Preface
As a rookie network security engineer with 5 years of experience, I really can’t figure out why I should study network security when there are so many development positions?
Here I must pour some cold water on those students who are ready to fall into the trap! Self-study network security from scratch? I advise you to stop dreaming!
treatment
I think no matter what the job is, the first thing you care about before joining the industry is definitely the treatment. Here, please remember:
All training institutions that boast of high salaries for network security are just bullshit!
This is what the organization will show you about the salary of a network security engineer. I mean, we can get into these big companies if we want... Everyone knows it by heart~
This is the position you can find when you are ready to find a job after studying...~~
There are two ways to earn a high salary in network security:
The first type: It’s written in the criminal law, and you’ll get a pair of silver bracelets, with food and shelter included.
The second type: the ultimate senior security boss, who is so talented that he can handle the security system of an enterprise by himself. A combination of Mao and Shield, an all-round talent who can advance, attack, retreat and defend. Such people are less than 0.1% in the country. The general annual salary of ordinary network security engineers is around the range of 150,000-450,000. Question: Anyone who knows the programmer industry knows which development position has a lower salary than this one?
Here is an explanation of the cruel reality of society for students who are still in school: Why is the salary range of network security engineers generally lower than that of other development categories? Because the network security department is not a business department in a company, in layman's terms, it cannot create direct benefits for the company. Another reason is that domestic companies do not pay much attention to network security at this stage.
The above theory is limited to non-first-tier Internet giant companies. The salary of security experts in large companies is much higher than that in other development fields (such as Ant Financial, JD Finance)
Cybersecurity engineer prospects
After pouring the cold water, let’s serve some hot food~~
The prospects for this industry are still good. Because there are policy incentives . Internet security will be a very important industry in the future.
At least in the short term, this industry is not as big as front-end, mobile terminal and other business development. In the long run, the talent market space is still huge.
According to Tencent Security's " Internet Security Report for the First Half of 2017 ", in recent years, only more than 30,000 information security professionals have been trained in China's universities and colleges , while the total demand for network security talents has exceeded 700,000, with a gap as high as 95%.
Our country’s overall investment in network security is not high . In terms of network security construction, domestic network security investment accounts for less than 3% of informatization investment, while in developed countries such as Europe and the United States, it is more than 10%, and some even exceed 15%. In terms of investment scale and awareness of network security, there is a huge gap between us and foreign countries. Compared with our digital dependence, this is still a very big contrast.
Judging from the recruitment data directly hired by the boss, the position of network security engineer has surpassed that of Web front-end, ranking second.
Development direction of network security engineer
Then, we need to know the network security system and what are the career directions, as shown below:
Penetration testing engineer ; this position is what most people dream of, and it’s time to show off your personal skills. The main purpose is to simulate hackers to attack the target business system; we will not go into details here. **Security development engineer:** Well, even if you are engaged in development, you must also understand security. For example, developing a web application firewall, if you don’t even understand web attacks, then why develop it behind closed doors? Can it be prevented?
Security operation and maintenance engineer ; if an organization buys so many security products, it must have someone to do operation and maintenance, analyze the logs, and upgrade the strategy. Regularly check the security of business systems and check whether there are threats in the intranet. This is what security operation and maintenance engineers have to do.
Emergency response engineer : When a customer's business system is attacked, security issues must be quickly identified, the business system must be quickly restored, and some may even need to collect evidence and call the police. (If something was stolen at home that was too valuable, why wouldn’t you call the police? Why are you so worried?)
Level protection evaluator ; according to national requirements, important business systems need to be protected according to security levels. Currently, the country has released the Level Protection 2.0 standard, and construction must be carried out in accordance with this standard. The job of the graded protection evaluator is to assist customers in checking whether the business system meets the requirements of graded protection, and if not, make rectifications quickly.
Security service engineer ; many companies include penetration testing engineers as security service engineers, which is harmless. As a waiter who doesn’t understand security services and doesn’t know how to eat, his job is to assist customers in security work. Specific content includes common vulnerability scanning, baseline testing, penetration testing, network architecture sorting, risk assessment and other work contents. Security services are very broad and cover almost all the above-mentioned positions.
Network Security Engineer Learning Route & Resources
[----To help you learn about Internet security, get all the following learning materials for free! 】
① Mind map of network security learning and growth path
② 60+ classic network security tool kits
③ 100+ SRC vulnerability analysis reports
④ 150+ practical network security attack and defense technology e-books
⑤ The most authoritative CISSP certification exam guide + question bank
⑥ Over 1800 pages of CTF practice Skills Manual
⑦ The latest collection of interview questions from major Internet security companies (including answers)
⑧ APP client security detection guide (Android + IOS)
There is a lot of knowledge about network security. How to arrange it scientifically and reasonably?
