How do I impress professionals when I have no experience? HELP!

JPOhNoes

I don't know if this is the right place to post this, but I need some help.

I met a man who manages a cyber security department for his company and he told me to go "learn how to hack" or learn as much as I can about it in 3 months. Then he would get me a meeting with the team and they will determine whether or not I am worth hiring. Which would allow me to bypass HR. Now, I have no experience with computers aside from games and Google. Now, he left it kind of open ended, mentioned something about starting out shadowing and setting up their equipment, or something in customer service where I would need to understand the "lingo" as he put it. I picked up A+ Network+ and Security+ books, I went ass backward. I started with security+, read through it, mostly vocabulary, concepts, memorization. went back to A+ read through it took notes studied<---this took much longer. A lot more information to process and I still feel like I know jack ****......I have yet to open the Network+ book. this has been in a little over a 2 month span, I work full time, so I cant sit and study for hours on end, Id like to think I'm keeping a pretty great pace. What I mean is, if someone on the "team" said, tell me how you would implement a NIDS I would say "No clue." So how am I supposed to impress these people when I meet them? I have less than a month. Any advice?

Mow

How did you meet this man? This sounds like a spy movie or something. Do you have regular contact with the team? How did it come up that they would give you a meeting? Need more info to give advice on how to "impress" these people, but it honestly sounds like they're giving you the run around, or you're having fun on here.

Codyy

You're not. You're in over your head if you truly expect to work in IT Security without any IT experience. How can you secure or "hack" into something that you know very little about? Learn all you can and go to the interview with zero expectations. Who knows maybe they'll give you a chance, if not chalk it up as that way way too advanced in the first place and move on. Keep learning everything you can and eventually you catch a break, we all started somewhere.

cyberguypr

You have to put in the time. There's no way around it. We all have full time jobs and a thousand other commitments, yet we carve out a LOT of time to study, go to training, get certified, etc. The fact that you haven't done anything in two months means ZERO commitment in my eyes. It sounds like you are looking for a shortcut rather than a comprehensive plan.

mrhaun03

Open a command prompt, type hack and the name of the computer. Boom, you're in.

Seriously though, I have to agree with the others. Is this someone that you know personally? If he's just looking for you to learn some terminology, Google it. Download Kali Linux and learn about some of the tools installed there. You're not going to learn hacking in 3 months, but you could learn enough to talk about it.

Deathmage

there is an old saying "become the best bullshitter you know until your faking allows you to make it"...

there is another saying I go by "no pain, no gain" ... this more applies to my workouts but as many on here know already learning for me doesn't come easy.

The best way to excel in IT is to frankly get your A+, Network +, and Security +. They may seem like a lesser certification but that foundation knowledge is really essential. The knowledge you get from those 3 certifications will 'impress' someone on an interview. In order for you 'hack' you must understand how all aspect of IT work...

With this being said, there is no easy way into IT, you literally have to be in it for the long haul and get experience at the lower level and move up to the higher levels and get certifications along the way. Probably everyone on here that makes over $75k a year put in the time at job making less than $40k a year....

kurosaki00

I see you posted the exact same thing in two different sub-forums...

Start studying brah, there is nothing else. Just get some books, get some java/python skills, network videos, etc.
Study


Also, if someone told me "learn to hack" I really dont know how I would respond, I'm not Angelina Jolie or Cereal

JPOhNoes

I didn't realize that reading the books, watching videos and learning was doing nothing. I also didn't realize that someone offering me a "chance" was me looking for a shortcut into anything. If I were 12 and posted on here TEACH ME TO HACK SO I CAN MAKE MUNZ, that would make sense. That's not what I'm doing here at all. But thanks.

I know the guy personally. Like I said, it would apparently be more customer service based or setting up equipment, like a foot in the door. I'm a service tech, I setup/diagnose/repair equipment all day. I know I'm not going to "impress" professionals with my knowledge in IT, but I'd like to at least show that I'm dedicated to working hard and learning in order to get somewhere. So much so, now I'm looking into WGU.

