Cybersecurity certifications, industry, and career Q&A stream! CompTIA Security+ and OSCC included.

What Happened This Stream? 🚨
Our first stream moving over to Twitch for our FAQing Friday series! we talked about Cybersecurity careers, job postings & resume questions, certifications and the differences in positions!

What are FAQing Fridays? 🗓️
Want to learn a little Cyber Defense tradecraft or brush up on some areas? or maybe just chat about certain topics? Welcome to FAQing Fridays hosted on our Twitch channel! FAQing Friday is live every Friday at 12PM EST typically 30m to 1hr. All are welcome to join in and ask questions as we go. Beginner to advanced friendly!

Website: https://leveleffect.com
Discord:   / discord  
Twitch:   / leveleffect  
Newsletter & Blog: https://news.leveleffect.com/

Leave your questions and comments below or in our Discord and we'll be happy to answer or help!

Recorded:
Aug 2nd 2024

Timestamps ⏳
00:20 - Detection Engineering is looking at reflective activity of malicious behavior
01:20 - Get experience by Blue Teaming or mixing Red and Blue
03:10 - Does Digital Forensics require more training?
05:40 - Is DFIR like “recovery” ?
07:00 - SOC Analysts still perform some level of DFIR too
07:30 - Being a T-Shaped specialist is recommended
09:45 - Security branched from IT, generalists needed at first
11:30 - SOC analysts are like firefighters, eventually you need to stop the fire from happening
12:25 - Cybersecurity specialists stop fires from happening
14:40 - CISSP is a management cert!
15:30 - GRC typically goes toward CISSP due to specializing on governance
16:20 - Entry-level SOC Analysts requiring CISSP is not asking for SOC Analysts
17:20 - Is Security Engineering higher up than DFIR?
17:50 - Security Engineering as a discipline finding IT and Security solutions to business needs
18:50 - CompTIA Security+ is and isn’t a basic cert
19:20 - How has marketing influenced your opinion on Sec+?
19:50 - What do you think the point of Sec+ is?
20:10 - Is it a check in the box?
21:00 - Security+ is actually to test for literacy for terms, definitions, and description matching
22:00 - Security+ doesn’t test you to compare and contrast varying criteria for a solution
22:40 - Describe a vuln scanner = Sec+
22:55 - When you would want to use a vuln scanner vs manual = where Sec+ fails
23:15 - Sec+ isn’t bad though! literacy is needed to speak and think in Cybersecurity terms
25:10 - Good to have, preferred, but shouldn’t be a requirement, shows literacy which is helpful!
25:25 - You can gain literacy by doing the work though
26:45 - OSCP has a defensive course? OSCC?
29:25 - It costs $899 !?!?!?
30:00 - Good coverage but it's basic, and you're paying for the brand at that point
31:15 - OSCP is a good cert! … for testing your knowledge on already vulnerable systems
31:50 - OSCP does not test your ability to perform the rest of pentesting (reporting, presentation, vuln management, etc.)
32:25 - Good to test you on ways that things can be misconfigured though!
33:00 - OSCP does not mean you are immediately a good pentester
34:45 - Get your OSCP for one piece of the puzzle
35:30 - You still need report writing and communication skills
36:40 - OSCP doesn’t mean you get a job, you need the other components still
37:40 - 1/3 of it is the vulnerability and exploitation side, 2/3 of it is almost Blue Team centric
38:20 - Build a home lab ! write a report on an exploit and how prevent it! do that with your OSCP and you’re solid
40:00 - CySA+? Study the objectives of CySA+! but 4 years to get it is a bit much
40:40 - Still just a literacy test though
41:40 - Better off getting more practical Blue Team certs
42:10 - Get the BTL, CCD, and our CDCP and home lab!
42:50 - How do you build a home lab then? (added to comments here and in our Discord)
43:34 - Windows box, DC, config it, compromise WIndows, then triage it with another Windows box for a home lab
44:00 - Once configured, write reports, post it on a blog!
44:15 - What box of warhammer is in the back? (the important stuff :D )
45:30 - Is the home lab the same a project? no it’s better! because it’s relative
47:00 - curious to see the cyber set up? maybe in a coming session! but we have videos on our youtube
48:25 - Better certs than CySA+? 1st - home lab, then BTL, CCD, and our CDCP!
52:00 - Yes there are changes in the Live CDA Program, the self-paced content is better now
53:30 - Live training is good, but costly! it can still be done self-paced for an accessible pace, live = pay for instructor to walk you through it, get feedback