Junior network engineer
1. Network security theoretical knowledge (2 days)
① Understand the relevant background and prospects of the industry and determine the development direction.
②Learn laws and regulations related to network security.
③The concept of network security operations.
④Introduction to MLPS, regulations, processes and specifications for MLPS. (Very important)
2. Penetration testing basics (one week)
① Penetration testing process, classification, standards
② Information collection technology: active/passive information collection, Nmap tools, Google Hacking
③ Vulnerability scanning, vulnerability exploitation, principles, utilization methods, tools (MSF), bypassing IDS and anti-virus reconnaissance
④ Host attack and defense drills: MS17-010, MS08-067, MS10-046, MS12-20, etc.
3. Operating system basics (one week)
① Common functions and commands of Windows system
② Common functions and commands of Kali Linux system
③ Operating system security (system intrusion troubleshooting/system reinforcement basics)
4. Computer network basics (one week)
①Computer network basics, protocols and architecture
②Network communication principles, OSI model, data forwarding process
③Common protocol analysis (HTTP, TCP/IP, ARP, etc.)
④Network attack technology and network security defense technology
⑤Web vulnerability principles and defense: active/ Passive attacks, DDOS attacks, CVE vulnerability recurrence
5. Basic database operations (2 days)
① Database basics
② SQL language basics
③ Database security reinforcement
6. Web penetration (1 week)
①Introduction to HTML, CSS and JavaScript
②OWASP Top10
③Web vulnerability scanning tools
④Web penetration tools: Nmap, BurpSuite, SQLMap, others (Chopper, Miss Scan, etc.)
Congratulations, if you learn this, you can basically work in a network security-related job, such as penetration testing, web penetration, security services, security analysis and other positions; if you learn the standard protection module well, you can also work as a standard protection engineer. Salary range 6k-15k
So far, about 1 month. You've become a "script kiddie." So do you still want to explore further?
[ Get "Script Kid" growth and advanced resources ]
7. Script programming (beginner/intermediate/advanced)
in the field of cybersecurity. The ability to program is the essential difference between "script kiddies" and real hackers . In the actual penetration testing process, in the face of complex and changeable network environments, when commonly used tools cannot meet actual needs, it is often necessary to expand existing tools, or write tools and automated scripts that meet our requirements. At this time, Requires certain programming skills. In the CTF competition, where every second counts, if you want to effectively use homemade script tools to achieve various purposes, you need to have programming skills.
For beginners, it is recommended to choose one of the scripting languages Python/PHP/Go/Java and learn to program common libraries; build a development environment and choose an IDE. Wamp and XAMPP are recommended for PHP environments, and Sublime is highly recommended for IDEs; ·Learn Python programming , the learning content includes: grammar, regularity, files, networks, multi-threading and other common libraries. We recommend "Python Core Programming", don't read it all; · Use Python to write exploits for vulnerabilities, and then write a simple web crawler; · PHP basic syntax Learn and write a simple blog system; Be familiar with the MVC architecture, and try to learn a PHP framework or Python framework (optional); ·Understand Bootstrap layout or CSS.
8. Super Internet worker
This part of the content is still relatively far away for students with zero foundation, so I won’t go into details and post a rough route. If you are interested in children's shoes, you can research it. If you don't understand the place, you can [click here] to join me and learn and communicate with me.
Cybersecurity learning routes & learning resources
Scan the card below to get the latest collection of network security materials (including 200 e-books, standard question banks, CTF pre-match materials, commonly used tools, knowledge brain maps, etc.) to help everyone improve!
Conclusion
The network security industry is like a river and lake, where people of all colors gather. Compared with many well-known and decent people in European and American countries who have a solid foundation (understand encryption, know how to protect, can dig holes, and are good at engineering), our country's talents are more of a heretic (many white hats may be unconvinced), so in the future talent training and In terms of construction, it is necessary to adjust the structure and encourage more people to do "positive" "system construction" that combines "business" with "data" and "automation". Only in this way can we quench the thirst for talents and truly provide comprehensive services to society. The Internet provides security.
Special statement:
This tutorial is purely technical sharing! The purpose of this book is by no means to provide technical support to those with bad intentions! We also do not assume any joint liability arising from the misuse of technology! The purpose of this book is to awaken everyone's attention to network security to the greatest extent, and to take corresponding security measures, thereby reducing the economic losses caused by network security! ! !