So far, I’ve completed an Associates in Cyber Security. During my college program, I also became very interested in the Linux world and have also installed FreeBSD.
I also did security related study and exercises within a designated college lab. I have done some amateur hacks including a DDOS against my class room as a demonstration. I have also done a DNS spoof. I would be happy if all I manage to do is become a System or Network Admin, but I come coming back to exploring security.
As the other thread mentioned, I’m running into the “experience required” wall. For now, I’m prepared to work a mundane retail job part-time while trying to build up my portfolio. I would like some feedback on how a person with an Associates should proceed.
I do have a few initial steps in mind:
- I have one Desktop PC I would like to be my Target and a Laptop I can use to run Kali Linux or maybe Black Arch. The Target PC could be running Debian, Ubuntu, or CentOS and running common server applications. Possibly even intentionally vulnerable services like WebGoat or Metasploitable.
- I have a general idea of how to make a Bash Shell script, but I feel I need to learn a real programming language like Python.
Longer term, I’m interested in how I may proceed with Certifications. Would Offensive Security be the way to go?
Should I try to do work on the side as a freelancer or maybe on sites like Odesk to get experience?