I guess to me, this is just a massive thing in my life, like a course correction, and it might really not be so intimidating when I get there......

JPOhNoes

Good friends father, no contact with the team, He said it would basically be like an interview......

Mow

Ok, cool, so you know the guy. I would ask him for advice on where to start. I think that picking up a book is a good start. Set yourself up some labs, practice what you are learning, that's true of any domain in IT. Ask the guy for guidance, he has to know that telling someone to learn to "hack" in 3 months is a tall order and might be looking more at how much you want to learn. If he doesn't want to help you, ask him if he knows anyone who would be willing to mentor you. Good luck!

superbeast

As someone also getting their feet wet into the IT field, I would recommend the following.....

1) Learn basics to build a solid foundation. This would encompass primarily Network+. Security+ will be somewhat easier to conceptualize after learning basics on Network+
2) If he is telling you to learn how to hack, I would take that as find out what their department does and why they do it. It seems he's using a broad generalization. See if you can find old job postings for that department and focus on what their requirements are.
3) Study and incorporate what you're studying into real life experiences or use labs to mimic real life experiences. I've used packet tracer before when studying for Network+ but there are other VM wares and labs in which you can put your studying to actual use.

Codyy

Noticed you're in NoVa, check out DC Cyber Warriors on meetup. Next meet is the 25th and they're going over malware. This will give you an opportunity to network with some folks.

DCMeetup1514 - Malware Crash Course & Security Conference Recap - D.C. Cyber Security Professionals (Washington, DC) - Meetup

AphexFX

The weakest part in any computer system is the human factor. So use some Social Engineering skills and hack them(get some kind of access to something). Boom! Job is yours.

Robertf969

I am going to attempt to give you some real advice all jokes aside. You are being offered something that most people would love to have offered to them. A chance with ZERO experience. You know how much you can learn in 3 months if you have no commitments? I taught myself HTML when I was 12 in 2 weeks! I'm going to go against the grain and say screw those tests until after you have this interview. But do understand them. Learn how to spin things in a positive manor, they know you have no experience show them what you managed to learn! "How do you implement a NIDS?" "Honestly I have never done it, I am glad for the opportunity, what I can tell you is that a NIDS is a Network Intrusion Detection System, it can be setup to alert based on 'XYZ' and I am very excited to learn how to actually implement one in a production environment"

He said learn about hacking, so learn about hacking!
Check out Cybrary.IT - There is a ton of Security training on that site and a good amount of the videos have a practical that you can do along with them. For you I would recommend blasting through their Security + videos and then jump into their Ethical Hacking videos. If you can get through that the Python for Security Professionals class is pretty awesome too.

Memorize all of your Common Ports

Download VMware, get a couple of different linux (Especially KALI) and Microsoft Distros and lab with the stuff you just learned through the Cybrary Videos.

Take good notes and try to spin all the questions the team asks you in a positive manor. Worst case scenario they don't give you the job, heck they probably wont you have no experience but if they don't you will come out knowing so much more and you will be able to apply all that knowledge to get some of those entry level certs which you can then use to get the first job.

JPOhNoes

I'm already on Cybrary.IT Incredible videos, I've already watched all the Security+ videos and read Darril Gibsons book. I think I agree with you on jumping to the Ethical Hacking videos so that's what I'll do next.

As far as VMware and Kali/Linux I will definitely get them.

I'm not expecting a job, I just want to know I tried and as you said the worst really isn't terrible.....after reading all the "Still no job" posts on here, I do feel very fortunate and undeserving of this opportunity. I'm sure as hell not going to say no though.

Oddly enough I looked at your profile and saw you are in the military, that's where I'm heading if this doesn't work out. It was actually brought up a week after I took my ASVAB so I stopped the process, I was going to go IT in the army. Thanks for the great response.

