~ Cybersecurity Paths

Posted on by Paradoxa

My Beginner Path in Cybersecurity

I hope this post will help people like me saving time

My Current Level

At the moment of writing ( 11-04-24 )

– While a was still at school I completed the ECDL certification (Windows oriented cert. focused on basic PC components/maintenance and Microsoft Office Suite)
– Recently, I finished to study Comptia A+ book, both Core1 and Core2 (220-1101 & 220-1102) + Proferssor Messer study material –> no test taken
– And Just finished Chapter 11 of the PY4E course by Dr. Chuck
– Worth mentioning that currently I use Linux Os (60% Debian, 40% Arch), and I run Pfsense+ as firewall in combination with Unify devices.

As you can see, I’m still at the beginner level but not at the start as now I know what I like:
from the ECDL I enjoyed the hardware side of things and excel as a software; Obviously from there, for many years, I didn’t abandoned the world of IT but at the same tine I didn’t really progress in a meaningful way, moving in a different country and a different career path from IT didn’t help either…

On more present days, I started gradually to get more involved, especially in topic such as privacy and security.
At the same time, I noticed I was lacking in some IT fundamentals,  Comptia A+ looked appealing so I bought the book. It covers a lot of different subjects, from hardware to software. from pc to mobile devices… so it’s great I recommend it if you are in my same situation.

For why I took directly the Python course, since everybody recommends to know at least one programming language. Dr. Chuck free course was a no brainier…

What’s Next

Of course as the title implied : cybersecurity.
I mention already that I was drown back to the technology world for privacy and security, but was good at the same time to have confirmed it again after knowing all the possibilities.
But wasn’t as easy as I thought, after a lot of research choosing the right path, and especially which specialization I find myself more interested in, it was very difficult.

From all the research I found, there is a common point: which path or specialization you want to follow?
If you, like myself, don’t know yet and want to see all the option: the concept like the one behind the A+ stands the same as for cybersecurity. So a beginner friendly course/certification on cybersecurity fundamentals is a must. But if you know already, still worth having it, as good ones still teach you the fundamentals.
Also you can apply for more security jobs in the main time…(some certification required years of work experience).

That was the only common ground though as far as I can tell you.
From here there are generally speaking two different school of thought (at least for the beginner stage):
– Theory and more recognizable certification
– Practical but maybe less known cert

Theorical

In this group you find people who general recommends a more long and theoretical path with the most known certification.
Few most common path examples I saw recommend to reach a beginner cybersecurity certification are:

Comptia A+ –> Comptia Network+ –>  Comptia Security+
Cisco CCST cybersecurity –> Cisco CCNA network –> Cisco CyberOps
Isc2 CC –> Cisco CCNA network –> Comptia Security+ (cheaper to get but not sure after counting the renewals…)

with them some other certification from big names such as Google, Microsoft and AWB especially related to cloud.

After that you can start looking at more specific higher level certification from Comptia , Isc2, Sans and other

With this path you will gain a lot of certification and theoretical knowledge (at the beginning especially) that are usually in some job description, practice will come with the job.

Practical

The other group let you skip the more generic certification and concentrate on practical lab experience.  (although the Security+, CC and Google cybersecurity are still generally recommended although often without completing the certification exams).

Basically they will send you to less known academy/certification such as to name a few TryHackMe, HackTheBox, TCM Security…
before moving to more intermediate and advance levels certifications Offsec OSCP and SANS are pretty much always mentioned as

They argue practical is always better for gaining real world expertise and quote: ” Hiring Managers are not stupid, they know these certifications”.

What did I decide?

I don’t know if they are both right or both wrong but I’m looking for skills at this point.
So, I will finish the python course and, since I took A+ and enjoyed Professor Messer videos, I will watch him for security+ to understand the general landscape of cybersecurity.

But at the same time, I plan to join TryHackMe and HackTheBox, they have some free foundation teaching and practical exams that you can take…
Since they are both great enough to introduce you to amazing material, I will try them both, although TryHackMe should be the more beginner friendly.

Conclusion

At the moment I don’t have a definitive idea on what to do. I don’t know in the specific how is to operate in the various cybersecurity branches yet.
I surely will subscribe to one of the two and start completing more intermediate exams, before looking at TCM Security or Offsec.

I will also try to apply to jobs showing my knowledge and projects. Maximum that can happens they will say “No”.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *