Getting Started in Cybersecurity -- Nicholas Marks




Author: Nicholas Marks


This paper is directed towards students who are interested in getting started in Cybersecurity. Among some of the most important technical and soft skills I believe these tips have helped me personally along my journey from high school through college and into my first position in Information Security.



Foundational Skills:

Start with your foundational skills, these are the most important. Skills involving Math, Science and Logic will help you immensely. I want to emphasize Logic would be known as Boolean Logic or Propositional Calculus. In order to be successful in coding you will be using Logic skills to write your conditional statements. Truth tables will be very crucial to deciphering what is actually happening in the code you are looking at or working on. Practicing Discrete Math and the accompanying topics will help build analytical, critical thinking, and logic skills.



Passion Projects:

A fun technique to practice your skills is to incorporate your passions and hobbies. Some great starting points for projects would be arduino, scratch, raspberry pi, and even minecraft! I believe the latest version of raspberry pi allows you to run a minecraft server and you are able to develop in languages like java or python to create your own mods. You can even create simple and complex circuit designs in minecraft. After you have learned a language try to write a simple game like Tic-Tac-Toe, a sudoku solving program, or find an idea that you like. I have a passion for music and I was able to learn about Digital Signal Processing techniques. It was amazing to learn how similar sound waves are to physics topics. Learning skills that are transferable to multiple operating systems or workloads will help you become familiar to varying graphical styles. As a developer you would want to learn many programming languages and git.



Portfolio:

Start working on your website and portfolio. You are able to create a free hosted site on github through github.io. Then I would also suggest learning cloud services like AWS, Azure, Google Cloud Platform, Digital Ocean, or Linode. Many of these websites have trial periods, learning labs and extensive documentation on how to build web-apps on the cloud. Your portfolio should include any projects that you have done on your own or in school. If you need help for inspiration you may be able to find some suggestions from Ted Talks, instructables.com, Arduino, or Make.com projects.



Continued Learning:

One important thing to remember is to never stop learning! Your hunger for knowledge will allow you to stay versatile in a work environment which changes rapidly. Don’t forget to read the manual and help pages if you are stuck on a topic or to use a search engine to find more information. For more advanced topics I would suggest working with virtual machines like VMWware, or Virtualbox. Some websites like HackTheBox and TryHackMe have very good learning labs and CTF style challenges. Wargames are also a great way to work on your linux skills. I will share some of my favorite links at the end of this paper.



I hope that these insights will help you on your journey in CyberSecurity!


Additional Resources


Scratch: https://scratch.mit.edu/

Snap: https://snap.berkeley.edu/

Git/Github: https://github.com/

Github.io: https://pages.github.com/

W3Schools: https://www.w3schools.com/

LinuxJourney: https://linuxjourney.com/

CodeAcademy: https://www.codecademy.com/

HackInScience: https://www.hackinscience.org/exercises/

HourOfCode: https://hourofcode.com/us

Code.org: https://code.org/learn

Discrete Math: http://discrete.openmathbooks.org/dmoi3/preface-2.html

Khan Academy: https://www.khanacademy.org/

Instructables: https://www.instructables.com/

HackerRank: https://www.hackerrank.com/

LeetCode: https://leetcode.com/

CodeKata: http://codekata.com/

Zardus/Wargames: https://github.com/zardus/wargame-nexus

PwnCollege: https://pwn.college/

NIST Job Descriptions: https://www.nist.gov/itl/applied-cybersecurity/nice/events/national-cybersecurity-career-awareness-week/discovering

NIST HeatMap: https://www.cyberseek.org/heatmap.html

DoD Approved Certifications: https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/

Security Certificate Road Map: https://pauljerimy.com/security-certification-roadmap/

TryHackMe: https://tryhackme.com/

HackTheBox: https://www.hackthebox.eu/

DVWA: https://github.com/digininja/DVWA
Vulnerable Practice Machines: https://www.vulnhub.com/

OWASP Top 10: https://owasp.org/www-project-top-ten/

Portswigger: https://portswigger.net/web-security

The Art of Hacking: https://github.com/The-Art-of-Hacking/h4cker

Sam Bowne: https://samsclass.info/

Irvin Lemus: https://www.infosecirvin.info/

The Cyber Mentor: https://tcm-sec.com/so-you-want-to-be-a-hacker-2021-edition/