TryHackMe - Pre Security Path

TryHackMe is a cybersecurity learning platform that provides hands-on challenges to practice various skills. It uses “rooms” or simulations that emulate Linux machines, networks, and hackable instances which allows users to go beyond the reading and actually see and use the topics that are taught. As part of their program, they offer several learning paths that focus on different careers within the world of cybersecurity like penetration testing and security engineering.

I recently set a new goal for myself where I would like to complete the SOC (Security Operations Center) Analyst roadmap from the beginning. This goal involves completing four separate learning paths and over 100 rooms that build on each other. I plan on documenting my experience and progress with each path on this website. The first path in the sequence is the Pre Security Path, which focuses on basic pre-requisite knowledge of technology in the world of cybersecurity.

Introduction to Cyber Security

This first module was super short and simple with only three rooms. The first two were introductions to Offensive Security and Defensive Security respectively. Offensive Security had me use Gobuster, a brute-forcing tool, to find a hidden webpage on a simulated bank website. Intro to Defensive Security gave me a simulated SIEM (Security Information and Event Management) system which I had to analyze the log files of. The final room went over many of the various careers available in the world of cybersecurity and what they do. The list was Security Analyst, Security Engineer, Incident Responder, Digital Forensics Examiner, Malware Analyst, Penetration Tester, and Red Teamer.

Network Fundamentals

This module consisted of five rooms focusing on core concepts of how computers communicate. Starting with defining networks and explaining what the Internet is, the module then moves into exploring LANs or Local Area Networks. The OSI Model is also taught and how each of the seven layers interact with each other. The following room was all about the functions and relationships of packets and frames. The module finished with discussing the roles of firewalls, routers, and VPNs or Virtual Private Networks.

How The Web Works

This module expands on concepts from the previous module as it relates to computer communication. The first topic was exploring how DNS or Domain Name Service functions through a hierarchy of domains, allowing us to remember website names like steven-piazza.com instead of a series of numbers that makes up an Ip address. Additionally, the room touched on different DNS records like MX and TXT. The following topic covered HTTP and how web servers communicate with web browsers on the client’s machine. Going one step further, the next section discusses how a website’s front end is created through the use of languages like HTML and JavaScript. The last section puts everything together into one large model to demonstrate how the web works will all of these components together.

Linux Fundamentals

Learning how to use Linux is a very important skill for the world of IT and cybersecurity. This module starts with teaching some basic commands to interact with a Linux CLI or Command Line Interface. Some of these commands are ls, cd, cat, echo, and grep. The next room discusses SSH or Secure Shell which allows for a user to securely remote access a machine. It then goes into the standard Linux filesystem, permissions, and flags for commands. The final room discusses some more tools like the nano text editor in addition to task managers like ps and top. The room also touches on the cron process, wget, and the kill command along with some of its various signals.

Windows Fundamentals

Similar to the previous module, Windows Fundamentals explores an operating system in three rooms. Although here, there is almost no attention given to the Windows command line. The first part discusses the NTFS or New Technology File System that modern Windows machines use. It also touches on UAC or User Access Control and settings in the Control Panel. The next room goes over several tools that are available from the System Configuration menu. This includes the Windows Registry, Resource Monitoring, and Computer Management. The final room went in-depth into Windows Updates, Windows Security, and BitLocker encryption.