The initial few topics cover modules I completed through Hack the Box, where I learned the fundamentals of networking, information security, and vulnerability assessment. These modules took 7 hours to complete.
This module introduces essential networking concepts for IT professionals, covering:
- IPv4 and IPv6 addressing
- Internet structure and design
- Common network topologies
- The role and function of proxies
- Internet communication models
- Differences between the OSI and TCP/IP models
It provides a foundational understanding of how networks operate and communicate.
This module offers a comprehensive overview of InfoSec principles and practices, designed to help professionals protect organizational assets, reduce risks, and effectively respond to evolving cyber threats. It provides foundational and strategic insights into building and managing a secure enterprise environment.
Key Topics Covered:
- Structure of InfoSec:
Understanding the framework and layers of information security, including governance, policies, and controls that form the foundation of a security program. - Security Implementations:
Overview of practical security measures such as firewalls, encryption, access controls, and network security tools used to protect systems and data. - Threats:
Identification and analysis of various cyber threats including malware, phishing, insider threats, and advanced persistent threats (APTs). - Security Teams:
Roles and responsibilities of security teams, including blue teams (defense), red teams (offense), and purple teams (collaborative). - Roles:
Breakdown of InfoSec job functions such as Security Analyst, CISO, Incident Responder, and Security Architect, and their importance in an organization’s security posture.
Conclusion:
This module lays the groundwork for understanding how InfoSec operates within organizations, enabling professionals to design, implement, and manage effective security strategies.
Vulnerability Management Overview:
Vulnerability management is crucial for maintaining the security of both internal and external networks by identifying exposed services and potential weaknesses. It involves several key components:
- Compliance maintenance
- Risk assessment using risk matrices
- Use of automated vulnerability scanning tools
Key Points Covered in This Module:
- Difference Between Vulnerability Assessments and Penetration Tests:
Vulnerability assessments identify and report potential security issues, while penetration tests simulate real world attacks to exploit vulnerabilities and assess actual risk. - Vulnerability Scoring Systems:
These systems, like CVSS (Common Vulnerability Scoring System), help prioritize vulnerabilities based on their severity and potential impact. - Reporting Vulnerability Assessment Findings:
How to document and communicate vulnerabilities, including severity, impact, and remediation recommendations. - Installation and Usage of Common Tools – Nessus & OpenVAS:
Overview of setting up, configuring, and running scans using two popular vulnerability scanners:- Nessus – Offers both free and paid versions.
- OpenVAS – An open-source alternative with community and professional support.
Conclusion:
While vulnerability scanning is not a substitute for hands-on penetration testing, it is a vital component of a strong cybersecurity program.
Below is a lab that Hack the Box offers, which is an amazing tool for an introduction to a career in cybersecurity. I hope to do a lot more of these in the future. This lab took 1-2 hours to complete.
This Sherlock scenario introduces the basics of investigating Unix systems using auth.log and wtmp logs. The case involves a Confluence server compromised via SSH brute force attack. Once access is gained, the attacker performs further actions on the system. The investigation focuses on:
- Auth.log: Primarily used to detect brute force attempts, but also valuable for tracing:
- Login events
- Privilege escalation
- Persistence mechanisms
- Command execution visibility
- Wtmp: Used to analyze user login history and session details.
Goal: Understand how to trace an attacker’s activity from initial access through to post-exploitation using Unix log artifacts.
https://labs.hackthebox.com/achievement/sherlock/2443978/631
I’m sharing these modules and labs as evidence of my understanding of the concepts. I’m excited to complete many more labs and modules on Hack the Box in the future. Thank you for taking the time to read my blog about my journey into cybersecurity!
Danny Bruce Blog 
Leave a comment