Cybersecurity certifications, industry, and career Q&A stream! CompTIA Security+ and OSCC included. скачать в хорошем качестве

Cybersecurity certifications, industry, and career Q&A stream! CompTIA Security+ and OSCC included.

What Happened This Stream? 🚨 Our first stream moving over to Twitch for our FAQing Friday series! we talked about Cybersecurity careers, job postings & resume questions, certifications and the differences in positions! What are FAQing Fridays? 🗓️ Want to learn a little Cyber Defense tradecraft or brush up on some areas? or maybe just chat about certain topics? Welcome to FAQing Fridays hosted on our Twitch channel! FAQing Friday is live every Friday at 12PM EST typically 30m to 1hr. All are welcome to join in and ask questions as we go. Beginner to advanced friendly! Website: https://leveleffect.com Discord:   / discord   Twitch:   / leveleffect   Newsletter & Blog: https://news.leveleffect.com/ Leave your questions and comments below or in our Discord and we'll be happy to answer or help! Recorded: Aug 2nd 2024 Timestamps ⏳ 00:20 - Detection Engineering is looking at reflective activity of malicious behavior 01:20 - Get experience by Blue Teaming or mixing Red and Blue 03:10 - Does Digital Forensics require more training? 05:40 - Is DFIR like “recovery” ? 07:00 - SOC Analysts still perform some level of DFIR too 07:30 - Being a T-Shaped specialist is recommended 09:45 - Security branched from IT, generalists needed at first 11:30 - SOC analysts are like firefighters, eventually you need to stop the fire from happening 12:25 - Cybersecurity specialists stop fires from happening 14:40 - CISSP is a management cert! 15:30 - GRC typically goes toward CISSP due to specializing on governance 16:20 - Entry-level SOC Analysts requiring CISSP is not asking for SOC Analysts 17:20 - Is Security Engineering higher up than DFIR? 17:50 - Security Engineering as a discipline finding IT and Security solutions to business needs 18:50 - CompTIA Security+ is and isn’t a basic cert 19:20 - How has marketing influenced your opinion on Sec+? 19:50 - What do you think the point of Sec+ is? 20:10 - Is it a check in the box? 21:00 - Security+ is actually to test for literacy for terms, definitions, and description matching 22:00 - Security+ doesn’t test you to compare and contrast varying criteria for a solution 22:40 - Describe a vuln scanner = Sec+ 22:55 - When you would want to use a vuln scanner vs manual = where Sec+ fails 23:15 - Sec+ isn’t bad though! literacy is needed to speak and think in Cybersecurity terms 25:10 - Good to have, preferred, but shouldn’t be a requirement, shows literacy which is helpful! 25:25 - You can gain literacy by doing the work though 26:45 - OSCP has a defensive course? OSCC? 29:25 - It costs $899 !?!?!? 30:00 - Good coverage but it's basic, and you're paying for the brand at that point 31:15 - OSCP is a good cert! … for testing your knowledge on already vulnerable systems 31:50 - OSCP does not test your ability to perform the rest of pentesting (reporting, presentation, vuln management, etc.) 32:25 - Good to test you on ways that things can be misconfigured though! 33:00 - OSCP does not mean you are immediately a good pentester 34:45 - Get your OSCP for one piece of the puzzle 35:30 - You still need report writing and communication skills 36:40 - OSCP doesn’t mean you get a job, you need the other components still 37:40 - 1/3 of it is the vulnerability and exploitation side, 2/3 of it is almost Blue Team centric 38:20 - Build a home lab ! write a report on an exploit and how prevent it! do that with your OSCP and you’re solid 40:00 - CySA+? Study the objectives of CySA+! but 4 years to get it is a bit much 40:40 - Still just a literacy test though 41:40 - Better off getting more practical Blue Team certs 42:10 - Get the BTL, CCD, and our CDCP and home lab! 42:50 - How do you build a home lab then? (added to comments here and in our Discord) 43:34 - Windows box, DC, config it, compromise WIndows, then triage it with another Windows box for a home lab 44:00 - Once configured, write reports, post it on a blog! 44:15 - What box of warhammer is in the back? (the important stuff :D ) 45:30 - Is the home lab the same a project? no it’s better! because it’s relative 47:00 - curious to see the cyber set up? maybe in a coming session! but we have videos on our youtube 48:25 - Better certs than CySA+? 1st - home lab, then BTL, CCD, and our CDCP! 52:00 - Yes there are changes in the Live CDA Program, the self-paced content is better now 53:30 - Live training is good, but costly! it can still be done self-paced for an accessible pace, live = pay for instructor to walk you through it, get feedback