WEBVTT 00:07.220 --> 00:10.790 In this episode, we're going to cover the wonderful world of programming languages. 00:10.820 --> 00:13.190 Now, I've got some really great news for you. 00:13.190 --> 00:16.160 You do not need to be a programmer to pass the CFA exam. 00:16.160 --> 00:20.990 However, you need to know the differences between each programming languages so that you can actually 00:20.990 --> 00:22.010 pass the exam. 00:22.010 --> 00:25.850 So even if you hate programming probably as much as I do, you're okay. 00:25.850 --> 00:27.170 We're going to get through this together. 00:27.170 --> 00:30.950 We're going to hit each of them side by side, one at a time, and we're going to go through them very 00:30.950 --> 00:33.890 clearly and very concisely as we move through. 00:33.920 --> 00:38.840 This exam requires you to understand the differences between the programming languages, but they don't 00:38.870 --> 00:40.640 expect you to learn actual programming. 00:40.640 --> 00:44.060 And this is a good thing, because if you're like me, you hate programming. 00:44.060 --> 00:49.610 Programming languages are essential for customizing and identifying the different aspects within your 00:49.610 --> 00:50.060 network. 00:50.060 --> 00:54.650 From a automated perspective, we can use programming languages for basic scripting. 00:54.650 --> 00:57.050 We can use them for automating different tasks. 00:57.050 --> 01:02.590 We can actually go into the command line interface and change different aspects of our coding as we 01:02.590 --> 01:03.400 move through. 01:03.430 --> 01:06.340 Now, just because we can doesn't mean we always do. 01:06.340 --> 01:10.480 And this is where understanding the programming perspective really comes into play. 01:10.480 --> 01:15.790 Remember, Sisa is looking from a perspective that you understand programming, not that you actually 01:15.790 --> 01:16.660 do the programming. 01:16.660 --> 01:21.490 And this is good from a perspective as an analyst, because as an analyst, you need to understand that 01:21.490 --> 01:26.440 if I've got a problem with a specific software or a web application, that you should understand the 01:26.440 --> 01:32.110 basic principles to go to your developers and say, this isn't working and I need it to do this, I 01:32.110 --> 01:36.250 would look into this specific library or this specific aspect of the program. 01:36.250 --> 01:41.380 You should be able to identify the differences between XML and say, JSON, Python, PowerShell, and 01:41.380 --> 01:47.410 shell Script and have semi-intelligent conversation with your peers when you're discussing programming 01:47.410 --> 01:48.010 languages. 01:48.010 --> 01:51.490 But again, you don't need to program to pass your Sisa exam. 01:51.490 --> 01:56.590 I know this topic makes a lot of people nervous, especially in the IT when they have a background specifically 01:56.590 --> 01:57.100 in it. 01:57.310 --> 02:01.850 I'm telling you right off the bat, you do not need to know programming at an in-depth level to pass 02:01.850 --> 02:06.680 the exam, but you do need to know the differences between the different programming languages as we 02:06.680 --> 02:07.340 move through. 02:07.370 --> 02:11.750 The next one I want to talk about is Extensible Markup Language, or XML. 02:11.780 --> 02:16.730 Extensible Markup Language serves as a markup language for encoding documents in a format readable to 02:16.730 --> 02:22.220 humans and machines like it's used in web development, particularly building in Soap or simple Object 02:22.220 --> 02:23.090 Access Protocol. 02:23.090 --> 02:28.520 Applications and XML documents are structured with elements enclosed in opening and closing tags, making 02:28.520 --> 02:29.660 it easier to read. 02:29.660 --> 02:34.100 This includes attributes which provide additional element information that you may see in the slide 02:34.100 --> 02:35.180 that we provided you. 02:35.210 --> 02:40.190 You can often find XML commonly utilized for exchanging threat intelligence information between various 02:40.190 --> 02:42.830 security tools and platforms like our Siem. 02:42.830 --> 02:48.380 For instance, the Structured Threat Information Expression or Sticks language is relevant representing 02:48.380 --> 02:52.310 and sharing cyber threat intelligence and employs XML for data formatting. 02:52.310 --> 02:58.530 Numerous security tools like Siems and threat information or intelligence platforms rely on XML to represent 02:58.560 --> 03:03.180 an exchange to an intelligence data, and this facilitates a seamless integration of sharing across 03:03.510 --> 03:04.560 diverse systems. 03:04.590 --> 03:08.250 Next is JSON or JavaScript Object Notation. 03:08.250 --> 03:14.220 Now, JSON is a little bit different from XML because it offers simplicity and adaptability, making 03:14.220 --> 03:16.860 it more favored choice in various applications. 