This is awesome man! Many aspiring SOC Analysts don't realize that these are the types of videos they need. This is a competitive field and the stakes are high. When I'm on an interview panel for a potential Incident Responder hire that claims they have 2+ years of experience, I'm asking questions to gauge their thought process when investigating and event that was escalated to an incident: What steps will you take to validate an incident that was escalated (ie: Phishing email where the attachment was opened on the host)? Now that you've identified data exfiltration, what do you do now? What steps will you take to find out if the host reached out to any other hosts in our network? How are you going to determine if any persistence mechanisms have been dropped on a host?
And why companies do not try to educate their employees about phishing attacks, Because malware or any attack cant be happen without the human interaction i mean clicking on it or providing credentials, if they educate their employee then i think 90 percent of attacks will not happen. I mean stopping the attack on delivery phase
Yes correct, the best way is to have continuous education on phishing attacks. But this is not always fool-proof. All it takes is one person to make one mistake and that opens the door to bad things.
@@TechwithJono Sorry for that, I am cyber security student in London. But i feel great gap between the Market requirements and University Course. Therefore , Sir i requested please make course consist of real projects so that which help us for getting jobs. as i am sure you faced same difficulties before you obtained you job.
This is awesome man! Many aspiring SOC Analysts don't realize that these are the types of videos they need. This is a competitive field and the stakes are high.
When I'm on an interview panel for a potential Incident Responder hire that claims they have 2+ years of experience, I'm asking questions to gauge their thought process when investigating and event that was escalated to an incident:
What steps will you take to validate an incident that was escalated (ie: Phishing email where the attachment was opened on the host)?
Now that you've identified data exfiltration, what do you do now?
What steps will you take to find out if the host reached out to any other hosts in our network?
How are you going to determine if any persistence mechanisms have been dropped on a host?
Thanks for the feedback man!
in the process of incident response i came over a thing which directs the hacker to sandbox env, how it is done?
And why companies do not try to educate their employees about phishing attacks, Because malware or any attack cant be happen without the human interaction i mean clicking on it or providing credentials, if they educate their employee then i think 90 percent of attacks will not happen. I mean stopping the attack on delivery phase
Yes correct, the best way is to have continuous education on phishing attacks. But this is not always fool-proof. All it takes is one person to make one mistake and that opens the door to bad things.
How to start learning cyber security?
Like resources for learning
And where do I start ?
Plz make a video on this
Hey check out this vid -
ua-cam.com/video/cEiZoj5Hb6Q/v-deo.html
sir, whats your advice to master SIEM tools like splunk?
Just lots of practice. Probably best to sign up for a Splunk trial and practice there
please make projects for fresher.
Not sure what you mean by that
@@TechwithJono Sorry for that, I am cyber security student in London. But i feel great gap between the Market requirements and University Course. Therefore , Sir i requested please make course consist of real projects so that which help us for getting jobs. as i am sure you faced same difficulties before you obtained you job.