Azid's InfoSec Journey

During my preparation for the CEH, I used one resource that was very useful, Practical Ethical Hacking by Heath Adams on Udemy . This was such a good course. While studying for the CEH, I watched only the first few modules which covered the basics which I needed. Watching how the tools worked and how people use it was very useful in learning the methodology and the workings of the tool. After I passed the CEH, I decided to complete the Practical Ethical Hacking course because I really enjoyed it and learnt a lot while doing it. So I continued doing it and it is one of the best resources I have used to learn. The course covers the following: Networking Linux Python Information Gathering Reconnaissance Scanning & Enumeration Exploitation Post Exploitation Web App Penetration Wireless Penetration Exploit Development(Buffer Overflows) Active Directory There was a small refresher on Networking, I didn't have a problem with that as I already knew everything from studying for the CCNA

On July 10th I passed the CEH with 105/125 questions right and this is the write up to the exam and certification. I got really interested in the CEH because it was a well known certification and the syllabus really interested me. I also had a ton of recommendations online and from people in this industry saying that the CEH was a really good beginner level security certification. Details about the exam and course: I bought the course from the EC-Council website. There are certain requirements if you want to take this certification. You should either have 2 years experience or buy their online iClass to attempt the exam. As I did not have the required experience I bought the online course. The EC-Council website and how everything works with them is very confusing and I got very confused at times. But thankfully, the customer support answered all my questions and guided me through the buying process and the registration. The course costs $1100 USD in India but I bought the course durin

A few days ago I took my attempt for the CEH and passed with 105/125 questions right. Which is 84%! I'm really happy. I have been studying for the CEH for around 3-4 months. It is a moderately easy certification and I have have learnt a lot. Write-up coming soon! Thanks for reading! AZID

I passed the CCNA last year and I've seen this question asked a lot. So here's your answer. CCNA has little to do with Security and Security related beginner certifications like the Security+ and the CEH are better for Security related roles. But, to understand a lot of stuff in security you need a thorough understanding of networking concepts. You could just learn all of it for free on the internet, but certifications show a recruiter that you understand it and have been tested. Also, it looks really good on your resume. You will learn networking concepts that will help you when you start concentrating on Security. Topics like OSI layers and protocols, TCP/IP Model, TCP, UDP, IPv4, IPv6, ARP, DHCP, DNS,  MAC, Encryption, SSH, Telnet, FTP, NAT, SNMP, Routing and Switching protocols(OSPF, RIP, BGP etc). You will also learn key concepts in network security and general security like WiFi security protocols, ARP and DHCP attacks, threats, vulnerabilities, port securit

Hey there! I got the CCNA last year and the CEH was the next step in my mindmap . I completed the CCNA December of 2019 and got caught up with college for a while. I started studying for the CEH around March 2020. Here are the resources and methods I'm using:  1. Matt Walker All-in-One for CEH  I bought the CEH All in One guide from Matt Walker and I've been studying from that. The book was recommended by a lot of people on Reddit and other forums. 2. Matt Walker CEH Practice Exams I bought this book too and intend to use it and solve a lot of questions so I get as much practice as I can. 3. Boson Exams I had a really good experience with Boson practice exams during the CCNA studies and I'm going to stick with them for the CEH also. Boson played a huge role when I passed the CCNA and hopefully it can do the same for CEH. 4. Practice on the actual thing As I actually want to learn using the tools I'm practicing the tools and methods us

I did it! I passed the ICND2! I'm CCNA certified! I took the ICND2 on Saturday and passed with 884/1000. I passed the ICND1 in September. My write up of the ICND1 : https://azidsecurity.blogspot.com/2019/09/i-passed-icnd1.html I only got to study during nights and weekends. I worked hard for this certification. I followed the same methodology I did for the ICND1. Watched the CBTNuggets videos and take a ton of notes. Study from the Official Cert-Guide thoroughly from start to end. Practice with Boson. I had a deadline. My University exams start from December and the Saturday I attempted the exam on was the last day I could. I had to start preparing for my finals. When there was 10 days left I still had a lot to do, so I buckled up and finished the OCG, revised all topics from the notes I found on /r/ccna . I had around 3 days left when I took the first Boson exam and I scored 650. This made me stress out a lot and I panicked a lot. But I calmed myself down an

My third semester of college has just started. The first 2 semesters were the basics of Engineering. So we had common subjects like Physics, Chemistry and Engineering Mathematics. But now the core Computer Science Engineering subjects have started. These are the subjects I have and what I will learn from them.    Java  Into to Java, Program Control Statements, Arrays,Classes, Objects and Methods Inheritance, Polymorphism and Abstraction Strings Exception Handling Interfaces, Packages, Multi-thread Programming Enumerations, Auto-boxing, Annotations Generics, Streams, Swing Fundamentals Course Outcomes: Implement Object Oriented Programming concepts. Design a GUI using Java programs and Applets. Develop Multi-threaded Applications. Creating Custom Packages and Interfaces. Data Structures and Algorithms with C Asymptotic Notations and Analysis of Algorithms Stacks, Queues and Linked Lists Trees, Graphs Hashing Sorting, Searching and Priority Queues Cour

This is a Reddit post on the CCNA subreddit: Hey guys! I did it! I scored 896/832 and passed the ICND1. I had limited money and couldn't afford to fail the exam. I am so happy that I cleared the exam! I am a college student and travel 130kms everyday so I could study only from 8pm to midnight. I worked very hard for this exam. In my country, people usually go to training centers and bootcamps to clear this exam, but they usually use dumps and don't teach well. I WANTED TO ACTUALLY LEARN. I needed the knowledge of these topics because I want to get into cybersecurity. So I took the Self-Study path. I tried studying slowly from January of this year, but never really understood anything and just watched the videos for the sake of it. But when the Feb deadline news came I knew I had no option and became fully focused. I re-watched all videos and took ton of notes. Then moved on to the book and then finished with the practice exams. What I used: CBT

