Network security is not difficult, getting started with network security is even easier! But don't be fooled by its mysterious appearance.
As long as you listen carefully to my explanation, although there is no guarantee that you will become a master, you can still reach the entry level even if your learning ability is poor.
Speaking of network security, some people may be unfamiliar with it, so I will use another word to describe it: hacker (it seems inappropriate)
But hackers are not all doing bad things. There are many categories of hackers, such as the following:
- White hat hackers: White hats are some core figures who are engaged in research and maintenance of computer security and network security in large companies or national security. They simulate hacker attack methods to protect against threats brought by attacks, and play a decisive role in network information security. role.
- Black hat hackers: Black hats specialize in studying vulnerabilities, viruses, and Trojans that can attack computers, networks, and servers, causing information loss and network paralysis.
- Red Hat Hackers: Red Hats are different from White Hats and Black Hats. Red Hats are not restricted. They often study things they are interested in and use their own security protection and attack methods to maintain computer or network information security problems.
- Script kiddies: Script kiddies are mainly people who are good at using hacking tools but cannot program themselves.
- The first generation of hackers: Originally derived from the English hacker, it had a positive connotation in the American computer industry in the early days. They are all highly skilled computer experts, especially programmers, which is a general term.
- Hacker/Breaker: It is the transliteration of "Cracker", which means "cracker". Engaged in malicious cracking of commercial software and malicious intrusion into other people's websites. Similar to hackers, in fact, hackers and hackers are essentially the same, those who break into computer systems/software. There is not a very clear boundary between hackers and "crackers", but as the meanings of the two become increasingly blurred, the public's treatment of the two meanings has become less important.
Generally speaking, this is a group of people who love to study technology, and we cannot beat them to death with a stick.
Okay, let's get back to the topic, the main purpose of this article - where should beginners who learn network security from scratch (white hat hackers) start.
Before starting to learn, we must first understand the classification of network security positions, because the learning paths and learning methods of different positions are also different.
We do not list emerging technologies, even traditional security positions: security product engineers (or after-sales engineers), security consultants (pre-sales engineers), penetration testing engineers, sales, security development engineers, security operation and maintenance engineers, emergency response engineers, Level protection assessor, safety service engineer. There are generally so many, and other niche positions will not be listed one by one.
General work contents or responsibilities of safety positions
After-sales Engineer: After-sales service work for safety products, including delivery and implementation of safety products, after-sales support, and product debugging and release. For example, if a customer buys our firewall, we need to send someone to install and debug it. We cannot let the customer install it by themselves. This is the main work content of product engineers or after-sales engineers.
Pre-sales engineer: Mainly assists sales in completing orders. To put it simply, it means cooperating with sales. One is responsible for business relations (eating, drinking, giving gifts and entertaining guests) and the other is responsible for technical solutions (solving customer pain points). The two of them work together to win the project. .
Penetration Test Engineer : This position is what most people dream of, and it’s time to show off your personal skills. It mainly simulates hackers to attack the target business system and stops there.
Sales: I won’t go into details. I guess you young people don’t care much about it, but when you grow up, you will find that your previous understanding of sales is nonsense.
Security development engineer: Well, even if you are engaged in development, you must also understand security. For example, if you are developing a web application firewall and you don’t even understand web attacks, then why should you develop it behind closed doors? Can it be prevented?
Security operation and maintenance engineer : If an organization buys so many security products, it must have someone doing operation and maintenance to analyze the logs and upgrade the strategies. Regularly check the security of business systems and check whether there are threats in the intranet. This is what security operation and maintenance engineers have to do.
Emergency response engineer: The customer's business system has been attacked. Security issues must be quickly identified, the business system must be quickly restored, and some even require evidence collection and alarm. (If something of too great a value was stolen at home, why wouldn’t you call the police? Why are you so worried?)
Level protection evaluator: According to national requirements, important business systems need to be protected according to security levels. Currently, the country has released the Level Protection 2.0 standard, and construction must be carried out in accordance with this standard. The job of the graded protection evaluator is to assist customers in checking whether the business system meets the requirements of graded protection, and if not, make rectifications quickly.
