How Does This Sound's Journal

[CDR]

My goal by the end of the summer is to build a bug tracker written in Python with a corresponding database + log-in/authorization. I'm going to log my own bugs while I'm building the actual bug tracker. I plan to have that as my first "portfolio-worthy" project that isn't a toy like a calculator or hangman program.

This is great, it will help you learn a lot + you'll have your first project for Github/Gitlab!

I just downloaded Ross's book for $1 USD on his site, thanks for the recommendation, he's a beast and has one hell of a background!

I finished the book yesterday, I can highly recommend it for the $1 USD price tag!

It may be small, but I minimized my cell plan from $65 down to $15 a month because I only need 2.5GB of data per month. I'm paying $500 a month in rent at the moment and will continue to look at ways to cut back so I can put more money down on my balance!

That's $600/Year you saved? Or am I bad a math, I just woke up That's one month's rent + groceries!

RE: White Belt's cert suggestions. As they mentioned, local job listings (or job listing of wherever you want to live) are the answer to the question "What certs should I get?". There are also some other considerations (excluding knowledge/learning). I got the A+ and Net+ because I do not have a BA in Computer Science or Cybersecurity. The certs along with my current and past work experiences tied nicely together into a coherent story I could sell to HR and hiring managers. I was also on a time crunch, I wanted to leave my current field of work/job before a particular date, and knowing that most cyber security jobs are not at the entry level, I needed a more traditional IT job as a base.

As far as my technical interview went. Every single technical question they asked me was something the A+ and/or the Network+ went over. So for me the return on investment for the A+ and Network+ was fantastic. However, you should consider your own situation and what you might need.

There is also nothing wrong with doubling down on your learning. Going through all the Sec+ material without writing the cert could still be advantageous to you, it may augment your school's curriculum. Or your time might be better spent learning adjacent IT fields or tech! All these Cybersecurity YouTube personalities repeat a similar mantra of "There are many ways to get into the field". I've been reading The Pentesters Blueprint, which about starting in the field. Not sure if I can recommend it yet though, it's quite small and very repetitive. Maybe a book to check out from the library and skim!

[Nomad]

It is a great idea to start one of these blogs at a young age just so that the objectives are clearly outlined. I think a motivated person with the right mindset can get to LeanFIRE or FIRE in 5-10 years without undue stresss, I just wish I started things earlier.

[How-DoesThisSound]

It is a great idea to start one of these blogs at a young age just so that the objectives are clearly outlined. I think a motivated person with the right mindset can get to LeanFIRE or FIRE in 5-10 years without undue stresss, I just wish I started things earlier.

My thing is I'd love to have the comfort/assurance 5 years from now when I'm 30 that I don't have to work anywhere that isn't congruent with interests and values. Securing LeanFIRE to me, should be thought how normal folks think of a 3-6 month emergency fund. Being independent of "the system" is a huge leg up. Winning the game of financial independence is just a buffer. In my mind, it will provide space to live life on my own terms. So many people, young & old dream about this and never achieve it.

It will be fun to look back on this blog and see how my ideas change(d) and what forces shaped them. I'm going to enjoy the journey of paying down my debt, so that I can mold things to pull off LeanFire : )

Thanks for commenting Nomad!

[How-DoesThisSound]

This is great, it will help you learn a lot + you'll have your first project for Github/Gitlab!


I finished the book yesterday, I can highly recommend it for the $1 USD price tag!


That's $600/Year you saved? Or am I bad a math, I just woke up That's one month's rent + groceries!

RE: White Belt's cert suggestions. As they mentioned, local job listings (or job listing of wherever you want to live) are the answer to the question "What certs should I get?". There are also some other considerations (excluding knowledge/learning). I got the A+ and Net+ because I do not have a BA in Computer Science or Cybersecurity. The certs along with my current and past work experiences tied nicely together into a coherent story I could sell to HR and hiring managers. I was also on a time crunch, I wanted to leave my current field of work/job before a particular date, and knowing that most cyber security jobs are not at the entry level, I needed a more traditional IT job as a base.

As far as my technical interview went. Every single technical question they asked me was something the A+ and/or the Network+ went over. So for me the return on investment for the A+ and Network+ was fantastic. However, you should consider your own situation and what you might need.

There is also nothing wrong with doubling down on your learning. Going through all the Sec+ material without writing the cert could still be advantageous to you, it may augment your school's curriculum. Or your time might be better spent learning adjacent IT fields or tech! All these Cybersecurity YouTube personalities repeat a similar mantra of "There are many ways to get into the field". I've been reading The Pentesters Blueprint, which about starting in the field. Not sure if I can recommend it yet though, it's quite small and very repetitive. Maybe a book to check out from the library and skim!

Sorry, I get how that is confusing. Let me clear that up.

