1
00:00:00,790 --> 00:00:08,500
All right, let us have a look at the different rules in cybersecurity, because before you move ahead

2
00:00:08,500 --> 00:00:14,700
with the actual cybersecurity, you should have the knowledge of different rules in this field.

3
00:00:14,950 --> 00:00:18,910
So the first thing is penetration test penetration.

4
00:00:18,910 --> 00:00:26,140
Testers help the business and the organizations identify the security weaknesses in that information

5
00:00:26,140 --> 00:00:31,990
systems network which affect their digital assets and the computer networks.

6
00:00:32,680 --> 00:00:39,640
Some hold in-house positions with permanent employees functioning as a part of internal cybersecurity

7
00:00:39,640 --> 00:00:41,140
or information technology.

8
00:00:41,770 --> 00:00:48,370
Others walk specialized firms to provide penetration testing services, as I had mentioned in the previous

9
00:00:48,370 --> 00:00:48,910
lectures.

10
00:00:50,380 --> 00:00:57,070
Now, the industries that deal with high volumes of sensitive, personal, classified or proprietary

11
00:00:57,070 --> 00:01:02,770
information tend to bring penetration, bestows on high demand on high numbers.

12
00:01:03,610 --> 00:01:11,290
Some employers place on more emphasis on the candidate's knowledge and experience than their formal

13
00:01:11,290 --> 00:01:12,520
education background.

14
00:01:12,880 --> 00:01:20,380
That is why I always press on the line that knowledge is more important than finishing the course or

15
00:01:20,380 --> 00:01:21,550
having a certification.

16
00:01:22,570 --> 00:01:29,500
According to the Bureau of Labor Statistics, the average salary of information security analysts or

17
00:01:29,510 --> 00:01:38,860
vendors BASTOS between 2018 and 2019 is around one hundred thousand dollars per year in the United States.

18
00:01:39,220 --> 00:01:47,470
Again, this number is subject to change with many factors like expedients, the profile, knowledge,

19
00:01:47,620 --> 00:01:49,910
degree and certification.

20
00:01:51,010 --> 00:02:00,160
So what actually, penetration testing or penetration testers require that they require a solid understanding

21
00:02:00,160 --> 00:02:09,340
of networking and most of the employers prefer those candidates who at least have some basic knowledge

22
00:02:09,340 --> 00:02:17,140
of computer networks, because unless you have the knowledge of computer networks, you won't be able

23
00:02:17,410 --> 00:02:20,230
to crack the network systems.

24
00:02:21,900 --> 00:02:29,850
Then programming language or scripting or coding is very important, as it does with good working knowledge

25
00:02:29,850 --> 00:02:37,800
of scripting and coding can save a great deal of time on individual assessments, thus, therefore,

26
00:02:37,800 --> 00:02:42,870
a great value to their employees command of the operating system.

27
00:02:43,110 --> 00:02:44,010
That's right.

28
00:02:44,640 --> 00:02:52,470
You might have heard that most of the penetration testers use Linux as an operating system and therefore

29
00:02:52,680 --> 00:02:58,020
penetration testing professionals need the advanced knowledge of the operating systems.

30
00:02:58,320 --> 00:03:02,810
The attempt to hack or breach in conducting their assessments.

31
00:03:03,240 --> 00:03:07,230
Mostly Windows operating system is used by many organizations.

32
00:03:07,230 --> 00:03:13,320
But in order to get into the Windows operating system, Carleo operating system on the Linux operating

33
00:03:13,320 --> 00:03:14,840
system is helpful.

34
00:03:16,220 --> 00:03:21,630
Teamwork and desire to learn is also very important.

35
00:03:21,920 --> 00:03:29,390
Now, hackers and cyber criminals constantly change their strategies and tactics and technology that

36
00:03:29,390 --> 00:03:30,740
continually evolves.

37
00:03:31,220 --> 00:03:37,090
So penetration testing professionals need to stay updated on the latest developments.

38
00:03:37,100 --> 00:03:43,040
And that is why people who are keen to learn those candidates, which are always in the learning fees,

39
00:03:43,040 --> 00:03:45,860
are preferred by the employers.

40
00:03:46,740 --> 00:03:50,940
And lastly, the report writing and verbal communication.

41
00:03:51,500 --> 00:03:57,860
Now team members must articulate their findings right to whatever you have found out in the assessment

42
00:03:57,860 --> 00:04:04,920
or an interest test you should be able to note down so that the upper management should be able to understand

43
00:04:04,920 --> 00:04:05,010
it.

44
00:04:05,360 --> 00:04:11,300
For example, if you are a penetration tester working for my organization and I'm the upper management

45
00:04:11,690 --> 00:04:16,820
being the upper management, I am these qualified, I am Cesme qualified, iso qualified.

46
00:04:17,120 --> 00:04:22,940
Now, I don't know how you have executed The Exorcist clearly, but I do know what Nexuses is.

47
00:04:23,240 --> 00:04:24,890
But I don't know what Python is.

48
00:04:24,890 --> 00:04:26,060
I don't know how to code.

49
00:04:26,420 --> 00:04:34,010
So you should be able to write the report in such a way that I can understand what exactly is the vulnerability?

50
00:04:34,400 --> 00:04:38,180
What is the root cause of the vulnerability and what impact.

51
00:04:38,180 --> 00:04:40,880
And this one really having my organization.

52
00:04:41,300 --> 00:04:44,270
And that is why strong writing skills.

53
00:04:44,270 --> 00:04:46,820
So penetration testing professionals?

54
00:04:46,820 --> 00:04:53,930
Well, because their duties include producing a lot of reports so that the upper management can understand.

55
00:04:55,370 --> 00:04:57,410
So this was full penetration testing.

56
00:04:58,470 --> 00:05:05,010
Ben Testa's spend most of their time conducting the assessment and running tests now, these duties

57
00:05:05,010 --> 00:05:11,370
may target internal or external assets and ESTOS can work both on site and remotely.

58
00:05:12,790 --> 00:05:19,240
So if you have if you want to know about a day in the life of a protester, so generally during the

59
00:05:19,240 --> 00:05:25,810
morning, the test vote, all the testing team decides on a strategy for the project at hand and sets

60
00:05:25,810 --> 00:05:26,830
up the required tools.

61
00:05:27,280 --> 00:05:35,290
In some cases, this involves rounding up of what profesional calls as open source intelligence or Sindy.

62
00:05:35,890 --> 00:05:38,710
In the afternoon, themes carry out the tests.

63
00:05:38,710 --> 00:05:44,950
They spent the morning designing the tests and then sometimes subdivide into smaller groups, with one

64
00:05:44,950 --> 00:05:53,840
group playing the role of how hostile hackers and others playing the duties of internal people thus

65
00:05:54,490 --> 00:05:54,630
test.

66
00:05:54,730 --> 00:06:00,220
Those requirements involve many different responsibilities out of which we have discussed the important

67
00:06:00,220 --> 00:06:00,880
skills.

68
00:06:01,340 --> 00:06:07,020
Again, I'm telling you, the salary may change, so don't come running to me that you said I will get

69
00:06:07,030 --> 00:06:08,440
a hundred thousand dollar salary.

70
00:06:08,740 --> 00:06:09,720
It's not like that.

71
00:06:09,720 --> 00:06:11,770
It depends upon different factors.

72
00:06:12,160 --> 00:06:12,690
All right.

73
00:06:13,300 --> 00:06:17,740
In the next lecture, we'll talk about information security analyst.