UnixGuy

Here's what I would do:

1) Ignore the naysayers (including people in this thread, sorry guys).

2) Work HARD. Make it your life mission. Work days and nights. Obsess about it. Dream about it!!

3) Don't know where to start? Here's a start: Start with eLearnSecurity PTSv3 (penetration testing student), pass the exam, then shoot for OSCP (which will take you at least 3 months of SERIOUS dedication).


This is a test of how much you want it. If you actually dedicate the next 3 months of your life to this, then the outcome will be that you WILL get a job whether be it with this guy or with another firm. Believe in yourself and ignore the naysayers.

Robertf969

Well said UnixGuy, this is supposed to be a place where we offer helpful advice and its starting to pain me how often I see people on here shooting down others. Yeah hes probably not qualified for this position yet but some learn faster than others. An interesting qout from Eli the Computer Guy of Youtube fame "Take the Highest IT position someone is stupid enough to give to you".

@JP
The Military does a lot of great things but if you want to go IT I would suggest staying away from the Army, I hear the Air Force IT's get a lot more experience. I am actually getting out because I get sick of Civilian contractors telling me what I can and cant do, and watching them get paid more money to do it while my skills diminish. I would never give back my time in service, free college, patriotism, learned self discipline but knowing what I know now I would have gone Air force. Feel free to PM me when you get your post count up if you want to talk about the Military.

JPOhNoes

Unix-Oh my, that's $300 I do appreciate the input though.

Robert-Funny thing about those contractors, I know so many here in Northern Virginia. Half of them are tools, the other half do seem to work for a living.

I know the odds aren't in my favor, I came for advice not to be bashed, so thank you both for the great responses. How many posts does it take to get the right to PM? I was wondering that earlier.

I have enjoyed the things I've learned thus far, I will continue to learn and try to break into the IT field even if this doesn't go through.

“We, the unwilling, led by the unknowing, are doing the impossible for the ungrateful. We have done so much, for so long, with so little, we are now qualified to do anything with nothing.”

I have no experience, but I will keep going

I enjoy that quote.

BlackBeret

This sounds like a good opportunity and it's good to see that you're going for it. I've seen a lot of people pass over chances because they thought they would fail. So instead of trying and failing they give up and don't get anywhere.

So with 1 month to go it sounds like you've got a solid idea of what to do. You can have a conversation on security without much experience in A+, but if they're talking about putting you in a support position than you'll be glad you studied that. Networking knowledge and OS knowledge are the things you need a solid foundation in, then you can build the security knowledge on top of that.

Since you're already on Cybrary you're doing things right, but as others mentioned in order to retain it setting up labs and playing with the commands is the best thing to do. One thing I would change above is instead of using Virtual Box I would suggest the free copy of VMware Player. I like Virtual Box a lot, but I've only ever run in to VMware at work sites, knowing the differences might help you out. Kali will give you lots of fun ways to play with Debian Linux once you have that running.

Networking, OS (Heavy on Linux), then Security fundamentals...

If this guy is really the team manager and he said "Learn to hack or something" and gave you three months than either he really is a non-technical manager, or he's setting you up to see how motivated you are. The most important thing to remember is not to try and BS the tech team OR pretend like you know what you're talking about if you don't. NO ONE knows everything and the quicker you can admit that, the less likely you are to waste time or try something that wont work and screw something up. If they ask a question that you don't know the answer to, admit it but discuss what you do know.

Stevecb06

I guess it depends on the team and the type of person they are looking for, but I would say don't try to act like you know more than you really do. Be up front and honest about the fact that you are just starting out and you have much to learn. Show them that you are passionate and willing to learn. Tell them what kind of studying you do on your free time, what kind of technologies you use at home, what kind of lab you have at home that you use to further your studies. If you don't have any kind of lab at home, think about setting one up so you can talk about it, even if it is just a couple of virtual machines that you use to play around with.