03:16.890 --> 03:21.990 JSON encapsulates key value pairs and closes braces, which you can see on our screenshot here. 03:22.020 --> 03:26.820 This provides us values depicted as strings, numbers, arrays, or objects. 03:26.850 --> 03:32.940 JSON doesn't have a formal schema and is structured informally and governed by data models, specifically 03:32.940 --> 03:35.100 with elements, types, and structures. 03:35.130 --> 03:40.980 It plays a significant role in facilitating data exchange and storage across diverse systems and platforms. 03:41.070 --> 03:45.360 Python is perhaps the most notable one that you'll find in cybersecurity. 03:45.390 --> 03:51.810 It's highly versatile programming language, employs widely used for cybersecurity and scripting automation, 03:51.810 --> 03:53.850 data analysis, and machine learning. 03:53.880 --> 03:59.560 You should understand Python, insomuch that it goes through the processes of programming by providing 03:59.560 --> 04:04.930 a very lightweight structure, meaning that it's easy to program in Python than it is, say, in Java 04:04.930 --> 04:07.930 or C, or pretty much any other language out there. 04:07.960 --> 04:12.850 Python finds extensible use in vulnerability scanning, malware analysis, network reconnaissance, 04:12.850 --> 04:16.780 web application penetration testing, and, of course, data analysis. 04:16.810 --> 04:22.780 It's rich for set for built in libraries like requests and beautiful shop facilitates automation and 04:22.780 --> 04:24.910 data retrieval for diverse sources. 04:24.940 --> 04:29.920 As a cyber security analyst, you should understand Python probably more in depth level than you understand 04:29.920 --> 04:34.540 the other ones, and if you don't, I'd recommend taking a course on it when possible. 04:34.570 --> 04:40.810 Python is somewhat easy to learn and provides us a really abundant use of different programming in a 04:40.810 --> 04:45.190 language that is sometimes easier to use than a lot of the other programming that we see available. 04:45.220 --> 04:46.960 Next, I want to talk about PowerShell. 04:46.990 --> 04:51.880 This was developed by Microsoft as an object oriented scripting language designed for automating and 04:51.880 --> 04:53.410 managing a windows environment. 04:53.440 --> 04:59.720 We can see PowerShell not just on windows environment, but most notably in new Windows or Linux environments 04:59.720 --> 05:04.760 as well as they start to move forward with the idea that PowerShell is something that we should see 05:04.790 --> 05:07.730 or utilize on the world of cybersecurity. 05:07.760 --> 05:13.730 PowerShell facilitates various tasks like system administration, network configuration, and task automation. 05:13.760 --> 05:18.380 A key strength of PowerShell is the seamless integration with the windows operating system, allowing 05:18.380 --> 05:23.300 for an interaction with the system components like the registry, file system, and network. 05:23.330 --> 05:26.300 PowerShell scripts can also engage in Com objects or. 05:26.330 --> 05:31.610 Net classes or even other PowerShell scripts, making it somewhat versatile for both administrators, 05:31.610 --> 05:33.230 but attackers as well. 05:33.230 --> 05:37.910 In the Unix or Linux environment, we often can see something called a shell script. 05:37.940 --> 05:42.590 Now, shell scripting involves creating scripts using command line shells like bash, tailored for the 05:42.590 --> 05:45.110 execution of the operating system. 05:45.110 --> 05:49.910 These scripts are streamlined for repetitive tasks such as system maintenance, file manipulation, 05:49.910 --> 05:51.560 and process control. 05:51.560 --> 05:55.390 As you're reading through this slide, I want you to pay attention to the fact that the very top left 05:55.390 --> 05:58.210 hand side you can see bin bash on there. 05:58.210 --> 06:02.380 This is indicative of a Linux bash or shell script. 06:02.410 --> 06:09.280 Don't worry, you might actually see a question on your CSA that makes you identify the type of programming 06:09.280 --> 06:09.940 available. 06:09.940 --> 06:10.870 And this aspect. 06:10.870 --> 06:14.290 If you just look at the top left and you see bash, that's the answer. 06:14.290 --> 06:15.700 It's shell scripting. 06:15.730 --> 06:18.550 Finally there's regex or regular expressions. 06:18.550 --> 06:24.490 This is common as they serve as a text processing and facilitating the search of specific patterns within 06:24.490 --> 06:27.310 data sets like log files or network traffic. 06:27.310 --> 06:33.520 We can use that to analyze efficiently and extract pertinent information ranging from IP addresses to 06:33.550 --> 06:37.930 URLs, and they enable identification of potential security threats and incidents. 06:37.930 --> 06:43.780 However, in practice, regex is often integrated with scripting languages like Python in order to automate 06:43.780 --> 06:46.180 various text processing and analysis tasks. 06:46.180 --> 06:51.520 This often enhances our operational efficiency and scalability within a cybersecurity environment.