New Cybersecurity Certification?
Key Takeaways
The video discusses the new SEC 100 cybersecurity certification, which provides a foundation in general skills and covers topics such as attacking, defending, and building, with a focus on hands-on experience and practical labs, including Python and networking.
Full Transcript
these are just things that you need to know as a cyber security professional we're not trying to handwave that away we still want people to come out with recognizable marketable skills but we're trying to give Learners a little bit more assistance in obtaining those skills you can't there's no getrich quick sche here uh you got to put in the work but something like SEC 100 lets you put it in at a pace that works for you and it lets you really accomplish something uh in a relatively short amount of time rather than like keeping your eye on a decade year long prize um if you can go in and say hey look I can I can do these kind of attacks I can do these kind of defenses I have a broad understanding of security and Technology um this is going to give you the sort of the Practical demonstration of your [Music] abilities just before we start the interview I've got to say that this video is sponsored by offc I really want to thank them for sponsoring this video and supporting my channel also got some fantastic news for those of you who watch towards the end of the video some great news I won't spoil it now but if you watch towards the end you'll be very glad that you did that because some of you or one of you is going to win something enough of that before I give away too much let's cut to the interview hey everyone it's David Bumble back with Jeremy Jeremy great to have you back on the channel hey David thanks for having me so Jeremy you work for offc and I believe you got some great news I do we have just launched our SEC 100 course a brand new course for those entering the cyber security field so you've got to tell me offc are well known for ocp but this is the OC is that right yes so in other words the offsec Cyber cor is what my notes say right yes the offsec cybercore certified so you got to tell me because I mean offsec are obviously well known as I said for ocp how is this different to ocp yeah so the ocp and pwk or pen 200 the course that corresponds to it uh teaches somebody how to be a penetration tester specifically and it isn't necessarily for somebody who is brand new to the cyber security space it's for somebody who has been a seasoned veteran in system administration or in programming or inet working or some other cyber security role uh not to say that somebody without those hats can't go into pwk but generally that's what we see the most majority of students taking cyber core SEC 100 is specifically for somebody who is just entering their toes into cyber security as a whole so even if you haven't been a system administrator or you haven't been a programmer uh you can take SEC 100 and the content will be at the right level for you uh and that's that's really who it's for so this is different as well to OC because it's not just offensive hacking right correct we cover uh three main domains and those three domains really represent the offsec library as a whole so the first is attacking and you know that's sort of off sex traditional bread and butter the uh the things that we covered in SEC 100 on the attacking space um are sort of preliminary to what you'll find in pen 200 so in pen 200 you'll find privilege escalation you'll also find privilege escalation in SEC 100 but the level is brought down the amount of handholding is brought up and so we're really giving students a nice on-ramp into the world of pentesting the mirror of attack is defend and so that's the second uh sort of domain that we cover and uh just like sock 200 we cover uh security operations we also cover some incident response and some threat hunting and some forensics it's really a survey of all the little defensive spaces that you could be in if you choose to pursue a career in defense and the third trash is uh what we call build and build really refers to all those professionals those heroes in the uh tech industry who don't necessarily conceive of themselves as part of the security industry but nonetheless are integral to the security domain so I'm talking about people like programmers and system administrators and network administrators and Cloud Engineers uh when they go to make their resume they don't think I'm a security professional first but from the perspective of security uh they are because they're building the things that must be secure um so those three domains you can think of them kind of as a as a triangle with connections between them all uh that's really what um the offs SEC Library covers and that's what SEC 100 covers there are a bunch of entry level certifications out there I won't you know mention any names but there's a well-known one that doesn't have any labs it's just a bunch of you know questions how is this different does it have Labs is it more hands on yeah exactly so true to offsec style uh the the goal with SEC 100 is really to give the learner as much hands-on experience as possible uh there are a few modules in there that don't have practical Labs but the vast majority of which do and those that don't are because of another differentiator that I'd love to talk about David which is many of these entrylevel certifications don't give the learner a sense of why cyber security is so important not just a sort of a fundamental in itself but to the business many many Sears and courses don't talk about sort of the risk inherence to allowing users to do certain things on your application and what that means for the business on the back end and so as much as possible in SEC 100 we try to return to sort of the business fundamentals and make sure that the learner understands uh the context in which security operates as a part of a business um so those those two things really the the the business angle and the hands-on experience gives Learners a real sense of what they would be doing as a cber security professional and why they would be doing it and then the third thing that I'll say is that even though we cover attack defend and build the build and the defend are also covered in the context of understanding how the attacker operates and so that's the third real differentiation I would say that that SEC 100 has versus maybe some other uh competing certifications is that we're always thinking about the mindset of the attacker regardless of if you're learning attack specific skills or defense skills or build skills I like that so I mean in other words I see there's a section on networking which is obviously one of my favorites there's when you talk about networking or you talk about python which is also in here you the hat that you're wearing is cyber security someone's attacking the network someone's attacking me right right what what can somebody do if they had access to the to the network or thinking in terms of complexity if you link two computers together okay that's a little bit of complexity but if you link 200 now there's a lot of complexity and each point is one for the attacker to take advantage of and realizing that attacker is thinking way is important because it's not just about um making sure that things work fast or that things are productive but also as you increase complexity in a network or a system um what do you expose to the end user and therefore to the attacker it's really important I mean at the time of this recording there was just a big event in the last few days right I mean yeah crowd strike which was supposed to protect companies is now well known for you know the biggest attack ever and very sad to hear that is is an irony there for sure that was an example of bad code from what I understand that caused all of these issues and I mean the poor people have that have to fix this it's it's what a what a nightmare but it's oh yeah they they they must have been up pulling on lers for days at this point uh this is a few days after the event I think that's another thing that is important to emphasize is um cyber security is often thought of as as safeguarding three things confidentiality uh making sure nobody can can access that data uh Integrity making sure the data stays how it should be and nobody can change it without permission and authorization and then availability and yeah um the irony is that security is often a um a hindrance to availability if left unchecked and I'm not just I'm not just talking about crowd strike here but in general um if you put in as many cyber security protocols as you possibly can and as many controls as you possibly can you make things really difficult for the end user you make things really difficult for the employee and so there's a balance to be struck and SEC 100 covers you know those three things and how to sort of think about them as a whole holistic uh rather than maximize each one individually I'm glad you did the business side because I mean this whole event is an example of that right like you just said you can lock everything down so much that your users are just going to try and circumvent all your controls so I've got to ask you a very important question which I'm sure a lot of people are thinking about is so in the course their Labs but is the exam like multiple guess as I like to say or is it a abely not yeah it's practical um so the exam mirrors the course structure which is to say that on the attack portion of the exam you have to hack machines you're given a certain amount of machines a certain amount of of information about those machines and you're told go pack very much like the OSP much let's say I don't love the word easier but I used the word complexity before so less complex machines less complex scenarios the entire exam is six hours rather than 24 um so some of that time let's say a third will be allocated to attacking certain machines and gaining access to them on the defender scenario you're really putting on your detective hat uh you're presented with an event that has happened and you can see uh via access to certain kind of machines what kind of event has happened what kind of security event and you're tasked with answering questions but it's not multiple choice there are very very specific answers that we're looking for uh like what time did attack X happen on y computer uh so it's deterministic it's it's objective um and you go find that information through your detective skills and you go put that in uh and then the build scenarios require you to actually fix some code so we give you access to an application uh show you the code show you how it doesn't work and then it's up to you to fix it and make it work make it make it secure but also make it make sure that it continues to work and uh not take down production so to say the three those three areas each have a representation of the kind of things that you would do as professional um and therefore it's all very it's all very Hands-On practical there's no there's no Theory involved in the exam at all I love that so in other words like hacking is like I've got Carly Linux or something and I'm going to hack some device the fixing is I have to go onto machines and discover basically what what went wrong uh yeah in particular uh it's going to be some kind of secure code or insecure code in the say so we'll give you an application let's say uh it's vulnerable to SQL injection and we'll show you the source code for it we'll maybe even point out where it's where it's going wrong and it's up to you to figure out okay what do I need to how do I change the code to make sure the application continues to work and that the vulnerability is no longer exploited and then I probably said it wrong the defending portion is where you something happened right and then you've got to go and discover that but it's all done practically right right so it's it's kind of like an incident response scenario where you you discover that something happened and you report on what has happened uh in this particular case you're not necessarily implementing the defense that comes later with the secure software side of things but in this case you're you're you're playing the the detective so to speak uh figuring out