Hands-On Labs

“Cybersecurity 101” Guide, part I

By Lester Nichols

Building a Strong Foundation in Cybersecurity: Advice for Beginners by Lester Nichols

Embarking on a journey in the field of cybersecurity can be both exciting and overwhelming. This can regardless of starting out fresh from another career or being a part of an existing technical field. With the ever-evolving threat landscape and the constant emergence of new technologies or threats, it’s crucial for beginners to develop a strong foundation in security concepts. In fact, I discuss much of this regardless of your starting point into the field of cybersecurity in my book, Cybersecurity Architect’s Handbook.

To understand how you can apply this advice, you need to understand what encompasses cybersecurity. In my book, cybersecurity is typically broken down into the following domains, or subject areas: 

  • Access Control 
  • Secure Software Development 
  • Business Continuity Planing/Disaster Recovery (BCP/DR) 
  • Cryptography 
  • Information Security Governance/Risk Management 
  • Legal/Regulatory/Compliance and Investigations 
  • Security Operations 
  • Physical and Environmental Security 
  • Security Architecture 
  • Telecommunications/Network Security 

The advice that is provided in this article will help regardless the domain or can be applied across environments and subject areas.  

Sun Tzu wrote the following: 

“There are not more than five musical notes, yet the combinations of these five give rise to more melodies than can ever be heard. There are not more than five primary colours, yet in combination they produce more hues than can ever been seen. There are not more than five cardinal tastes, yet combinations of them yield more flavours than can ever be tasted.” 

This is no less important in cybersecurity as it is in military tactics. Understanding the basics, regardless if that is technical, or understanding yourself and where your or others have set boundaries is essential in being successful.In this article, we will explore some essential advice for aspiring cybersecurity professionals, focusing on the basics of networking and Linux, and discuss potential pitfalls to avoid. 

Master the Fundamentals of Networking 

Networking is a fundamental skill for anyone working in IT or looking to build a career in the field. A solid understanding of networking concepts and technologies is essential for designing, implementing, troubleshooting and securing computer networks. To master the fundamentals of networking, it’s important to first understand the TCP/IP model which forms the basis of modern networking. Familiarizing yourself with the four layers of this model – Application, Transport, Internet, and Network Access – and how data is encapsulated and transmitted across networks at each layer is a key starting point. From there, learning common network protocols like HTTP, FTP, and SSH and the differences between connection-oriented TCP vs. connectionless UDP will further expand your networking knowledge. Finally, a good grasp of IP addressing, subnetting and CIDR notation for logically segmenting networks is another core skill to learn and practice. By focusing on these key areas, you can build a strong foundation in the fundamentals of computer networking. 

  • Understanding TCP/IP Model 
  • Familiarize yourself with the four layers of the TCP/IP model: Application, Transport, Internet, and Network Access. 
  • Understand how data is encapsulated and transmitted across networks. 
  • Network Protocols and Port Numbers 
  • Learn common network protocols such as HTTP, HTTPS, FTP, SSH, and their associated port numbers. 
  • Understand the differences between TCP and UDP protocols. 
  • Subnetting and IP Addressing 
  • Grasp the concepts of IP addressing, subnetting, and CIDR notation. 
  • Practice subnetting exercises to strengthen your understanding of network segmentation. 

Develop Linux Proficiency

Linux has become a ubiquitous operating system, powering everything from servers and cloud infrastructure to embedded devices and supercomputers. Developing proficiency in Linux is a valuable skill for anyone working in IT, system administration, DevOps, or software development. To get started, it’s essential to become comfortable with the Linux command line interface (CLI) and learn basic commands for navigating the file system, managing files and directories, and performing system administration tasks. Familiarizing yourself with the Linux file system hierarchy and understanding the purpose of different directories is also crucial. As you progress, learning how to manage users and groups, control file permissions, and perform more advanced system configuration and automation will further enhance your Linux skills. With practice and hands-on experience, you can develop a strong foundation in Linux that will benefit you across a wide range of tech roles and projects. 

  • Command Line Interface (CLI) 
  • Familiarize yourself with basic Linux commands for navigation, file management, and system administration. 
  • Practice using the terminal to perform tasks efficiently. 
  • File System Hierarchy 
  • Understand the Linux file system structure and the purpose of different directories. 
  • Learn how to navigate and manage files and directories using commands like cd, ls, cp, mv, and rm. 
  • User and Group Management 
  • Learn how to create, modify, and delete user accounts and groups. 
  • Understand file permissions and how to manage them using chmod and chown commands. 

