Level 2 -- The BEGINNER
Mic Merritt
AI Security Innovator | Offensive Security Leader | Educator | The Cyber Hammer ??
Ok, so you mastered all the Level 1 -- The Noob stuff? Not sure, don't know what that is -- go there first: https://www.dhirubhai.net/pulse/level-1-noob-mic-merritt-/
Now that you're feeling confident with your foundational skills, let's build on. We're going to deep dive into networking and add in some packet analysis, revisit virtualization and VMs, and venture into some beginner security concepts. I recommend working from the top down, but hey as always -- you do you!
Level 2 -- The Beginner
1) Deeper Networking
Understanding how systems communicate is one of the most critical skills you can have in cybersecurity. Solving problems and investigating incidents often involves "tracing a packet". Breaking into systems usually requires you to first find a port, protocol, or service to exploit. All of this requires an understanding of networking, and the deeper your knowledge the more capable you'll become. Let's enhance what you've already learned and add-on some hands-on practice in Cisco Packet Tracer...with Networking Essentials: https://www.netacad.com/courses/networking/networking-essentials
2) Packet Analysis
Intercepting and logging traffic is a fundamental skill for most cybersecurity professionals. There are many tools that can help you analyze packets known as packet analyzers and packet sniffers. One of the most common of these is Wireshark. So getting some hands-on with Wireshark is next up in our cybersecurity adventure.?
a) Go straight to the source. Here you can download the tool, review the user documentation, and get some starting videos: https://www.wireshark.org/
b) Learn how to analyze network protocols with Wireshark. Don't have a Pluralsight subscription, just sign up for the 10-day free trial to do this course: https://www.pluralsight.com/courses/wireshark-analyzing-network-protocols?exp=3
c) Add to your Library. I'm partial to adding select physical books to my personal library and I recommend you consider growing your own library as well. If you can afford to purchase a Wireshark book, there's a few worth picking up on this list (I'm partial to "Practical Packet Analysis" and "Wireshark 101":?https://bookauthority.org/books/best-wireshark-books
However, my goal is to keep everything in this article free. So, check your local library, ask around work, use O'Reilly if you have it.
d) I can't mention Wireshark without also mentioning tcpdump. It's powerful, simple, and all on the command-line. It's my go-to network analysis tool. Here's a great website to walk through tcpdump: https://danielmiessler.com/study/tcpdump/
3) Virtualization
At this point, we need hands-on with various tools you're learning. There's no better way to do that then to build your own system. In most cases, you're going to want to do this via a VM -- though you can totally drop Kali on an old laptop you have lying around as your primary OS should you choose to, you do you. I do recommend Kali at this stage of your learning as it's easy to get help if you get stuck and it's common among newcomers. Yet, Kali is not your only option. You could also consider a Ubuntu system with just the tools you want or even ParrotOS. For now, I wouldn't venture too far into all the various Linux distros or custom builds, Kali is a solid starting system. Here's all the ways you can install it: https://www.kali.org/docs/virtualization/
Need more help, you can never go wrong following the advice of Network Chuck: https://www.youtube.com/watch?v=wX75Z-4MEoM
领英推荐
4) Introducing Cybersecurity
It's very difficult to find free training in this area. I used to recommend INE's Penetration Testing Student course, but now they too want their money. They still have a great course, and they do offer a 7-day free trial which a few people have managed to leverage. Otherwise, you might need to do some searching to get this content. Here's a couple of places to try, that are typically low cost options with discounts.
5) Get Hands-on Training
Hands-on training is important to building your skills and rounding out your learning. I like the gamified platform of TryHackMe for beginners as it's fun to do and you can instantly see your progress. There's quite a bit of free training available, so start with the free stuff first, but if you can you'll greatly benefit from subscribing. You can start with the pre-security path: https://tryhackme.com/path/outline/presecurity
6) Research and Community
Cybersecurity is a team sport. You'll get much further by surrounding yourself with a community of people that can help and encourage you to keep growing your skills. Obviously, you found this article and hopefully you've already connected with me on LinkedIn -- if not, hello! Send an connection request!
That's it for Level 2 - Beginner. We actually covered a ton of stuff here, a little over 300 hours of training and information for you to dig through. Take your time, dig in, explore. I recommend going back to TryHackMe and exploring more rooms.
Certifications:
If you want, look into some certifications. You don't NEED certifications, but they can be great ways to challenge yourself and prove you've learned something.
Employment:
If you're looking for a job in IT/Cybersecurity and have completed the training outlined in both Level 1 Noob and Level 2 Beginner, your knowledge and skills align to entry-level and beginner roles in Information Technology. Job titles you could search for include:
Next up: Level 3 -- The AMATEUR
DevSecOps & Cloud Computing Enthusiast | 2025 WiCyS Scholar | 2024 Kamala Scholar | GRC | Data Privacy | Business Analyst
2 年Again, thank you so much for sharing your knowledge! Invaluable info ??
Kinda late to the party, but awesome post, thanks for taking the time to put it together!
Project Manager | Driving Economic Growth Through Writing | Industry Engagement Enthusiast | Unofficial LinkedIn Coach | Youth Empowerment Advocate
2 年Good one ?? Especially the approach of free learning in the beginning and getting onto certification is the general approach that could be really helpful to get the enough confidence and get ready for the flight.
Systems Engineer | Linux | Bash | Automation | Git | AL2 | Data Management | Scrum | AGILE | CI/CD | AWS | Problem Solver in cloud infrastructure
2 年This is great, Thank you!
CySA+, Linux+, Security+, Network+, PCEP Certified | Security Enthusiast
3 年What happened to the post? I came back after completing level 1 and level 2 was gone.