate a real-world attack on a system or network in order to identify vulnerabilities and weaknesses. They use a wide range of techniques to accomplish this, including social engineering, phishing, and other forms of hacking. Once they have identified vulnerabilities, they report them to the blue team to be addressed and remediated. Red teamers also play an important role in helping organizations improve their overall security posture. By simulating real-world attacks, they are able to identify weaknesses and vulnerabilities that may have gone unnoticed otherwise. This allows organizations to take proactive steps to improve their security before an attack occurs. The role of a red teamer is becoming increasingly important as the threat landscape continues to evolve. With more and more sophisticated cyber-attacks occurring regularly, organizations need to be able to identify vulnerabilities and weaknesses in their systems and networks to stay ahead of the attackers. Red teamers are a critical part of this effort. In conclusion, red teamers play an important role in the cybersecurity industry by simulating real-world attacks on systems and networks in order to identify vulnerabilities and weaknesses. By doing so, they help organizations improve their overall security posture and stay ahead of the ever-evolving threat landscape.
The basic certification for a Red teamer is CEH and the best certification is OSCP
If you want to be a Red Teamer you should learn about
Here is the list of content you need to learn
1. Footprinting and Reconnaissance
2. Scanning Networks
3. Enumeration
4. Vulnerability Analysis
5. System Hacking (Penetration Testing)
6. Malware Threats and Malware analysis
7. Sniffing
8. Social Engineering
9. Denial of Service (DOS)
10. Session Hijacking
11. Evading IDS/IPS & Firewalls
12. Web Application Hacking
13. OWASP10
14. Hacking Wireless Network
15. Hacking Mobile Platforms
16. IoT && OT hacking
17. Cloud Computing and Pentesting
18. Cryptography
19. Reverse Engineering, etc
2. Blue-Team
A blue teamer is someone who is responsible for defending a system or network against cyber attacks. They work closely with the red team to identify vulnerabilities and weaknesses in the system or network, and then take proactive steps to prevent attacks from occurring. Blue teamers use a wide range of tools and techniques to defend against cyber attacks. This can include firewalls, intrusion detection and prevention systems, antivirus software, and more. They are also responsible for monitoring the system or network for suspicious activity and responding to any threats that are detected. One of the key responsibilities of a blue teamer is to conduct regular security assessments and audits to ensure that the system or network is secure. This involves testing the system or network for vulnerabilities, identifying areas of weakness, and implementing security measures to address these issues. The role of a blue teamer is becoming increasingly important as the threat landscape continues to evolve. Cyber attacks are becoming more sophisticated and frequent, and organizations need to be able to defend against them in order to protect their sensitive data and systems. Blue teamers play a critical role in this effort. In conclusion, a blue teamer is someone who is responsible for defending a system or network against cyber attacks. They use a variety of tools and techniques to identify vulnerabilities and weaknesses in the system and take proactive steps to prevent attacks from occurring.
The basic certification for the Blue team is CND/CSA
Here is the list of content you need to learn
- Network Attacks and Defensive Strategies
- Administrative Network Security
- End-point Security
- Perimeter Security- Windows, Linux, Mac
- Application Security
- Data Security
- Enterprise Wireless network Security
- Network Traffic Monitoring and Analysis
- Network Logs Monitoring and Analysis
- Incident Response and Forensics
- Business Continuity and Disaster Recovery
- Risk Anticipation and Risk Management
- Threat Analysis with Attack Surface analysis
- Threat Prediction with Cyber Threat Intelligence
- IoT Device Security, etc
Finally, I hope you guys found something useful in this blog, and achieve your dreams.
Thank you, guys, for reading upto here. You can contact me on my LinkedIn/Instagram……..
Stay Tuned for new and more interesting blogs and guides that will be released soon.
Nice..good explanation..well done
Nice and wish you good luck for next blogs and content