Pursue Relevant Certifications 

In the field of cybersecurity, certifications play a vital role in validating your skills, knowledge, and expertise to potential employers. Pursuing relevant certifications can help you stand out in a competitive job market, demonstrate your commitment to professional development, and open up new career opportunities. When starting your cybersecurity journey, consider obtaining the CompTIA Security+ certification as a foundational credential. This certification covers essential security concepts and provides a solid base for further specialization. If you have a strong interest in networking, the Cisco Certified Network Associate (CCNA) certification is a valuable pursuit, validating your proficiency in network fundamentals, switching, routing, and security. For those passionate about ethical hacking and penetration testing, the Offensive Security Certified Professional (OSCP) certification is highly respected in the industry. It emphasizes practical, hands-on skills and demonstrates your ability to identify and exploit vulnerabilities in systems. By strategically pursuing certifications aligned with your interests and career goals, you can enhance your credibility, expand your knowledge, and accelerate your growth in the dynamic field of cybersecurity. 

  • CompTIA Security+ 
  • Consider obtaining the CompTIA Security+ certification as a starting point. 
  • This certification covers fundamental security concepts and provides a solid foundation for further specialization. 
  • Cisco Certified Network Associate (CCNA) 
  • If you have a strong interest in networking, pursue the CCNA certification. 
  • CCNA validates your skills in network fundamentals, switching, routing, and security. 
  • Offensive Security Certified Professional (OSCP) 
  • For those interested in ethical hacking and penetration testing, the OSCP certification is highly regarded. 
  • It focuses on hands-on practical skills and demonstrates your ability to identify and exploit vulnerabilities. 

Engage in Continuous Learning

Engaging in continuous learning is a crucial aspect of building a successful career in cybersecurity. In an ever-evolving field where new threats, technologies, and defensive techniques emerge regularly, staying up-to-date and expanding your knowledge is essential. Fortunately, there is a wealth of online resources and vibrant communities available to support your learning journey. Platforms like YouTube, Coursera, and Udemy offer a wide range of courses and tutorials covering various cybersecurity concepts and techniques. Engaging with experienced professionals on forums, Reddit, and Discord can provide valuable insights, mentorship, and opportunities to learn from real-world experiences. To complement your theoretical knowledge, hands-on practice is vital. Participating in Capture The Flag (CTF) challenges allows you to apply your skills, develop problem-solving abilities, and gain practical experience in simulated security scenarios. Setting up virtual labs using tools like VirtualBox or VMware enables you to create controlled environments where you can safely experiment, test, and learn without impacting production systems. By actively seeking out learning opportunities, engaging with the cybersecurity community, and dedicating time to practical application, you can ensure continuous growth and stay at the forefront of this dynamic field. 

  • Online Resources and Communities 
  • Utilize online platforms like YouTube, Coursera, and Udemy for learning security concepts and techniques. 
  • Engage with cybersecurity communities on forums, Reddit, and Discord to learn from experienced professionals. 
  • CTF Challenges and Hands-on Practice 
  • Participate in Capture The Flag (CTF) challenges to apply your knowledge and develop problem-solving skills. 
  • Set up virtual labs using tools like VirtualBox or VMware to practice various security scenarios.  

Pitfalls to Avoid

As you embark on your journey to learn cybersecurity, it’s important to be aware of common pitfalls that can hinder your progress and effectiveness. One of the most significant mistakes is rushing the learning process in an attempt to quickly master advanced topics. Taking the time to thoroughly understand the fundamentals is crucial, as gaps in foundational knowledge can lead to confusion and frustration when tackling more complex concepts. Become an expert at the basics before moving on to advanced material. Another pitfall is neglecting practical application. While theoretical knowledge is important, it’s essential to allocate sufficient time for hands-on practice through labs, CTF challenges, and practical projects. This reinforces your learning, helps you develop problem-solving skills, and prepares you for real-world scenarios. Additionally, don’t underestimate the importance of soft skills in the field of cybersecurity. Strong communication, collaboration, and problem-solving abilities are vital for effectively working in teams, conveying technical information to non-technical stakeholders, and navigating complex security challenges. By avoiding these common pitfalls and maintaining a balanced approach to learning, you can set yourself up for success in your cybersecurity journey. 