At the lower levels of IT, I believe hiring managers are looking more for someone who has a positive attitude and willingness to learn than someone who acts like they know more than they do.

With that being said, if the position is for some type of InfoSec position, and not just an entry position, then you probably have no chance unless the guy you know really pulls some strings for you. You would be thrown in to the deep end going into a position like that with no previous knowledge and experience.

Good luck, hope you get it or at least learn something!

UnixGuy

If you think 300$ is a lot of money to invest in training, then maybe you need to do more research

CCNTrainee

Robertf969 wrote: »

Well said UnixGuy, this is supposed to be a place where we offer helpful advice and its starting to pain me how often I see people on here shooting down others. Yeah hes probably not qualified for this position yet but some learn faster than others. An interesting qout from Eli the Computer Guy of Youtube fame "Take the Highest IT position someone is stupid enough to give to you".

@JP
The Military does a lot of great things but if you want to go IT I would suggest staying away from the Army, I hear the Air Force IT's get a lot more experience. I am actually getting out because I get sick of Civilian contractors telling me what I can and cant do, and watching them get paid more money to do it while my skills diminish. I would never give back my time in service, free college, patriotism, learned self discipline but knowing what I know now I would have gone Air force. Feel free to PM me when you get your post count up if you want to talk about the Military.

Grass isn't greener on the other side, I can tell you a lot of thing of things are contracted/GSed out and base comm has become a joke on what it use to be. With NDAA 2016 that passed, their plan is to limit even more military personnel that maintain the network. The only thing we will be soon is ticket monkeys and confirm eyes on equipment. I learned more from studying certifications then I did on the job, when I was deployed the first time I was doing convoy security with then Army infantry. Second time, I was with the Marines where all I did was follow a four general and created tickets whenever him and his staff had problems with their emails since I was not "allowed" to do any troubleshooting. When I was in Korea, I was Sys Control where we just waited for DISA to call us if there was a problem in our lane since we didn't have access to any system but only could physically look at it. Mind you I was AF Comm but I did things way out of my lane in the years I was in and I never would of thought I would be in combat as well. To the OP, I wouldn't brother applying for Active Duty if you are just wanting to get a job in IT. You are better off joining the guard/reserves where you have more of choice on what you want to do and still get benefits, like actually getting the AFSC/MOS you want, getting a clearance for the MOS/AFSC, and TA for college from the Reserves.

If you have nothing else going on with your life, you could use a few years away from Home and want a new type of life with a little sense of adventure, then Active Duty would be the place to go but if your own ambitions is much stronger then being told what to do for said amount of years then check out the Guard/Reserves. Maybe you get to live the dream and see the world like my friends did, or you could be burning feces in the middle of nowhere because the place you crashing out has no water like I did. Just giving you the picture of what may happen and the grass isn't always green no matter what everyone has told you.

iBrokeIT

Sounds like you met someone who sold you dream through a casual conversation that you have little chance of achieving in 3 months if you are going to balk at $300 in training costs. Cyber Security is not an entry level field that most people can just pick up in 3 months... either way, good luck.

beads

I prefer people to have had a career in IT (Infrastructure, Development or DBA) for years before trying to tackle security where you need those skills plus: Business Analysis, Financial Analysis, audit, writing, presentation and deeper technical skills than the analysts, developers administrators and engineers the security pool was drawn from.

Until you understand those items above - your really not going to be particularly successful, in my shop. Perhaps its different somewhere else in other shops - call it what you will - but its not security.

Some low level penetration testing but the real stuff still involves a great deal of development skill to be useful. And no, professional hackers aren't using Kali Linux to break into your network, nor is your favorite flavor of APT/nation state government.

The whole field has rapidly moved away from those prepackaged types of tools to custom exploits and configuration compromises.

On the other hand I almost wish I could train someone in three months and a few hundred bucks and have a security person aka via the "shake and bake" method.

-b/eads