Security service engineer: Many companies include penetration testing engineers as security service engineers, which is harmless. As a waiter who doesn’t understand security services and doesn’t know how to eat, his job is to assist customers in security work. Specific content includes common vulnerability scanning, baseline testing, penetration testing, network architecture sorting, risk assessment and other work contents. Security services are very broad and cover almost all the above-mentioned positions.
Having mentioned so many positions, kicking out sales and development (most teenagers don’t care about these two positions), let’s divide the other positions into three directions: security product direction, security operation and data analysis direction, and security Offensive, defensive and emergency directions. In addition to this direction, there is another direction that is not listed - safety management. Don't worry, boy, you won't need this direction for a while. Which company is so stupid as to let a newbie do safety management?
Looking at all industries, there has never been a manager who was directly recruited from school graduates. If so, please remember to contact me. I have several cousins who will graduate from college soon and let them apply for jobs.
So here’s the problem? Is the content of learning in these three directions the same?
It's obviously different. Otherwise, what direction would I take? I'd be full. This is just like the division of liberal arts and sciences in high school back in the day. You ask what you should divide, because there is too much content, and different people are good at different things. There is so much content to study and so little time, so either the content is compressed or the time is stretched. Closer to home, what skills are needed in actual work in these three directions?
Security product direction: Understand products, such as firewall, Internet behavior management, intrusion detection/protection, gatekeeper, VPN, database audit, bastion host, anti-denial of service, cloud protection products, anti-virus, access, web application firewall, virtualization security Products and more.
Security operation and data analysis direction: security services, security evaluation, risk assessment, level protection, ISO 27000, log analysis, threat analysis, SOC operation, etc.
Security attack, defense and emergency direction: web attack and defense, system attack and defense, intranet penetration, emergency response, code audit, mobile apk monitoring, industrial control system security detection, etc.
Security product direction: Products are all deployed on the network, so if you want to get started with the product, you must first get started with the network basics (Cisco, Huawei, H3C, etc.). In a network, you need to debug security policies, so you need to understand basic security knowledge and principles. , to sum up, getting started with security products requires network basics + basic attack and defense
Security operation and data analysis direction: It is necessary to operate business systems, understand whether the security configuration of important business systems is service requirements, understand operating systems (windows, Linux), understand middleware, and understand databases. To understand, you need to understand national policy requirements. Since it is security threat analysis, you must understand basic security knowledge and principles, and even verify vulnerabilities. To sum up, the requirements for getting started with security operations and data analysis are: operating system + middleware configuration + database configuration + basic attack and defense
Security attack, defense and emergency direction: Since it is offense and defense, you must understand attacks and have certain programming language capabilities. If you want to log in to the system for emergencies, you must understand the operating system, middleware, and database. Therefore, in summary, getting started requires operations System + middleware configuration + database + advanced attack and defense
Of course, as a product engineer, you really don’t need to understand the operating system. Obviously not. Most domestic security products are developed based on open source Linux. If you don’t understand, how can you enter the background debugging of the device when a device abnormality occurs? As a security attack and defense engineer, don’t you need to know the network? You don’t need to go so in-depth. You don’t need to understand ospf, second layer, and SDN, but you should understand the basic network. Otherwise, you can’t even understand the IP address. Who will trace it?
Finally
In order to help everyone learn network security better, the editor has prepared an introductory/advanced learning material for network security for everyone. The content in it is all notes and materials suitable for beginners with zero basic knowledge. It can be understood even if you don’t know programming. Understand, all the information is 282G in total. If friends need a complete set of network security introduction + advanced learning resource package, you can click to receive it for free (if you encounter problems with scanning the QR code, you can leave a message in the comment area to receive it)~
CSDN gift package: "Network Security Introduction & Advanced Learning Resource Package" free sharing
Network security source code collection + tool kit
Network
security interview questions
Finally, there is the network security interview questions section that everyone is most concerned about.
All the information is 282G in total. If friends need a full set of network security introductory + advanced learning resource packages, you can click to get it for free ( If you encounter problems with scanning the code, you can leave a message in the comment area to get it)~
Video supporting materials & domestic and foreign network security books and documents