Finally! My summer holidays have started. I just completed my first year of college. I'm glad its done. Here is my plan for the Summer: 1. Finish the Official Cert Guide I am going to finish reading the CCNA Official Cert Guide by Wendell Odom. This will take me about a month and I would have finished studying for the CCNA by the time the next academic year starts. LAB EVERYDAY. I will have to practice for the CCNA using labs and practice exams. 2. Python  Finish the Automate The Boring Stuff With Python video course and book. Finish the Python Mega Course:Build 10 Real World Applications video course. Learn important modules and libraries Build a couple small projects and 1 big project(self). Use Git to save and control repositories. 3. TRY and learn the basics of JavaScript Thanks for reading!  AZID

So, this is what I did to learn IT fundamentals.  I knew that Comptia A+ was a really good cert which has a lot of topics and covers the basics of IT, so I decided to study for COMPTIA A+. I used Professor Messer's video's on YouTube. They were really helpful. Also, I used Cybrary . I didn't really get certified, I studied just for the knowledge. Thanks for reading! AZID

Ahhh yes, I haven't posted for a long time. Four months to be exact. This was because I got caught up with college. It was the first semester, and I really didn't do a lot. I got completely hooked into other stuff. I have to change that. I did try and learn more, but it wasn't really productive or frequent enough to actually learn. For 2019, I have made up my mind. I have to plan ahead and finish these plans. I have to make up some time for my Career. So I made goals. GOALS FOR 2019: 1. CCNA, GNS3  I have to get my CCNA. This is my main goal. This is the certification which is going to start my InfoSec career. Why am I doing the CCNA?   2. Advanced Programming in C, PYTHON, JAVASCRIPT. This is where I start using code to build and start using Git. I need to start contributing to projects and improve my knowledge in programming. Also, I have to learn PHP/React.js. And get my web app skill to the next level. 3. START USING LINUX, BASH

Writing down goals at the end of a month for the next month should probably motivate me to complete those goals! So, Here are my goals for August: 1. Start studying for CCNA My yearly goal is to become CCNA certified by the end of the next academic year of college. I need to start studying for CCNA. 2. Install Linux on my PC and remove Windows completely! Okay, this is the only way I can fully be immersed in learning how to use Linux like a pro. 3. Write at least 7-9 blogs this month. I want to maintain this blog and keep it active. Thanks for reading! AZID.

Information security is a very broad field.  No one is an expert in everything (i.e., risk management, application security, security awareness, policy development, etc.)  How quickly one becomes an expert also depends deeply on how much of a background one has in computer science, information technology, business management, and other related fields.  So the title is 5 Year Path To Success in InfoSec: The Basics of Becoming an InfoSec Expert in 5 years! This amazing web cast (TL;DR below) shows you the basics of becoming an expert in 5 years, I recommend you to watch it. But, for the lazy: tl;dr: Year one: Focus on core concepts (OS, networking, etc) Networking: Simulators . Get some gear, etc. Learn bash. Learn Python . Year two: start projects, learn PowerShell Year three: year of web apps PHP and ASP.Net Develop something Year four: start hacking Learn IDA and Immunity Pick a protocol and dive into it Online challenges Y

This is the first step I took in learning. I had to learn coding and my amazing Googling skills thought me this. Programming is not necessary for InfoSec, but knowing how to program definitely helps and makes your job easier. Let me make this simple: From what I have learned, you only need to know these: C/C++/Java Python JavaScript and PHP   Bash Scripting  Now let me explain. You need to learn any one of  C/C++/Java. Why? These languages teach you the "basics" of programming. C is pretty much used to build every OS.  It is an early language that will teach you the fundamentals of programming. C++ is big brother of C. It will teach you what you didn't learn in C. Java is a more modern version and is the most used fundamental programming language. It is easier to learn than the other two. If you learn learn C/C++ first and then move to Java it will be quite easy. But, if you learn Java first and then want to move to C/C++ it will be very hard.

I found a thread on Reddit. The OP had the same dreams as I did and he was my my age too. This got me interested. He had created a mind-map of his career path in InfoSec. This mind-map was perfect for me. It had everything I wanted/had to do and more. This created a motivation for me because I had to achieve what was in the mind-map. Open image in new tab for full size. Courtesy of /u/pimpslapper This is perfect for what I had to do. It is like a to-do list for my career. I started working on it slowly. I may have changed it a bit here and there, but this is the main idea. In my following blogs, I will be posting the changes I made in this and why I did so. Thanks for reading! AZID

Two Words: Career Journal This is basically a journal to my journey in InfoSec. It helps me keep tab of things and keeps me motivated. What I want to accomplish with this blog: My goal is to inform people about my findings, projects and share the resources I used to learn. Image courtesy: @hackersclub The title for this post was: “Why did I create this blog?” and although I have partly covered why I created it, there are a number of other reasons that I will discuss other posts! Thanks for reading! AZID

A few years back, as a pre-teen who watched a lot of movies, I was fascinated by hackers. Honestly, this is what got me into security. To see "hackers" do what they did made me feel like they were invincible. But as I grew up, I found out about what actually a "hacker is. This is when I thought, my career is going to based on InfoSec. My learning started when I started looking up how to hack stuff on Google. It started with me phishing my friends and pranking them by telling them I read their mind to find their password. It was really fun. When I was 15, all my friends started planning their career and made maps of what they wanted to do. I found out it was time for me too. So I did all the Googling I could to make my own plan. It was not perfect. But it got me started. Now, here I am an 18-year-old student, who is trying to make a career in what he wants to. InfoSec.