1. What is Network Security
Network security can be classified based on the perspective of attack and defense. The "red team" and "penetration testing" we often hear are research on attack technology, while the "blue team", "security operation" and "security operation and maintenance" are research on defense technology.
Regardless of the field of network, web, mobile, desktop, cloud, etc., there are two sides of attack and defense. For example, web security technology includes both web penetration and web defense technology (WAF). As a qualified network security engineer, you should be both offensive and defensive.
2. The Prospect of Network Security
There is a large demand for talents and a large market vacancy, such as the popularization of Internet of Things network applications and the popularization of 5G, etc., will increase the demand for network security positions.
In the long run, network security will only become more and more popular, and the rise of intelligent disciplines will definitely drive the development of new network security technologies.
Three future development directions of network security: network security (safety protection), cloud-native security, and the application of AI in network security (ChatGPT)
Large room for development:
Within the enterprise, network engineers are basically in a "double high" position, that is, high status and high salary. Wide range of employment, one specialty and many skills, practical experience applicable to various fields.
Great value-added potential:
Mastering the core network architecture and security technology of the enterprise has an irreplaceable competitive advantage. Career value With the enrichment of one's own experience and the maturity of project operation, the appreciation space is bullish all the way.
Long career life:
The focus of the work of network engineers is on the construction and maintenance of enterprise information, including technical and management work. The work is relatively stable. With the continuous growth of project experience and in-depth understanding of the industry background, the older you are, the more popular you will be.
Finally, I can tell you here with certainty: "Network security has good development prospects, and cutting-edge network security technologies are about to rise, or have already risen."
3. There is a lot of knowledge about network security, how to arrange it scientifically and reasonably?
If you have decided to start learning network security, then I suggest you take a look at what I said below, specific to each knowledge point, the total self-study time is about half a year, and the personal test is effective (there is a surprise at the end of the article):
Phase 1: Security Basics
Network Security Industry and Regulations
Linux Operating System
Computer Network
HTML PHP Mysql Python Basic to Practical Mastery
Phase Two: Information Gathering
IP information collection
Domain name information collection
Server information collection
Web site information collection
Google hacking
Fofa network security mapping
Phase Three: Web Security
SQL Injection Vulnerability
XSS
CSRF Vulnerability
File Upload Vulnerability
File Inclusion Vulnerability
SSRF Vulnerability
XXE Vulnerability
Remote Code Execution Vulnerability Password
Brute Force Cracking and Defense
Middleware Parsing Vulnerability
Deserialization Vulnerability
Stage Four: Penetration Tools
MSF
Cobalt strike
Burp suite
Nessus Appscea AWVS
Goby XRay
Sqlmap
Nmap
Kali
The fifth stage: actual combat digging
Vulnerability mining skills
Src
Cnvd
public testing project
Popular CVE vulnerabilities reappear
Shooting range combat
at last
The learning framework learning route has been fully formulated, and the next step is to follow the learning with resources.
If you want to learn, I can share all my own study notes, all knowledge points and all content, including e-books, interview questions, pdf documents, videos and related courseware notes.
If necessary, attention will be sent automatically
I hope everyone can learn and become an excellent network security engineer!