  • Rushing the Learning Process 
  • Take your time to thoroughly understand the fundamentals before diving into advanced topics. 
  • Rushing through concepts may lead to gaps in knowledge and hinder your progress. 
  • Become an expert at the basics. 
  • Neglecting Practical Application 
  • Theory alone is not enough; ensure you allocate sufficient time for hands-on practice. 
  • Engage in labs, CTF challenges, and practical projects to reinforce your learning. 
  • Underestimating the Importance of Soft Skills 
  • Develop strong communication, collaboration, and problem-solving skills. 
  • write an introductory paragraph for the following: These soft skills are essential for effectively working in teams and conveying technical information to non-technical stakeholders. 

Building a strong foundation in cybersecurity requires dedication, curiosity, and a willingness to learn continuously. By mastering the basics of networking and Linux, pursuing relevant certifications, engaging in hands-on practice, and avoiding common pitfalls, beginners can set themselves up for a successful career in this dynamic field. Remember, cybersecurity is an ongoing journey, and embracing a mindset of lifelong learning is key to staying ahead in this ever-evolving landscape. 

From Security Analyst to Security Architect: A Roadmap for Career Progression

Embarking on a career as a security analyst is an exciting first step towards becoming a seasoned security professional. However, for those who aspire to advance their careers and become security architects, it’s essential to have a well-defined roadmap. In this article, we will explore the must-knows for security professionals starting out as analysts and provide a roadmap to help them navigate their journey towards becoming security architects. 

Another quote from Sun Tzu states: 

“Thus we may know that there are five essentials for victory: (1) He will win who knows when to fight and when not to fight; (2) he will win who knows how to handle both superior and inferior forces; (3) he will win whose army is animated by the same spirit throughout all its ranks; (4) he will win who, prepared himself, waits to take the enemy unprepared; (5) he will win who has military capacity and is not interfered with by the sovereign.” 

As quoted from Sun Tzu’s Art of War, it is crucial to comprehend your role as the Cybersecurity Architect and the people or teams you will work with. While the quote is how to be a successful military leader, the same concepts can be applied to be successful in your career and in the role; understanding that the Cybersecurity Architect plays a vital role in maintaining a strong security posture for an organization, protecting sensitive information, and reducing the risk of cyber attacks can help you develop a strategy to successfully transition to various stages within your career. 

Mastering the Fundamentals

As mentioned at the beginning of this article, mastering the fundamentals is the first step in the journey from a security analyst (really any starting point) to a security architect. To build a solid foundation, it is essential to gain a comprehensive understanding of the current cybersecurity landscape, including common threats, attack vectors, and defense mechanisms. Staying updated with the latest security trends, technologies, and best practices is crucial to remain relevant in the ever-evolving field. Developing strong technical skills is also paramount, which involves acquiring proficiency in various security tools and technologies such as SIEM, IDS/IPS, firewalls, and vulnerability scanners. Proficiency in scripting languages like Python or PowerShell is also valuable for automating security tasks and analyzing data. Additionally, learning incident response and forensics is essential, as it involves understanding the incident response process, familiarizing oneself with forensic techniques, and gaining hands-on experience in investigating security incidents, collecting evidence, and performing root cause analysis. By mastering these fundamentals, security professionals can lay a strong foundation for their career progression and be well-prepared to take on more advanced roles in the future. 

  • Understand the Cybersecurity Landscape 
  • Gain a solid understanding of the current cybersecurity landscape, including common threats, attack vectors, and defense mechanisms. 
  • Stay updated with the latest security trends, technologies, and best practices. 
  • Develop Strong Technical Skills 
  • Acquire proficiency in various security tools and technologies, such as SIEM, IDS/IPS, firewalls, and vulnerability scanners. 
  • Develop skills in scripting languages like Python or PowerShell to automate security tasks and analyze data. 
  • Learn Incident Response and Forensics 
  • Understand the incident response process and familiarize yourself with forensic techniques. 
  • Gain hands-on experience in investigating security incidents, collecting evidence, and performing root cause analysis.  

