Syed Ahmed
asked on
New Cyber Security Position
Hi all, I have been a System administrator for around 10 years now and have recently moved into Cyber Security department internally. I am not so good at Networks and Network security. Would need your suggestions on where to start in order to get myself good at Networks and Network Security. Please note that I have completed Network+ and Security+ already.
Go to the site where the software your company is using and see if they offer Free training of the software you will be using. As an Example: Tenable Education , You can also get a Free copy of the software for personal Lab use to get more familiar with configuring and using it.
Good that you have completed the foundation. I think what would be useful is to be able to risk assess and understand the threat faced in securing the network and one means is even go into network penetration testing (watch this). Of course there are other aspects which really depends on the security device that your org used and you should take further steps to get trained. Architecture is another but I think it can be a leap if you are still concern with the basics which you can beef up and apply first more project engagement - On job training.
Cyber Network Security – covering core knowledge, necessary network applications, network design, protection components, firewall, etc.
Network Security – for beginner covering the basics of TCP/IP, port scanning, sniffing, firewall, honeypot, network design, etc.
Security blogs by CISCO have plenty to offer. Many influencers and security experts share their knowledge so you can keep your knowledge up-to-date.
Cyber Network Security – covering core knowledge, necessary network applications, network design, protection components, firewall, etc.
Network Security – for beginner covering the basics of TCP/IP, port scanning, sniffing, firewall, honeypot, network design, etc.
Security blogs by CISCO have plenty to offer. Many influencers and security experts share their knowledge so you can keep your knowledge up-to-date.
The best way to stay up-to-date to follow SANS for the latest curriculum announcements, tips, and resources.
sans.org/cloud-security
sans.org/blue-team
digital-forensics.sans.org
ics.sans.org
sans.org/cybersecurity-leadership
sans.org/offensive-operations
You can start studying for the CISSP exam (I strongly suggest CISSP certification). The CISSP is not an entry-level certification; earning the CISSP enables many professionals – not just management and senior leadership – to help demonstrate their expertise.
https://www.isc2.org/Training/Self-Study-Resources
https://wentzwu.com/2020/08/07/10-tips-for-passing-cissp-a-madunix-note/
https://thorteaches.com/cissp-process-guide-fadi-sodah-madunix/
https://www.experts-exchange.com/articles/34791/Passing-CISSP.html
sans.org/cloud-security
sans.org/blue-team
digital-forensics.sans.org
ics.sans.org
sans.org/cybersecurity-leadership
sans.org/offensive-operations
You can start studying for the CISSP exam (I strongly suggest CISSP certification). The CISSP is not an entry-level certification; earning the CISSP enables many professionals – not just management and senior leadership – to help demonstrate their expertise.
https://www.isc2.org/Training/Self-Study-Resources
https://wentzwu.com/2020/08/07/10-tips-for-passing-cissp-a-madunix-note/
https://thorteaches.com/cissp-process-guide-fadi-sodah-madunix/
https://www.experts-exchange.com/articles/34791/Passing-CISSP.html
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would recommend this book which covers security audit checklists and areas you will need to focus on in your new role:
https://www.oreilly.com/library/view/it-auditing-using/9781260453232/
It will reference many security tools to make your life easier, improve visibility on risks etc.
CIS Top 20 is another insight into the various sub-sections of cyber security, and best practices to implement. You could assess your current compliance to these generally accepted best practices and identify weak spots and areas for improvement to increase cyber security efforts in your company, which is what your employers will want from you:
https://www.cisecurity.org/controls/cis-controls-list/
https://www.oreilly.com/library/view/it-auditing-using/9781260453232/
It will reference many security tools to make your life easier, improve visibility on risks etc.
CIS Top 20 is another insight into the various sub-sections of cyber security, and best practices to implement. You could assess your current compliance to these generally accepted best practices and identify weak spots and areas for improvement to increase cyber security efforts in your company, which is what your employers will want from you:
https://www.cisecurity.org/controls/cis-controls-list/