From 0 to 120
Day 1-40: OS and Networking Foundations
Objective:
Begin by learning the basics of computer and network hardware, as well as operating systems. This foundation is crucial for understanding how systems work and how to properly examine them during an investigation.
Get CompTIA Network+ Certified
Read:
CompTIA Network+ Study Guide by Todd Lammle
CompTIA Network+ All-in-One Exam Guide by Mike Meyers
Watch:
Enroll in a Network+ course on Udemy or similar platforms. These courses often include video lectures, practice exams, and interactive content to reinforce learning.
How to Pass Your CompTIA N10-009 Network+ Exam
CompTIA Network+ Full Course FREE
Build a PC Using PC PartPicker
Research and Plan:
Use PC PartPicker or a similar website to design a PC. Choose the components based on your needs and budget. Understand the purpose of each part (CPU, GPU, RAM, storage, motherboard, etc.) and why it’s suitable for your build.
Build and Assemble:
If possible, purchase the components and assemble the PC at home. This hands-on experience will deepen your understanding of hardware components and how they interact, which is essential knowledge for digital forensic investigations.
Document:
Write a brief report explaining why you chose each component and how they fit together to create a functioning computer.
Stay Updated on Information Security News
Explore News Sources: Find reputable news websites and podcasts that focus on information security (infosec). Examples include “The CyberWire,” “Security Now,” and “Darknet Diaries.”
Engage Weekly
Listen to at least two infosec podcasts per week to stay informed about the latest trends, threats, and technologies in cybersecurity.
Day 41-80: Introduction to Digital Forensics
Objective:
Focus on learning about digital forensic methodologies and tools. This will involve learning how to properly collect, preserve, and analyze digital evidence.
Get CompTIA Security+ Certified
Study for SEC+: Focus on the CompTIA Security+ certification to understand foundational security concepts, including risk management, cryptography, and network security.
Read:
CompTIA Security+ Study Guide by Todd Lammle
CompTIA Security+ All-in-One Exam Guide by Arthur Conklin
Watch:
CompTIA Security+ Exam Cram Course by Professor Messer: This course provides a comprehensive overview of all the exam topics.
CompTIA Security+ Study Guide by Cybrary: This series of videos covers all the key topics in the Sec+ exam.
Learn Forensic Principles and Tools:
Understand the Order of Volatility: Learn about the order of volatility in digital forensics, which refers to the order in which digital evidence should be collected, based on how quickly it might be altered or lost.
Evidence Preservation Techniques: Study best practices for preserving digital evidence to ensure it remains unaltered and admissible in court.
Get Familiar with Zimmerman Tools: Learn about popular digital forensic tools like FTK Imager and EnCase, often referred to as Zimmerman tools, which are used to collect and analyze digital evidence.
Explore Autopsy:
Gain hands-on experience with Autopsy, an open-source digital forensics tool that helps analyze hard drives and smartphones for evidence.
Understand Process Execution and Persistence: Study how different processes execute and persist on computer systems, which is critical for identifying malicious activities and understanding how they affect systems.
Participate in DFIR Challenges:
Practice Skills: Engage in Digital Forensics and Incident Response (DFIR) challenges online to apply what you’ve learned in simulated scenarios. Websites like CyberDefenders and CyberSecLabs offer such challenges.
Day 81-120: Focus on Incident Response
Objective:
Spend the final phase of the learning path focusing on incident response. This involves learning how to identify, contain, and mitigate cyber threats.
Get CompTIA CySA+ Certified
Study for CySA+: Focus on the CompTIA Cybersecurity Analyst (CySA+) certification, which covers the knowledge needed to detect, respond to, and prevent cybersecurity threats. This certification will build upon your foundational knowledge and introduce you to more advanced concepts in threat management and mitigation.
Read:
CompTIA CYSA+ Study Guide by Mike Chapple
CompTIA CYSA+ All-in-One Exam Guide by Brent Chapman
Watch:
CompTIA CYSA+ Exam Cram Course by Professor Messer: This course provides a comprehensive overview of all the exam topics.
CompTIA CYSA+ Study Guide by Cybrary: This series of videos covers all the key topics in the CYSA+ exam.
Build your own lab
Build a SIEM/SOC at Home:
Use your PC to set up a Security Information and Event Management (SIEM) system or a Security Operations Center (SOC) at home. This will provide hands-on experience with tools like Splunk, ELK Stack, or Graylog, which are commonly used in professional environments to monitor and analyze security events.
Develop Soft Skills:
Soft skills are vital for cybersecurity professionals to effectively communicate and solve problems. These skills are not only important for internal team dynamics but also for interacting with stakeholders and clients.
Read:
“Crucial Conversations: Tools for Talking When Stakes Are High” by Kerry Patterson, Joseph Grenny, Ron McMillan, and Al Switzler
“Thinking, Fast and Slow” by Daniel Kahneman
“Emotional Intelligence 2.0” by Travis Bradberry and Jean Greaves
Watch:
Effective Communication Skills by Marcus Alexander Velazquez
Problem Solving Techniques by Tony Robbins
Skepticism: Why critical thinking makes you smarter by Big Think
Public Speaking: How to make an audience love you in 90 seconds by Charisma on Command
The secret to being more likable by Better Ideas
Cultivate a Security Mindset:
Developing a security mindset involves learning to think like an attacker to better anticipate potential threats and vulnerabilities. It requires a proactive and analytical approach to cybersecurity.
Read:
“The Art of Deception: Controlling the Human Element of Security” by Kevin D. Mitnick
“How to Measure Anything in Cybersecurity Risk” by Douglas W. Hubbard and Richard Seiersen
“Threat Modeling: Designing for Security” by Adam Shostack
Watch:
Getting Started with Software Threat Modeling: Lessons Learned by Security Compass
2017 – Threat Modeling For Secure Software Design by LASCON
Cyberattacks on Education: How to Strengthen Identity Security by Semperis
Cybersecurity Trends by IBM Technology