Throughout all these years I have met people, especially students, who want to make a career in Security. So here I am listing out several questions asked commonly and I will try to answer them appropriately.
Q) What should I learn in Security?
A) It depends on what you already know, and what your interest is. Typically, students go for any exam like CeH or similar which is a good entry-level certification. But to carve the niche, you need to look forward to specialization into areas like:
- Network Security
- Web/Application Security
- Malware Reverse Engineering
- Digital Forensics
- Penetration Testing
- Vulnerability Management
You may be interested in Management-level tasks like Operations Security, Business Continuity Planning, Cyber-crime Investigation, etc, too. Just remember that you dont need to learn everything in order to be the master of one area.
Q) What kind of prior knowledge should I have before stepping into Security area?
A) Most Security programs are made up for people who dont have any prior expertize in security. However, understanding the concepts properly heavily relies on the following areas:
- Networking Concepts
- Operating System Concepts
- Linux Commands and Functions
- Programming in C/Perl/Python
- HTML, XML fundamentals
Q) Do I need to learn programming for learning security?
A) It is not necessary, but if you know programming, it would be better. This is like asking a question, Do I need to learn how to ride a bicycle before I drive a motorbike?.
The truth is, if you know program you have the following benefits:
- Elite Hackers develop their own tools. If you can not write your own tool, you might not be of any match against them.
- Many security programs are open-source. You can find out the bugs and errors in the code from the program, and not only that; you can also extend the functionality for your usage.
In the next post, I will write more of the questions. If you have a question, you can post me on firstname.lastname@example.org.