what happened why it happened where it happened how do you know how do you prove that it was a security event and not just some anomaly I love that because I think when you start out you're not always sure I mean red team hacking is where people obviously you know all the the sexy side of things are but it in the real world I mean the jobs are more on The Blue Team side so this gives you a good taste of three different areas right from a learner perspective like somebody coming into the field somebody Googling and being like I think cyber secur is interesting what can I do um many people see the red side are like hacking sounds cool but you're right the truth is is that there are far more jobs on the defending side of things um they're just not necessarily as marketable um at least you know I'm I'm certainly biased having come from the red side myself but I think you know when I was looking into joining this field the attacking sounded so much more fun than defense that sounds hard that sounds like I need to I need to make sure I can keep an eye on every single attack it's exhausting and it is and uh kudos to The Defenders out there it's it's really a lot of work um but I think what cyber Court does what SEC 100 does is really make uh the full field palatable and explain why all these different things are interesting and who they're interesting for and how you get into them uh so that's really what it's about we have a section on Career Development as well as part of the course where uh after you've gone through everything so you've gone through uh the attack you've gone through the defend you've gone through the build uh there is a part at the start that that we didn't talk about so we should return back up at the end yeah but jumping jumping all the way to the to the to the bottom of the course you go through a module about developing your career and that module talks about resume writing and interviews and how to position yourself as a professional in the field um which is something that many many certifications and courses don't really cover because it's more of a theoretical not theoretical yeah um not a not a Labs based module uh there's nothing about that on the exam but we want to provide that information to Learners so that they can finish taking the exam and then go off and write their resume and and talk to potential employers it's important because I mean it's fun to hack it's fun to do these things but at the end of the day you want to job absolutely yeah so so let's let's just work backwards to give everyone a sense of of where we're at so we ended off with with this Career Development uh we did our our build section we did our defend we did our attack before attack is this General skills section and the general skills section covers things that you will need to know regardless of your career choice whether that is as a penetration tester or a threat hunter or a developer everybody needs to know some Basics and those Basics include cryptography Linux Windows networking how those things link together it's not only that these things are helpful in your job role in the sense that if you can program it makes automating things easier it's that programming languages themselves are objects of security and so if you don't understand how a certain function can access another privileged part of code and what ramifications that might have um then you're sort of at a disadvantage so these sort of General skills provide you with immediate practical assistance in your day-to-day but they are also things that you study as sort of objects of security in themselves that's great I mean something I'm sure a lot of people are asking or thinking is is are there prerequisites for this so do I need to go and do because like a lot of people say go do Network Plus or CCNA go and do um pentest Plus or there's like this whole track so is this like my first cybert or do I need to do other stuff first this is really the the ground bottom in terms of offs SEC certifications um we talked about pen 200 we didn't talk about pen 100 and so if you kind of want to visualize it there's SEC 100 and then pen 100 and all the other 100 level uh learning paths that we have and then the 200 level courses and the difference between say SEC 100 and 100 the syllabus is really similar but the level of handholding that we're providing is is much higher for SEC 100 um and the reason the syllabus is simple is uh is similar as simple it's because these are just things that you need to know as a cyber security professional we're not trying to handwave that away we still want people to come out with recognizable marketable skills but we're trying to give Learners a little bit more assistance in obtaining those skills this would be my first s uh um SEC 100 uh OC and then from there I could say okay I actually want to do blue teaming and then or I want to do coding let's say and then I can take a track that's coding is is that correct exactly exactly so it's kind of like your Choose Your Own Adventure sht where you do it you get a little bit of a basis and everything and then you'll have a better sense of oh yeah this really works for me I want to go pursue that or uh this was really challenging but it's really interesting so I'm going to go try bashing my head on that part the course material does it have videos or was it just reading or is it like just how does it what what is it what what's the makeup yeah so we've tried to create the modality that works best for the specific type of content so there's um there's text as is traditional offset course but there's a lot of videos uh that expand on the text and provide a little bit more color literally and then of course there's the labs and so as you go through the module you jump from text to video to Labs depending on what happens to be best uh for that specific subject obviously offensive red teaming is is very popular with the audience so the offensive side what kind of attacks are you doing is it against like ad is it against websites what kind of attacks are they uh so there are 1 2 3 four five six modules in the offensive uh realm in the offensive