|
|
|
|
|
|
by rjprins
4532 days ago
|
|
|
Certifications are nice, but that does not necessarily make people a good IT security specialist. There is no clear path, but there are many facets to learn about: * Web application security and popular attacks (such as https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Proje...)
* System and network security (learn to use BackTrack http://www.backtrack-linux.org/)
* Understand and learn how to use crypto: e.g. known crypto algorithms and what they are good for, learn how to apply disk crypto, learn how SSL works, know how you should do password hashing.
* Learn about phishing and social engineering
* Learn about malware, botnets, and zero-day exploits. Learn about all of them but try to become an expert on just one of these subjects by playing with tools. For example, set up a honey pot system to capture malware. Then try to find the malware on it, and then try to reverse engineer it. |
|
|