Monthly Expenses:
Rent = $500
Phone: $15
Groceries/Food: About $100 - $200 (depending on how much I eat out)
Internet: Free
CC Payment: $1000 - $1,500 (Sometimes more depending on if I do more manual labor side jobs with my family)
Misc Spending: Varies. I need to get better about tracking this because I fear it could be quite high!
[Total:/b] $1,800 - $2,200

Monthly Income:
BAH from my Post 9/11 G.I. Bill: A tad under $3000
Book Stipend: $125/month (this is good for 2 semesters of uni. . basically 8 months of $125) Whatever I don't spend, I end up keeping.
Manual Labor Side Jobs: $500 - $600
[Total:/b] $3,500 - $3,700

[How-DoesThisSound]

I think CEH is a money grab, but if you see job listings that require it then it might still be worth getting. What you will find is there is a distinction between management and technical/engineer roles in cyber security so there are certs that tailor to each. If you want to do a hands on keyboard technical role, then focus on certs that cater to that. For example, to me things like CEH and CISSP cater more towards those on a management path. But what matters most for certs is what job listings you want are asking for.

I’ve heard good things about CySA+, PenTest+, and OSCP for hacking but that isn’t my area of expertise and I know it will also depend on if you’re trying to work on the red team or blue team side. If you’re looking at gov’t jobs, figure out which certs are required for certain roles: https://public.cyber.mil/cw/cwmp/dod-ap ... fications/

Expect more technical questions in interviews for technical roles. That’s where your experience working on projects of your own volition, your home lab setup, etc are going to come into play. Expect management roles to focus more on your experience working in group settings and leading others.

Upon further reading, it seems I should decide which path I'd like to build my chops in (Developer vs SysAdmin vs Security Analyst) before I try to get into pen testing. I think I made the common mistake of thinking someone could get into pen-testing at the entry-level. I think I have a lot of unknown unknowns that I won't be able to clear up until I go down a path. This piggybacks of your idea of potentially getting Sec+ & CCNA to be flexible.

For where I'm at now:

• I enjoy learning about Linux + BASH shell scripting and have been a noob Debian desktop user for a couple of years

• I just started a BS in Cybersecurity program at Thomas Edison State University

• I find privacy, security, and the concept of Free Software fascinating

• The idea of being a tech renaissance man is appealing but I'm afraid the tech industry is a bit too broad for that

This takes me back to the question: What do I want to do?
My knowledge is probably insufficient at this point to choose between being a

• App Developer (Desktop or Mobile)

• Embedded Systems Engineer

• Blue or Red Teamer

• Web Developer

• Network Engineer

Naturally, there are many differences between just a few of the roles mentioned above. Obviously the more I make at said role, at said company, the faster I can hit LeanFire (I'll pin down that number when I'm out of the hole). I also owe it to myself to find a balance between having an interest in the work and earning a living while doing it : )

My plan to figure this out is to develop my breadth of knowledge while the Department of Veteran's Affairs pays me to attend this program for the next couple of years. Not to mention they will pay for the following certifications: Linux+, Linux Essentials, Network +, Security +, Cloud+, CEH, and CCNA. In theory, if I took the exams and passed all of those not only would I have those paid for by the VA but it would give me 21 credits towards my degree.

[white belt]

Yes, that was what I was trying to get at. Another great option is to try to get an internship and some hands on experience. If it’s at least a medium sized company then you will get to understand and see firsthand the roles of the service desk, system engineers, network engineers, developers, and so on. From there you can focus your efforts more on one particular specialization aligned with your interests, but for now I’d keep things broad since it’s all new.

[How-DoesThisSound]

Yes, that was what I was trying to get at. Another great option is to try to get an internship and some hands on experience. If it’s at least a medium sized company then you will get to understand and see firsthand the roles of the service desk, system engineers, network engineers, developers, and so on. From there you can focus your efforts more on one particular specialization aligned with your interests, but for now I’d keep things broad since it’s all new.

I will take your advice and keep my eye out for paid summer internships. Maybe this could even help mold which certs I get first. Thanks again for your input, it's been a big help so far. I'll let you know how things progress!

[How-DoesThisSound]

Tricking: You could say it's a combo of breakdancing, taekwondo, gymnastics, etc and there may be some truth/overlap in that but really it's its own animal. There are no referees or judges. If I'm feeling cheesy, I might admit it's one of the purest representations of physical ability and very economical in terms of space + resources needed. If this is too abstract just peep the video below and you'll have a decent idea of what one of the greatest trickers in the world looks like (by my estimation).

I don't know why I hadn't acted on this sooner (I've known about this discipline since 2007-ish) but it's better late than never : )
I find this discipline an elegant answer to the question, "What do we do with all of the empty space?"

Going forward it is going to be my mission to acquire the following tricks:

1) Backflip
2) Frontflip
3) Sideflip
4) Aerial
5) Double leg
6) Butterfly kick
7) Butterfly twist
8) Tornado kick
9) 540 kick
10) Kip-up
*Bonus* Au-Batido

I'm not going to add any constraints to my tricking practice, I plan on enjoying my time to practice to the fullest! Also, by small chance anyone on here is an OG and knows what's up. . my favorite trick is Raiz.

Here is a killer site from back in the day, whose certificates have probably expired but is otherwise still functioning if you want to see what tricking is about in GIF-form: www.club540.com/tricktionary/
Here is a solid sampler of tricking excellence for your viewing pleasure: https://www.youtube.com/watch?v=TnGF1u3J69Y
If you want to see the now-defunct grandaddy check out www.tricktutorials.com/