part of the course we start off with process and this is true for all the different Tres we start off with process understanding the why and understanding what it is that somebody in this space does so in terms of pentesting what what is a pentest why do we do it what are the different steps um what's the sort of relationship that you might have with a client or with your internal organization um we go into information gathering and enumeration enumeration is just a fancy term for finding out information about the network or the machine or the system or whatever it is then we go into web attacks web attacks I always find are a great first object lesson because everybody's familiar with them we all use web applications all the time and so the idea of oh yeah this is an input field and I can put in my username my password and somehow the the web application has to authenticate me like not everybody's thought about that but we all just sort of intuitively understand that that's a thing uh whereas some more um esoteric type of systems we're just less familiar with in general um as regular users um so so web is a really good first look at like oh yeah here's where an attacker can start getting their hands dirty we then talk about endpoints attacking endpoints and that's just another fancy term for a computer so we've we've graduated from a web application sort of a user-facing uh application to the underlying system itself from there we talk about defense evasion now that you've learned a little bit how to hack a computer what happens if there's sort of intentional defenses installed on that computer and what do you do about them uh so things like antivirus and um we end off with a section on cloud particularly offensive cloud in this case cloud is becoming more and more prevalent and it's important for people getting into the field to understand that cloud isn't sort of this other technology that you know other people are going to go do it's going to become more and more integrated with uh the DAT day regardless of your role I got to ask this I just once again saw Linux Basics Windows basics in the introductory section so I'm I hate to hop on this just to make the point prerequisite skills for this CT is it just basic knowledge or do I have to do like anything before this like do I have to learn Linux before I get you no we're going to teach you the all the Linux Basics that you need for the course we teach you in in in the course so all I need to do is like have obviously like know how to use a computer really basic foundational stuff like A+ kind of knowledge is yeah yeah I mean be able to turn it on Open Up Programs uh type on the keyboard um if you have some conception of what a command line is and how it interacts with the computer and how you can interact with it that's really good um but that's that's really the bare minimum you need I love this so I mean this again is my first cybert from off SEC who are have I would say the Gatey or the the top s when it comes to pen testing overp it's the one that always comes up so you guys have now taken it to the beginning so you had like sort of this higher end so that that was really well known but now you're trying to do the same thing for beginners yeah I mean we' we've had pen 200 we made pen 100 but that's really really Preparatory for pen 200 and this is sort of even more Preparatory in general for everything topic that's always like a very popular wi-fi hacking is that also here yes I do yes there is one modu on Wi-Fi in the uh defensive space so again we talk always from the attacker perspective or at least we return to the attacker perspective but this this one is is part of Defense so how do you think about securing a a Wi-Fi network and what we've done here is a really cool activity uh it's difficult to virtualize Wi-Fi so what we've done is walked the learner through how they can go about um auditing and then securing their own home Wi-Fi network and it's I'm glad to see you've got iot and embedded systems yes an area like cloud that is becoming more and more embedded not to not to overuse the term in everything else and uh it's very important that even if you're not going to go really really Hands-On you get an understanding of what are people talking about when they say embedded systems or OT I love this so in other words very wide range of topics very broad but like inch deep type thing right it's not where like when you go to ocp it's very much deep deep on p on hacking yeah I I would say an inch deep in certain subjects um maybe 3 in and others there's certainly there's certainly are that we're focusing a little bit more on in terms of those hands down activities because we want that certification at the end to be practical um so things like attacking endpoints things like um uh incident response Basics uh these are things that we're going a little bit deeper on but then there are certain models that yeah we're covering hey this is a technology you need to know about here's how it relates to the business here's how it relates to attack defend and build most important question I think always is at the end of this am I ready to get a job cber depends on what job uh you're not you're not likely to go and get a job as a penetration tester but yeah a junior level stock analyst absolutely yeah I think it's important to it's important to highlight that because there's too much stuff out there where they say take this course and you'll earn this crazy amount of money and be a pentester the next week of course of course yeah the econom economically it just doesn't it doesn't work that way if if you can give somebody a twoe course and then they go get a six figure salary like everybody would do it so can't this is reality there was that book from was it Peter norvig many many many many years ago that wrote like learn see in 10 years which I think really emphasizes like you can't there's no get-rich quick scheme here uh you got to put in the work but something like SEC 100 lets you put it in at a pace that works for you and it lets you really accomplish something uh in a relatively short amount of time rather than like