Information Security Core Knowledge
Every so often, I get asked by someone who wants to get into the InfoSec field, what is at the core of knowledge that is needed. Now I know a lot of people have a lot of different answers to this question, but I think there are some things that are important, that are easier to attain. These aren’t particular things to memorize, there are more skills that you need, to work effectively in the security field.
- Reading CVEs: Most of what I do, when I hear about a new vulnerability, is immediately look at the CVE for it and understand CVSS and understand how the applies to my environments (both personal and business).
- Understand Threat, Vulnerability, and Risk: A threat is what we’re trying to protect against could be something like a DDOS or an actor. A Vulnerability is a weakness in software or hardware that can be exploited by threats to gain unauthorized access to an asset. Risk is The potential for loss, damage, or destruction of an asset as a result of a threat exploiting a vulnerability
- Understanding of Networking: While you don’t need to be an expert in networking, I come across subnetting, CIDR, IPv4, IPv6 (in some networks), and ports. These are things that I have to view multiple times a week and quickly identify
- NMap: This is a tool, that I thought I fully knew until I started working in Information security, I started to heavily utilize the tool, and learned that I used a fraction of it. It’s an important reconnaissance tool, that you should use to make sure you know what is on your network and what is open.
As you can see, these skills are something that people can learn, and before you get into the InfoSec field, take some time to start learning these skills. It doesn’t have to be if you want to get into InfoSec, this is stuff you should look at for any IT job.