2.2.5 Lab Becoming A Defender

Lab – Becoming a Defender

Objectives

Research and analyze what it takes to become a network defender.

Part 1: Conduct search of Certifications.

Part 2: Investigate positions available within cybersecurity

Background / Scenario

In our technology-centric world, as the world gets more connected, it also gets less safe. Cybersecurity is one of the fastest growing and most in-demand professions. Individuals in this field perform a wide variety of jobs including, but not limited to, consultation, investigation, and program management services to mitigate risks from both internal and external sources. Cybersecurity professionals are required to evaluate, design and implement security plans, conduct in-depth fraud investigation, perform security research and risk assessment, and propose solutions to potential security breaches.

Individuals with good security skills have a great earning potential. To be considered for one of these high paying jobs, it is very important to have the proper qualifications. Because of this, it is important to consider the industry certifications available for this career path. There are many certifications to choose from. Selecting the right certification(s) for you requires careful consideration.

Note: You can use the web browser in the virtual machine that was installed in a previous lab to research security-related issues. By using the virtual machine, you may prevent malware from being installed on your computer.

Required Resources

  • PC or mobile device with internet access and virtual machine (optional).

Instructions

Conduct search of Certifications.

        1. Use your favorite search engine to conduct a search for the most popular cybersecurity-related certifications. List them below with the organization that provides the certification.
  1. Certified Information Systems Security Professional (CISSP) – Provided by (ISC)²
  2. Certified Ethical Hacker (CEH) – Provided by EC-Council
  3. CompTIA Security+ – Provided by CompTIA
  4. Certified Information Security Manager (CISM) – Provided by ISACA
  5. Certified Information Systems Auditor (CISA) – Provided by ISACA
  6. Offensive Security Certified Professional (OSCP) – Provided by Offensive Security
  7. Certified Cloud Security Professional (CCSP) – Provided by (ISC)²
  8. GIAC Security Essentials (GSEC) – Provided by GIAC (Global Information Assurance Certification)
  9. Cisco Certified CyberOps Associate – Provided by Cisco
  10. Certified in Risk and Information Systems Control (CRISC) – Provided by ISACAPick three certifications from the list above and provide more detail about the certification requirements and knowledge gained i.e.: vendor specific or neutral, number of exams to gain certification, exam requirements, topics covered etc.
        1. 1. Certified Information Systems Security Professional (CISSP)
        2. Provider: (ISC)²
        3. Vendor-Neutral: Yes
        4. Requirements: Minimum of 5 years of work experience in at least two of the eight domains covered by CISSP.
        5. Exams: 1 exam, 100-150 questions (adaptive, 3 hours).
        6. Topics Covered: Security and Risk Management, Asset Security, Security Architecture, and Engineering, Communication and Network Security, Identity and Access Management, Security Assessment, Security Operations, and Software Development Security.
        7. 2. Certified Ethical Hacker (CEH)
        8. Provider: EC-Council
        9. Vendor-Neutral: Yes
        10. Requirements: 2 years of work experience in Information Security or completion of EC-Council training.
        11. Exams: 1 exam, 125 questions (4 hours).
        12. Topics Covered: Footprinting and Reconnaissance, Scanning Networks, System Hacking, Malware Threats, Sniffing, Social Engineering, Denial of Service, Session Hijacking, Hacking Web Applications, SQL Injection, and Penetration Testing.
        13. 3. CompTIA Security+
        14. Provider: CompTIA
        15. Vendor-Neutral: Yes
        16. Requirements: No formal prerequisites, but recommended to have 2 years of experience in network security.
        17. Exams: 1 exam, 90 questions (1.5 hours).
        18. Topics Covered: Threats, Attacks, and Vulnerabilities, Security Technologies and Tools, Identity and Access Management, Risk Management, Cryptography, and Secure Software Development.

Investigate positions available within cybersecurity

Glassdoor is one of the largest job sites worldwide. Using your browser of choice, access glassdoor.com and search to find cybersecurity jobs available that were posted within the last two weeks. Adjust the search as you would like. You can search for jobs in your area or an area that you would like to live and work in.

Questions:

        1. How many new job listings were posted within the last two weeks?
        2. 4,617 Cyber security jobs using Glassdoor within last two weeks.
        3. What is the salary range for the top 10 listings:
          1. Cyber Security SOC Manager Remote $70.00 – $80.00/hr (Employer est.)
          2. Cybersecurity Manager $65K – $85K/yr (Employer est.)
          3. Cyber Security SOC Manager $70.00 – $80.00/hr (Employer est.)
          4. Sr Cyber Security Associate $120K – $127K/yr (Employer est.)
          5. Manager, Client Security Integrations $190K – $920K/yr (Employer est.)
          6. Implementation Engineer $42.74 – $55.00/hr (Employer est.)
          7. Technical Support Engineering (Cyber Security Incident Response) $83K – $183K/yr (Employer est.)
          8. Cybersecurity Engineer $54K – $98K/yr (Employer est.)
          9. Cyber Security & IT Diligence Specialist Pay: $85,000.00 – $100,000.00 per year
          10. Cyber Security Analyst $100K – $118K/yr (Employer est.)
        4. What are the most common qualifications required by employers?
  • Bachelor’s degree in Computer Science, Information Technology, or a related field.
  • Experience with network security and information systems.
  • Hands-on experience with firewalls, VPNs, and security systems.
  • Knowledge of cybersecurity frameworks such as NIST, ISO 27001, or PCI DSS.
        1. What industry certifications are required by these employers?
  • CISSP (Certified Information Systems Security Professional)
  • CEH (Certified Ethical Hacker)
  • CompTIA Security+
  • CISM (Certified Information Security Manager)
  • OSCP (Offensive Security Certified Professional)nswers here.
        1. Do any of the certifications match the ones that you found in Step 1a?
        2. Yes, many of the certifications required by employers, such as CISSP, CEH, and CompTIA Security+, match those found in Step 1a.
        3. Investigate online resources that allow you to legally test your hacking skills. These tools allow a novice with limited cyber security experience to sharpen their penetration testing skills. One such site is Google Gruyere (Web Application Exploits and Defenses). What kinds of challenges can you find?
        4. On platforms like Google Gruyere, you can find web application security challenges that simulate real-world exploits. Common challenges include:
  • Cross-Site Scripting (XSS) attacks.
  • Cross-Site Request Forgery (CSRF).
  • SQL Injection.
  • Data exposure vulnerabilities.
  • Access control flaws.

Other popular platforms for practicing ethical hacking include Hack The Box, TryHackMe, and OverTheWire. These platforms offer various challenges, from beginner to advanced, allowing users to hone their penetration testing and hacking skills legally and safely.End of document