keeping your eye on a decade year long prize another thing people forget is you don't know what you don't know I always like to say that you are highlighting my weaknesses when I take this and showing me like okay perhaps I'm I'm strong on wi-fi hacking as an example but I'm very weak on some other type or some other sphere in in in in in this list of you know topics okay so the exam is 6 hours handson um I completed in one go right or one sitting yeah yeah yeah for sure and is it how does how does the evaluation work do you guys like grade it and then I just get a like an automated email or something telling me that I've passed yeah because there's there's no report required for this exam so you go and let's say in the attack case you go and attack the machines you'll get some kind of proof that shows that you attack the machine you put it into the exam system and you'll know right away if you got it or not not all the questions are like that or not all the not all the inputs are like that so you don't necessarily know if you got the answer correct but at the end of the exam you say okay I'm done and off you go and it'll tell you okay you passed refill and what it is let's say I I'm doing the offensive side the attack side and then I I'm I'm further along in the exam can I go back to the attack site if I remember something or is it like no no you can go go between the this so the way that the exam works is you get access to all the questions all the challenges and you have your six hours and you can use that time however you wish you can go in whatever order you wish is a proctored exam so it's proctored by offsec however you can take breaks you can say I'm going to work for one hour and then take a three hour break that works for you and you can get it all done I'll power to you so when you say it's proed is that means someone's watching what you're doing monitoring what you're doing is that is that what you mean yeah just like all other offs like EX no no report writing at the end so as soon as I click submit I think I've done I get I can I can get my result right so question that often comes up with search like this is it a lifetime or does it expire because you know I could have done this 20 years ago let's say in theory and I I forgotten everything yeah so the OS does expire after 3 years Jeremy this is going to come up a lot from a lot of people I think do I have to buy like prep exams or you know if I go and take the exam and I fail is that the end of it or do is there like something that allows me to take the exam again yeah the nice thing is that two exam attempts are included with with the purchase so you could try once fail and then after some cool off period you go again and and try it again let's say fail today or life happens stuff gets in the way right is there like a period of time like what's the limit for me to you know take the exam so I purchased today is it like do I have to do in three months or is it like 12 months or something yeah you you'll have to look on the website to get the official answer but as of my current understanding recollection it's 12 months from the time of purchase how do you say there's no better mock exam than to actually go the exam yeah and cuz you might feel okay I'm ready but then you're not and that's a good way to test if you're ready and then and get rid of just get rid of those nerves you know yeah exactly we're all uh conditioned from from years at school to few exams and think that we're being judged uh but the truth is exam is just another way to test yourself Jeremy what kind of roles could I expect like let's say I get the S you've already highlighted that I mustn't expect to become like a full-time pentester necessarily I might be lucky to get that role but um what sort of the job roles that this is aimed for yeah really any Junior level role um if you can go in and say hey look I can I can do these kind of attacks I can do these kind of defenses I have a broad understanding of security and Technology um this is going to give you the sort of the Practical demonstration of your abilities um are you going to be a senior network engineer no but can you go to uh you know a network engineering position and say Hey listen this is what I know can you use my skill set yeah absolutely it's that you mentioned network engineer because I didn't expect that to be in the list I saw other like um like roles as Junior penetration test what I would which I would expect sock analysts it security specialist security consultant interesting to see network engineer there but I think it's become important right you can't do you can't be an it today without having this focus on on cyber security on security and that kind of goes back to what I was saying at the start which is I don't think Network Engineers you tell me David you know better than me I don't think Network Engineers conceive of themselves or think of themselves as a security professional and so I'm not saying that you know SEC 100 teaches uh the basics of of routers and switches and how to connect things together that's not what it's about but it's offering a layer of skill and understanding that I think most Network engineers at the junior level aren't going to have uh so you might be able to go there and say Hey listen I still need to learn about switches but what I can tell you is this this and this I love that though because I mean obviously because of my background I mean if I did CCNA I'm going to get good writing and switching knowledge good networking knowledge but it doesn't have a big emphasis on cyber security it just has like a little bit on on security and this is you know it's great if I got CCNA plus I combine it with this I mean then I would be a really in demand network engineer I think worldly and it's the same with um with programming right we're not we are covering python Basics Power Cell Basics but our goal with that is not to teach you how to be a programmer our goal with that is to teach you the the bare minimum you need to know to understand why programming is part of security in the first place and then skills that you'll need to fix code um but you have to go learn programming if you want to actually go be a developer but I love that as well because like let's say I'm I I was at Uni and I did some coding course it's it's well known that a lot of these coding courses don't teach proper security or good security practices right so this gives me something really good to add to my coding skills exactly okay it's all the rage these days Jeremy AI is there any AI in this AI is all there is these days and yes there is uh very very sort of survey level coverage uh what is AI what is an llm what's a GPT all these terms that have come up in the past let's say year um we do have a module on that because we think it's important that people understand how this interfaces with security um just like cloud or programming or networking AI is both an object of security you can study in the sense of how do you make something like this secure and also an enabler for for security how do you use it to uh be better at your security job whatever that happens to be um and so we we cover a little bit of both we talk about both uh it's not an AI course it's not it's not you know solely focused on AI but we do uh cover it in that one module because we think it's important for Learners to have some grounding in as they start to explore their other cyber skills I love that because I just interviewed someone recently where they were talking about how a AI is exactly as you've said there you know a lot of AI implementations really badly done no encryption etc etc and also AI is being used dramatically more and more for hacking there there was a report that came out recently from mandiant if I recall they were talking about use cases of AI and specifically Ai and offensive operations and fishing is uh the number one use case for for AI because you can you can think about it um getting trash EBT to write you a thousand fishing emails tailored to a thousand different individuals that's something that that kind of uh system is really good at it's starting to be used also for sort of vulnerability Discovery and vulnerability exploitation but by far the human element is the one that it can most easily exploit because it's a language model so I was just reading through sort of the documentation the in the course you mentioned Labs so I've got lots of practical Hands-On Labs correct yes there's there's videos there's text that I can read the quizzes stuff like that right yeah so there's the the quizzes so to speak or questions and answers um we we've tried to have less of them than we have in some other content uh because we really want to emphasize the Hands-On component but there are certain modules certain areas where there's just no there's no way to virtualize a lab and there's no lab to talk about uh say processes right um so we do have some questions and answers but um they're strategically placed so that they reinforce the learning they're not meant to be sort of the the objective of the learning I think that's so much better than other SS out there and again I won't mention names where it's just reading and you're just asking these multiple choice questions that have it feels like have no real world implementation this is really hands on I love that I think the real answer depends on the learner there are a lot of people who will say okay I know that I have all this text content and I have this video content but what I'm going to do is I'm going to go to the lab I'm G to go try it and that's where I'm going to spend my time and I'm G to fiddle around with it until I get it if I need to use the text maybe I'll go back and and give it a read um but for some Learners it's going to be 95% of what they do because uh they just they're just kind of learning through doing rather than reading or watching video yeah but I love that I mean different different options for different people exact Some people prefer watching videos some just prefer Hands-On I think most of us prefer Hands-On especially if it's hacking right I mean there's no better way to do it than to do it people do have this sort of idea of themselves that oh I'm a visual learner or I'm an audio learner whatever it is um it seems like that has that kind of theory has been debunked people do learn in all these different ways and it's about finding the modality that works for the specific information that's being pred which is what we've tried to do we've tried to match the whether it's text or lab or video depending on the kind of thing that is attempted to be taught big question obviously is always going to come up the price yes it is if I believe $8.99 you have to check online to get the the formal prices uh don't quote me here but I think it's $8.99 for a year of access just for everyone watching got some great news for you really want to thank offc for doing this they have given me a special link which you can use below which will give you $100 off the cost of the course and the exams so really want to thank them for doing that and also one of you are going to be able to win a free spot so use the link below you can use that to enter and one of you will win the course for free so again thanks to offc for doing that and thanks to them for sponsoring this video Jeremy really want to thank you you know for coming on and sharing again it's great to have you back on the channel got to get you back again for something else have you got any final words before we wrap up we're uh we're really excited to um have have all the Learners and this one lucky learner that gets uh gets your your your voucher that's that's awesome looking forward to hearing your feedback and David if you have a chance to go through it yourself uh we'd love to hear from you as well yeah I'd love that so we'll we'll talk offline be great to go through it and you know talk more about it in in future videos Jeremy again thanks so much for sharing and all the best all right David thank you [Music]
Original Description
A huge thanks to OFFSec for sponsoring this video - get your $100 discount using my link (valid until 31 August 2024): https://davidbombal.wiki/oscc
Congratulations to our Winner: Buddha from Romania!
Want to win the free place? (T&C's apply)
Enter here: https://gleam.io/BS3FT/offsec-oscc-giveaway
//Jeremy’s Socials//
Website: https://jeremyharbinger.com/
X: https://x.com/JeremyHarbinger
LinkedIn: https://ca.linkedin.com/in/jeremy-miller-b6816987
//OffSec’s Socials//
X: https://x.com/offsectraining
Spotify: https://podcasters.spotify.com/pod/show/offsec/episodes/27-YinYang-in-Infosec-with-Jeremy-harbinger-Miller-e1gqsul
// OffSec’s OSCC link //
OSCC: https://davidbombal.wiki/oscc
// YouTube video Reference //
Dark Side of AI: https://youtu.be/YZqiWFyq-OE
// David's SOCIAL //
Discord: https://discord.com/invite/usKSyzb
X: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/@davidbombal
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming Up
00:46 - Sponsored Section
01:08 - Introducing Sec-100
04:11 - The Structure of Sec-100
06:43 - Crowdstrike Failure
08:20 - Style of Sec-100 Exam
11:08 - Finding your Place in Cybersecurity
13:23 - Learning General Skills
14:35 - Can I Start with SEC-100?
15:55 - Breaking Down the Course Material
18:45 - No Prior Cyber Skills Needed
21:24 - Can I Get a Job with SEC-100?
22:38 - The Length and Structure of the Exam
24:16 - Can I Retake the Exam
25:17 - Jobs to get with SEC-100
27:55 - AI in SEC-100
30:24 - Hands-On Learning
31:37 - SEC-100 Price and Giveaways
32:15 - Conclusion
kali linux
linux
oscp
oscc
offsec
sec-100
offensive security
hack
hacker
hacking
pentest
pentesting
pent
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from David Bombal · David Bombal · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
RYU SDN Controller Part 4: Graphical User Interface (GUI): Practical GNS3 SDN and OpenFlow
David Bombal
HPE Network Protector SDN Application Part 1 - Introduction
David Bombal
HPE Network Protector SDN Application Part 2 : DNS Interception using OpenFlow
David Bombal
HPE Network Protector SDN Application Part 3 - Lab Setup using Physical Switches
David Bombal
HPE Network Protector SDN Application Part 4 - Demo of malicious websites blocked
David Bombal
HPE Network Protector SDN Application Part 5 - Demo OpenFlow table interception flows
David Bombal
HPE Network Protector SDN Application Part 6 - Demo of Physical Switch configuration
David Bombal
HPE Network Protector SDN Application Part 7 - Demo Service Insertion Tunnel / GRE Tunnel
David Bombal
HPE Network Protector SDN Application Part 8 - Demo SDN OpenFlow Reporting
David Bombal
HPE Network Protector SDN Application Part 9 - Demo switches interception of DNS traffic
David Bombal
GNS3 Talks: GNS3 version 1.5.X Appliance Tips
David Bombal
CCNA 200-125 Exam: AAA demo: TACACS+ with GNS3
David Bombal
GNS3 2.0.0 beta 2 install
David Bombal
CCNA #012: Learn SNMP with GNS3, Wireshark and Solarwinds NPM - CCNA 200-125 exam
David Bombal
CCNA #013: Spanning Tree CCNA Exam Questions: Know the answer? CCNA 200-125 exam
David Bombal
GNS3 2.0.0 beta : GNS3 VM integration with GNS3 GUI
David Bombal
CCNA #018: Routing exam questions: Who wins? OSPF, EIGRP or RIP? Sure? CCNA 200-125 exam
David Bombal
CCNA #019: Spanning Tree CCNA Exam Questions: Root Bridge, Root Port and more: CCNA 200-125 exam
David Bombal
GNS3 Download, installation and configuration - GNS3 1.5.3 and Windows 10
David Bombal
CCNA #023 EIGRP Neighbor Troubleshooting (DUAL Issues) for the CCNA 200-125 Exam
David Bombal
GNS3 2.0 Architecture and schema Part 1: What is the GNS3 Controller?
David Bombal
GNS3 2.0 Architecture and schema Part 2: Emulators and virtualization
David Bombal
CCNA #028 VTP Troubleshooting for the CCNA 200-125 Exam
David Bombal
CCNA #029 VTP & DTP Troubleshooting for the CCNA 200-125 Exam
David Bombal
CCNA #030 VTP Troubleshooting for the CCNA 200-125 Exam
David Bombal
GNS3 : How to download Cisco IOS images and VIRL images. Which is the best? How do you get them?