Expanding Your Knowledge and Expertise

To progress from any starting point to a security architect, it is crucial to expand one’s knowledge and expertise beyond the foundational skills. Pursuing relevant certifications is an excellent way to demonstrate proficiency and commitment to professional growth. While certifications are not necessarily a requirement with every company or industry when first starting out, you will find that certifications can be differentiators between you and others. In addition, depending on your industry or where you are, certification become more of a mandate/requirement. I discuss this very topic in Chapter 8 – The Certification Dilemma of my book in more detail. Industry-recognized certifications such as CompTIA Security+, GIAC Security Essentials (GSEC), or Certified Ethical Hacker (CEH) provide a solid foundation, while specialized certifications in areas like incident response, threat hunting, or cloud security can help develop expertise in specific domains. Gaining exposure to different security domains, such as network security, application security, data security, and cloud security, is also essential to develop a comprehensive understanding of the cyber threat landscape and the unique challenges and best practices associated with each domain. Additionally, developing a holistic understanding of security architecture principles and frameworks, such as SABSA or TOGAF, and how security controls integrate with business processes and IT infrastructure, is crucial for the transition to a security architect role. By actively expanding one’s knowledge and expertise through certifications, exposure to various domains, and understanding of security architecture, security professionals can position themselves for success in their journey towards becoming effective security architects. 

  • Pursue Relevant Certifications 
  • Obtain industry-recognized certifications such as CompTIA Security+, GIAC Security Essentials (GSEC), or Certified Ethical Hacker (CEH). 
  • Consider pursuing specialized certifications in areas like incident response, threat hunting, or cloud security. 
  • Gain Exposure to Different Security Domains 
  • Explore various security domains, such as network security, application security, data security, and cloud security. 
  • Understand the unique challenges and best practices associated with each domain. 
  • Develop a Holistic Understanding of Security Architecture 
  • Study the principles and frameworks of security architecture, such as SABSA or TOGAF. 
  • Understand how security controls and mechanisms integrate with business processes and IT infrastructure. 

Acquiring Practical Experience

Acquiring practical experience is a vital component of the journey from security analyst to security architect. One effective way to gain practical experience is by seeking mentorship and guidance from experienced security architects or professionals who have followed a similar career path. Sun Tzu summed this concept up over 2,500 years ago: 

“Foreknowledge cannot be gotten from ghosts and spirits, cannot be had by analogy, cannot be found out by calculation. It must be obtained from people, people who know the conditions of the enemy.” 

Learning from their experiences, seeking advice, and gaining insights into the challenges and opportunities in the field can provide invaluable knowledge and direction. Additionally, actively participating in security projects and initiatives within one’s organization, such as risk assessments, security audits, or policy development, allows for hands-on experience and collaboration with cross-functional teams. This exposure helps to develop a broader perspective on security challenges and solutions. Furthermore, contributing to the security community through engagement in forums, online communities, and local meetups provides opportunities to network with other professionals, share knowledge, and learn from diverse experiences. By actively seeking practical experience through mentorship, project involvement, and community contribution, security professionals can accelerate their growth and development towards becoming successful security architects. 

  • Seek Mentorship and Guidance 
  • Find a mentor who is an experienced security architect or has a similar career path. 
  • Learn from their experiences, seek advice, and gain insights into the challenges and opportunities in the field. 
  • Participate in Security Projects and Initiatives 
  • Actively involve yourself in security projects within your organization, such as risk assessments, security audits, or policy development. 
  • Collaborate with cross-functional teams to gain a broader perspective on security challenges and solutions. 
  • Contribute to the Security Community 
  • Engage in security forums, online communities, and local meetups to network with other professionals. 
  • Share your knowledge, experiences, and insights through blog posts, presentations, or open-source contributions. 

We’ll pick up on the rest of Lester’s advice next week in part II!

Lester Nichols brings over 25 years of cybersecurity and technology leadership experience to his role as author. Currently serving as Director of Security Architecture and VP of Cybersecurity Operations at JPMorgan Chase & Co., he has previously held senior infrastructure and security positions in government, financial services, healthcare, and IT consulting sectors. 

Lester takes an architect’s approach to security, implementing holistic defenses tailored to each organization’s unique risks and objectives. He is known for his expertise in securing highly complex environments encompassing technologies from mainframe to cloud. 

A recognized thought leader, Lester has contributed to leading publications including the Computer Security Handbook 5th and 6th editions, as well as author of the Cybersecurity Architect’s Handbook. He holds a Master’s in Information Assurance and an array of cybersecurity certifications. 

With decades of experience spanning strategic planning, risk management, and hands-on technology, he provides seasoned perspective into the real-world practices of cybersecurity architecture.  

Find out more here: https://www.secdoc.tech/

Stay up to date with the latest threats

Our newsletter is packed with analysis of trending threats and attacks, practical tutorials, hands-on labs, and actionable content. No spam. No jibber jabber.

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

©
MORE STORIES
Security

How to Trick Hackers: Setting up a Honeypot using AWS 

Glen D Singh - 3