Chaotic Security Blog

My practice test scores are starting to even out a bit. I seem to be getting more passes now than I was with failures before. This is good. I also discovered a course on Udemy that seems good by Dion Training. It will help to break up the book learning and reinforce what I have been learning with video lessons.  It also has a set of practice tests that I can go through.

Reading through more of my Exam Cram Security+ book. Some of the sections on governance are a bit confusing, but I have to remind myself that most of this is for their higher-level executive types who would have to worry more about a company’s compliance with things like GDPR and other global compliance standards. Good information to know, but may not come into play in the normal day-to-day cybersecurity analyst stuff.

After working through a few weeks on the TryHackMe site I finished up both the Into to Cyber Security and the Pre Security routes. A lot of fun lesson in them. Now to start work on the SOC Level 1 as that is my goal. Looking forward to the challenges and items with in. 

In my Exam Cram Security+ book it comes with the ability to access some Security+ practice tests as well. I tried out a few of them today and didn’t pass them but got maybe 50% of the questions right. So my past knowledge does count for a little something, but many topics just haven’t been covered yet as I am still reading the book. Lots of guessing some of those items, but even getting things wrong is part of learning as well.

As I have been watching YouTube cybersecurity videos one of the things they also seem to recommend is listening to cybersecurity podcasts as well. This is to help build knowledge of the cybersecurity landscape as it is always changing and new threats emerge you can be aware of them. In watching Josh Madakor YouTube channel he mentions two podcasts that he enjoys. 

CyberWire Daily is a daily podcast by N2K that covers various cybersecurity news and has guests on to speak about the cybersecurity landscape. It is pretty informative and it is daily so there are always new episodes to listen to. 

DarkNet Diaries podcast is about cybersecurity but almost in a different form. It seems to cover security from a more underground  DarkNet perspective. One of the episodes I was listening to recently covered some of the cybersecurity “gangs” out of places like Nigeria, Yes, the same old Nigeria Prince email, but it takes it on a much deeper trip as to how their organizations are laid out and their belief system related to hacking and money extraction. It was a pretty interesting listen as it dealt with the darker side of the web and the cyber threats within. 

Been going through some of the TryHackMe learning paths. Their content is layed out in various paths depending on where you want to start your learning. So I have been working through the pre-security path. This path covers a lot of the basics of CyberSecurity like networking items and many fundamentals of cybersecurity using both Linux and Windows-based systems. 

I like this as it shows both sides of things, plus I always need more study in the Linux area of things. It has never been strong for me as far as usage as I have always been a Windows person. I can see in a lot of cybersecurity tools and techniques that Linux is important to know as well. So I appreciate being able to get more knowledge in it when I can. 

Been checking out more cybersecurity videos on YouTube. My book is great to study in but even taking a break from the constant reading is a good thing from time to time. So I came across two YouTube channels that I like. One is for Josh Madakor. He builds a lot of his lessons to help people get started in Cybersecurity and presents projects they can build and work on as well as job interview advice as well. 

The second page is Cyberwox. This page was created by a person who had no cybersecurity knowledge and built his knowledge in much the same way I doing. Building projects, getting certifications, and building a Youtube page/community so he can relay his information to others. He has transitioned into the industry like many others from a non-technical background into a technical one that has greatly increased his earning potential. 

This is another angle I need to work on which is building a cybersecurity portfolio of projects I have worked on and continue to work on this blog to document my cybersecurity path to show prospective employers. 

Continuing with my studies via my book and a few online tutorials. I did get around to trying the TryHackMe site. I will say I have quite enjoyed it. It has a blend of reading and video materials along with some “gamification” of cybersecurity which makes it interesting to log into the virtual environments and take you along paths to answer questions related to the topics you have just learned. I might have to sign up for a month and see how I like it

Was over on LinkedIn today and was looking at some of the Cybersecurity videos on the site via LinkedIn Learning. Some good information on them and at the end of one of them it mentioned a cybersecurity site that offers more training and some simulated tools called TryHackMe.com. I might have to check this one out. 

Reading the Security+ book over the last week it is interesting to see how much the exam covers. I am mostly interested in working more as a Cybersecurity Analyst, but the Security+ exam is built around the world of security so it would also be something that even the management level would need to have. Good for training yourself up and even advancing your career if you are interested in moving to a management role in a company.