David Bombal
GNS3 ASA setup: Import and configure Cisco ASAv with GNS3
David Bombal
GNS3 switching setup and options: Cisco and other switching options in GNS3
David Bombal
GNS3 switching setup and options Part 2: GNS3 unmanaged built-in switch
David Bombal
GNS3 switching setup and options Part 3: Router on a sick with GNS3 unmanaged built-in switch
David Bombal
GNS3 switching setup and options Part 4: Etherswitch Router for Cisco Dynamips Part 1
David Bombal
GNS3 switching setup and options Part 5: Etherswitch Router for Cisco Dynamips Part 2
David Bombal
GNS3 switching setup and options Part 6: Etherswitch, Wireshark, 802.1Q, InterVLAN routing
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 1: GNS3 Switching Part 7
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 2: GNS3 Switching Part 8
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 3: GNS3 Switching Part 9
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 4: GNS3 Switching Part 10
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 5: GNS3 Switching Part 11
David Bombal
GNS3 Nexus (NX-OSv) switch setup and configuration Part 1: GNS3 switching options Part 12
David Bombal
GNS3 Nexus (NX-OSv) switch setup and configuration Part 2: GNS3 switching options Part 13
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 6: GNS3 Switching Part 14
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 7: GNS3 Switching Part 15
David Bombal
GNS3 Cisco CSR 1000v setup and configuration Part 1: GNS3 NFV
David Bombal
GNS3 Cisco CSR 1000v setup and configuration Part 2: GNS3 NFV
David Bombal
GNS3 Talks: Use the NAT node to connect GNS3 to the Internet easily!
David Bombal
GNS3 Talks: GNS3 2.0 RC1 is now available
David Bombal
GNS3 Talks: GNS3 2.0 Portable Projects - easily export and import GNS3 projects
David Bombal
GNS3 Talks: Multiple clients sharing projects in real time, plus console session shadowing!
David Bombal
CCNA #035 NAT Troubleshooting Scenario 1 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
CCNA #036 NAT Troubleshooting Scenario 2 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
GNS3 Talks: ESXi, GNS3 VM and KVM support Part 1: leverage servers and the cloud
David Bombal
CCNA #037 OSPF Troubleshooting - can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
GNS3 Talks: ESXi, GNS3 VM and KVM support Part 2: leverage servers and the cloud
David Bombal
CCNA #038 NAT Troubleshooting Scenario 3 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
CCNA #039 - OSPF DR, BR and DROTHER Election - do you know the answers?
David Bombal
CCNA #040 NAT Troubleshooting Scenario 4 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
GNS3 Talks: Arista vEOS GNS3 import and configuration Part 1
David Bombal
CCNA #041 - OSPF DR, BR and DROTHER Election - do you know the answers?
David Bombal
GNS3 Talks: Arista vEOS GNS3 import and configuration Part 2
David Bombal
GNS3 Talks: ipterm: Linux, Docker, Python, SDN and more! Part 1
David Bombal
More on: Security Basics
View skill →Related Reads
📰
📰
📰
📰
This Free Tool Showed Me A Company’s Deleted API Keys From 2019
Medium · Cybersecurity
I Found 400 Hidden Subdomains On My First Target Using One Free Tool
Medium · Cybersecurity
Crypto Market Faces Security Risks Amidst Growing Adoption and Innovation
Dev.to AI
Blinding the State Informant: How Axiom Shield Weaponizes Client-Side Sandboxing Against EU Chat Control
Dev.to · AXIOM
Chapters (19)
Coming Up
0:46
Sponsored Section
1:08
Introducing Sec-100
4:11
The Structure of Sec-100
6:43
Crowdstrike Failure
8:20
Style of Sec-100 Exam
11:08
Finding your Place in Cybersecurity
13:23
Learning General Skills
14:35
Can I Start with SEC-100?
15:55
Breaking Down the Course Material
18:45
No Prior Cyber Skills Needed
21:24
Can I Get a Job with SEC-100?
22:38
The Length and Structure of the Exam
24:16
Can I Retake the Exam
25:17
Jobs to get with SEC-100
27:55
AI in SEC-100
30:24
Hands-On Learning
31:37
SEC-100 Price and Giveaways
32:15
Conclusion
🎓
Tutor Explanation
DeepCamp AI