MCSI #008 - Three master-level methods to unlock the most difficult areas of cyber security
Have you ever wondered how cybersecurity professionals are able to crack the toughest challenges? Experts use the same three methods time and again. These techniques are quite straightforward and can be easily learned by anybody. Let me show you how to use them.
The Historical Approach
Using the Historical Approach, we go back in time, starting with problems that have solutions that are already well-known. Then, we move forward in time to challenges that are more difficult to solve.
For example, if you want to learn reverse engineering, you can start by looking at samples from the early 2000s and gradually progress to more modern samples.
The same goes for vulnerability research; you may find it more manageable to begin with Windows 2000, manually replicating exploits that are available in Metasploit, before advancing to newer versions of Windows.
This method gives you the opportunity to gain a thorough understanding of the cyber tradecraft, and to gain insight into the solutions that the industry has employed, the tools that have been built, and where the current cutting edge lies.
The “Understand First” Approach
Imagine you are interested in learning cloud penetration testing, but you're unsure of what cloud services are or the differences between the major cloud platforms. It's common for people to turn to Google and search for automated tools or blog articles with techniques to copy, but this rarely works. Tools often have bugs and techniques need to be updated. That's why many students get stuck. The correct approach is to first gain an in-depth understanding of cloud technologies before attempting any security-related activities. Once a great level of understanding has been achieved, then you can begin looking for vulnerabilities.
Write malware before you reverse engineer malware
Write web applications before you do web app penetration testing
Use cloud services before you do cloud penetration testing
Deploy and configure an Active Directory lab environment before you run AD penetration testing tools on a live network
The Troubleshooting Approach
“In IT, you’re only as good as the problems you can troubleshoot.” Benjamin Mossé
The difference between a beginner and a master is that the master has a process for identifying the root cause of IT problems quickly and accurately. Rather than randomly searching online for answers, they write down an incident statement, identify the dimensions of the issue, and search for solutions that are tailored to their specific needs. This methodical approach allows them to find the answer with ease, as opposed to giving up in frustration. By taking the time to investigate deeply, the expert can make better searches and arrive at the correct solution quicker.
Here’s a summary of the method and you can read our full guide here:
Step 1: Develop an incident statement
Step 2: Identify all of the incident’s dimensions
Step 3: Generate hypotheses and test them
Troubleshooting is not only a way to solve problems, but a way to explore technology in depth. It is the art and science of asking the right questions in IT.
When you’re ready, here’s how we can help you:
The MCSI Method™ utilizes these exact three approaches. Our exercises create an environment of precision and accuracy. They encourage comprehension of tactics and techniques at a code-level. They necessitate thorough problem-solving and inquiry. This is what makes the MCSI Method so distinct and why our students are excelling in the industry.
We recommend you try these 4 of our best courses:
Read what Marit says about our training method: