Google Cybersecurity Certificate - First Thoughts
Skills:
Security Basics80%
Key Takeaways
The Google Cybersecurity Professional Certificate is introduced, with an overview of the course and its pros and cons, available on Coursera.
Full Transcript
the world of cyber security certifications can be a little bit of a Minefield and is often full of strong opinions so today naturally I'm going to add my opinion into the mix let's take a look at Google's cyber security professional certificates just to let you know this video is sponsored by Coursera and there are links in the description below and if you want to learn more about the program or want to learn about the awesome world of application security and web hacking then come join us on live stream every Tuesday over on the Cyber Mentor YouTube channel which is probably where you're watching right now huh as always if you enjoy the video don't forget to like And subscribe and let's dive in so first up I want to go over what's been covered so these are the sections covered and already you can gain some insight into what roles it's looking to prepare you to step into but that's getting a little bit ahead of ourselves let's take a look at some more detail first we have eight sections in total all delivered by different instructors and I liked the fact that the instructors all have different experiences backgrounds roles and also there are some other individuals who do short videos to share their interesting insights or stories and experiences as well the first section really drives the diversity in cyber security is important and frankly I agree I previously managed a Global Security team of Engineers from all around the world and diversity was one of the real strengths that helped us achieve some really awesome things so let's take a quick look at the topics first up foundations of cyber security I thought overall this was a good module it did a really good job of setting up some of the fundamental topics like CIA confidentiality Integrity availability and common attacks like phishing as well as touching on ethics as well next we have played safe managing security risks here we go into more detail on CIA we look a little bit at nist some nice advice on keeping up to date without being overwhelmed and an introduction to instant response the connect and protect networks and network security was a good introduction to network security I liked that they included some hardening and also attached a little bit on cloud as well tools of the trade Linux and SQL a good introduction to Linux and a good place to start developing some skills that will pay dividends throughout your entire career in the assets threats and vulnerabilities section we have a lot of different things like authentication threat modeling malware makes an appearance and it also touches on web exploitation too Sound the Alarm detection and response we have incident response lifecycle tooling verifying incidents basically the title sums it up for this one and then automate cyber security tasks with python a nice introduction to python with some good practical exercises but I would encourage you to make a habit of continuing your journey into things like Python and Linux and SQL and finally we have put it to work prepare for cyber security jobs if you're going for your first job out of school or university there's a lot of really useful information in this section so I was really happy to see it though don't call the Linux command line line command in your technical interview like the instructor does line command is another thing but we all make terminology mistakes so it's okay I'm pretty sure I do this in my videos too Oh you mean the mistakes you make in every video overall it's an interesting mix of topics and I think considering how many seasons cyber Security Professionals can't describe the differences between threats risks and vulnerabilities it covers the fan foundations really well in an accessible way speaking of the differences between threats risks and vulnerabilities though it does talk about the ls top 10 as a list of vulnerabilities it's not their web application security risks and if you're ever being interviewed by a seasoned pen tester or appsec engineer don't make this mistake by saying the OAS top 10 are vulnerabilities but overall just considering the syllabus it looks like it leans more towards governance risk and compliance roles or potentially a junior security analyst or Junior sock analyst role as well if your long-term goal is to work in more specialized blue team roles like forensics then this might be a good starting point as well if you're starting from zero but of course there will still be a lot of work to do afterwards as well if this is your goal so next I wanted to compare the pros and cons so that you watching can figure out if there are any deal makers or deal breakers before you dive in let's start with the pro the overall cost I think is very reasonable and I think that all training should be just that affordable this is really great in my opinion next we have a pro slash con now the course itself is pretty Broad and this is both a good and a bad thing good because there's actually a lot of initial knowledge required to kind of Step into the field of cyber security but bad because you're covering so many things you don't get to do them in much depth an example of this is it teaches you about threat modeling but having gone through the materials I'm pretty sure that if you've never done a threat model or before even though you know the theory you still wouldn't be able to do it afterwards in this case more exercises or practical examples would be nice to see another Pro is that the production quality is really high the visuals to age the topics and Theory are good and all of the instructors are likable and engaging more engaging than your monitor at least and the reading material is Well written too one of the cons that I did find is that there are quite a few mistakes in the course aside from the confusion of vulnerabilities and risks we had earlier we have a section that says the best way to defend against SQL injection is code that will sanitize the inputs developers can write code to search for specific SQL characters this gives the server a clearer idea of what inputs to expect one way this is done is with prepared statements now I won't spend too long on this but a prepared statement prevents SQL injection attacks by separating the SQL logic and the data so that the attacker can't manipulate the query this is done by pre-compiling the SQL statement without the data and then the data is passed in afterwards as parameters fundamentally different from sanitizing inputs where we search for characters and neutralize them this is also a prevention technique though not as foolproof as prepared statements I did flag this and also some of the other mistakes that I found so hopefully it will be updated soon one final Pro is that if you're unsure of where you want to be in cyber security then I think this gives you a really good insight into some of the different areas domains and roles as well another good thing is that since it covers a lot of topics from the ground up it's usually accessible to those without a degree new career changes and of course the entry-level candidates that it's aimed at and high ratings which give some confidence about the satisfaction of previous Learners there are quite a lot of technical skills to be gained from taking this course and this includes getting Hands-On with Linux python cm and IDs tools as well as SQL but before we move on I also want to add the the platforms pretty accessible and the content is easy to navigate so who should take it well is directed at entry-level analyst roles and keeping that in mind I think that's a fair description if you want an entry-level security analyst position I think this will help but let's take a little look beyond that since that's just one role in a fast and rapidly changing industry so those of you who should take this are on the left and those who I don't think should take this will be somewhere on the right so we have those new to cyber security and maybe not entirely sure where you want your career to take you those that work closely with cyber security teams and want a better understanding of what we do and why we do it those that want to work in non-technical cyber security roles maybe you're a project manager that wants to manage cyber security projects for example and those that want to lean more into blue team roles on the other side so for those who might want to use their time for something else if you want to be more on the offensive side so pen testing application security secure to your search bug Bounty and I think appsec engineering as well then I think you're six months of time would be better spent elsewhere so overall I think it's priced really well in previous roles I've been the hiring manager reviewing CVS and conducting interviews for various security roles so I can say with confidence that if I saw someone had this on their CV it would be favorable some of the fundamentals that you pick up will definitely be things that stay with you throughout your career if you want to check it out then once again the link is in the description below and also a seven day free trial so definitely worth checking out and of course if you enjoyed the video don't forget to like And subscribe if you have more questions drop into our live stream every Tuesday and I'll be happy to answer them catch you next time
Original Description
In this video, Alex is going to go over the brand-new Google Cybersecurity Professional Certificate.
#Coursera, #CourseraPartner and @coursera
Sign up to enroll for a 7-day free trial with Coursera now! https://imp.i384100.net/nLEaJ7 (affiliate link)
00:00 Intro
00:41 Course overview
04:16 Pros & cons
07:00 Who should take it?
08:31 Outro
Pentests & Security Consulting: https://tcm-sec.com
Get Trained: https://academy.tcm-sec.com
Get Certified: https://certifications.tcm-sec.com
Merch: https://merch.tcm-sec.com
Sponsorship Inquiries: info@thecybermentor.com
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from The Cyber Mentor · The Cyber Mentor · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Buffer Overflows Made Easy - Part 1: Introduction
The Cyber Mentor
Buffer Overflows Made Easy - Part 2: Spiking
The Cyber Mentor
Buffer Overflows Made Easy - Part 3: Fuzzing
The Cyber Mentor
Buffer Overflows Made Easy - Part 4: Finding the Offset
The Cyber Mentor
Buffer Overflows Made Easy - Part 5: Overwriting the EIP
The Cyber Mentor
Buffer Overflows Made Easy - Part 6: Finding Bad Characters
The Cyber Mentor
Buffer Overflows Made Easy - Part 7: Finding the Right Module
The Cyber Mentor
Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
The Cyber Mentor
HackTheBox - Sunday Walkthrough (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Network Subnetting (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
The Cyber Mentor
HackTheBox - Fighter Walkthrough (Re-Up)
The Cyber Mentor
Beginner Linux for Ethical Hackers - Navigating the File System
The Cyber Mentor
Beginner Linux for Ethical Hackers - Users and Privileges
The Cyber Mentor
Beginner Linux for Ethical Hackers - Common Network Commands
The Cyber Mentor
Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
The Cyber Mentor
Beginner Linux for Ethical Hackers - Controlling Kali Services
The Cyber Mentor
Beginner Linux for Ethical Hackers - Scripting with Bash
The Cyber Mentor
Beginner Linux for Ethical Hackers - Installing and Updating Tools
The Cyber Mentor
Cracking Linux Password Hashes with Hashcat
The Cyber Mentor
Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
The Cyber Mentor
Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
The Cyber Mentor
Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
The Cyber Mentor
Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
The Cyber Mentor
New Zero to Hero Pentest Course, New Website, and 2K Subs?!
The Cyber Mentor
Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
The Cyber Mentor
Zero to Hero Pentesting: Episode 2 - Python 101
The Cyber Mentor
Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
The Cyber Mentor
Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
The Cyber Mentor
Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
The Cyber Mentor
Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
The Cyber Mentor
Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
The Cyber Mentor
Installing Windows Server 2016 on VMWare in 5 Minutes
The Cyber Mentor
Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
The Cyber Mentor
A Day in the Life of an Ethical Hacker / Penetration Tester
The Cyber Mentor
Active Directory Exploitation - LLMNR/NBT-NS Poisoning
The Cyber Mentor
Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
The Cyber Mentor
Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
The Cyber Mentor
Writing a Pentest Report
The Cyber Mentor
Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
The Cyber Mentor
The Complete Linux for Ethical Hackers Course for 2019
The Cyber Mentor
Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
The Cyber Mentor
Popping a Shell with SMB Relay and Empire
The Cyber Mentor
Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 2 - Lame
The Cyber Mentor
Pentesting for n00bs: Episode 3 - Blue
The Cyber Mentor
Web App Testing: Episode 1 - Enumeration
The Cyber Mentor
Pentesting for n00bs: Episode 4 - Devel
The Cyber Mentor
Pentesting for n00bs: Episode 5 - Jerry
The Cyber Mentor
Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
The Cyber Mentor
Pentesting for n00bs: Episode 6 - Nibbles
The Cyber Mentor
Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
The Cyber Mentor
How NOT to Approach a Cybersecurity Mentor
The Cyber Mentor
Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
The Cyber Mentor
Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 9 - Grandpa
The Cyber Mentor
Top 5 Internal Pentesting Methods
The Cyber Mentor
More on: Security Basics
View skill →Related Reads
Chapters (5)
Intro
0:41
Course overview
4:16
Pros & cons
7:00
Who should take it?
8:31
Outro
🎓
Tutor Explanation
DeepCamp AI