Technical Security Skills

Technical skills is one of the most important aspects of information security.  To secure information systems, you need to understand information systems.

In our experience, you don't need to understand everything, but you certainly need to know how systems work.

We are actively working to provide more technical security training.  For now, here are 4 areas of interest for technical security skills.

#1.  TCP/IP Communications

TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic communication language or protocol of the Internet. - TechTarget

In our opinion, understanding TCP/IP is the MOST important technical security skill.  Networking, software, hacking skills ALL rely on communications.  Software applications, databases, and operating systems ALL have to communicate in order to create an information system.

TCP/IP is the most common and widely used means to communication over an internet, intranet, or extranet.  Understanding how that works is key to proper security for your system.

Read this article to learn more about TCP/IP.

Want to know what some of the common ports like HTTP, SSL, or SSH?  Read this article.

#2.  Information Technology Operations

"IT operations determine the way an organization manages software and hardware and includes other IT support, such as network administration, device management, mobile contracting and help desks of all kinds." - Tech Target

In security, it's incredibly important to understand IT operations.  Key areas like hardware, software, virtualization/cloud, and many others.  How all of these things are deployed, used, and managed is critical to security.  It allows you to identify and keep track of potential threats and impacts.

Here are a few resources that will help with IT operations.

IT Operations Article

#3.  Threats, Vulnerabilities, and Attacks

There are all kind of Threats, Vulnerabilities and Attacks (TVA) to information systems.  They 're never ending.

The most popular attacks are basic attacks like Denial of Service (DOS), social engineering, and SQL injection.  Because they are effective in getting results.

Here are a few articles we recommend to get familiar with the common TVAs.  The point is not to know how to attack, but defend against TVA.

Read this article from Cisco Systems on the most common threats.

Want to search for known vulnerabilities in any of your products?  Use CVE 

 

#4.  Secure Configuration

Secure configuration, or security hardening, is the art of ensuring your information system.  This is how you create a standard information system baseline to protect against #3, TVAs.

Security hardening can be done in so many different ways.  Every system is unique is some regard, and that requires a unique setting.

Most vendors have security guides for their products.  You can always refer to those.  Here are a few different resources we recommend for your security hardening needs.

Center for Internet Security (CIS) Benchmarks

DISA Security Technical Implementation Guides (STIG)

We're actively working on technical security training.  We have courses, videos, and articles about all of the information above coming soon.  Click the button below to sign up for instant access to new learning materials when they're available.

GET UPDATES

Get Updates

IMPORTANT: Complete the form below for instant access to FREE training and upcoming training dates.  We’ll keep you up to date on any technical training as well.

We value your privacy. No SPAM and no other commitments. Seriously!