ITPro.TV: CompTIA Security+ (SY0-601) & TryHackMe: Jr. Security Analyst Intro

author: Nathan Acks
date: 2022-02-22

(So, I didn’t get to start this yesterday as I’d planned, because I needed to take The Yak Online Governance Primer live instead!)

It’s time to get down to business… Up until now, I’ve been trying to bring myself up to speed on the fundamentals. Now it’s time to actually start earning some certifications! First up: The CompTIA Security+.

I’ll be working on this by alternating episodes of ITPro.TV’s Security+ course and TryHackMe’s Jr. Penetration Tester path.

ITPro.TV: CompTIA Security+ (SY0-601)

Threats, Attacks, and Vulnerabilities: Overview

Recommended materials:

Based on the Amazon reviews, I decided to go with the second of these, even though the instructors indicated that they were not going to be following it closely.

The instructors are recommending an A+ or Networking+ certification before this. I don’t have that, so we’ll have to see how well I do.

The test itself is (up to) 90 question that are a mix of multiple-choice, drag-and-drop, and simulation. Passing score is 750/900 (so, ~75 questions correct). It’s currently $381 to take.

Social Engineering Techniques

Basic terminology:

Social engineering is an attack against people: “Bad people tricking authorized users.” Generally the social engineer (threat) tries to leverage (attack) common psychological traits (vulnerabilities) in order to gain access to a system, obtain sensitive information, or forward some other objective.

Types of phishing:

There’s also spam and “spim” (instant messaging spam), which can be phishing, but can also just be annoying.

Phishing may not always involve credential harvesting; it can also be about installing malware, or even just getting someone to perform an action on behalf of the attacker (so, I guess gift card scams are actually a form of phishing…).

Techniques:

TryHackMe: Jr. Security Analyst Intro

A Career as a Junior (Associate) Security Analyst

Basically, this role is all about monitoring and triage. Maybe some application configuration.

This is what you want a Security+ certification for (oh, hi there).

Security Operations Centers (SOCs) are typically divided into three tiers:

Security Operations Center (SOC)

Interesting shout-out to Feedly as a threat monitoring tool. I periodically return to Feedly, but can’t help shake the feeling that I’m missing something that would help me use it more effectively…