Learning an advanced skillset

The purpose of this article is to guide network security analysts towards learning the advanced skillset required to help further their careers. We'll look at two key pillars of knowledge, protocols and programming, and why they're so both so important in the security field.

Two pillars of knowledge
In this author’s opinion, there is perhaps a basic truth about network security and obtaining the skills required to practice it. Network security really boils down to understanding two key pillars: protocols (starting with TCP/IP), and programming. Everything else can generally fall within those two broad categories. That includes everything from web application security to exploit development, and many things in between. While we all understand that the base unit of computer-to-computer communications is the packet, there is still a tremendous amount of knowledge required to understand what is behind that small packet.

That very small packet incorporates a great amount of networking knowledge to understand and be able to parse effectively. Contained in that very packet is a good deal of information. What is required of you as an analyst, though, is the knowledge of protocols in order to extract the relevant information. Not all of the TCP/IP protocol world evolves around the four core protocols of TCP, UDP, IP, and ICMP. A good amount of other protocols reside at the application layer. It's also good to not only understand how protocols work, but also understand some of the design considerations that went it them. For example, knowing such things as why there are only 16 bits assigned to a port, and its relevance to the actual protocol will help give an analyst a far deeper insight into his daily work.

TCP/IP is a good start, but what about the other pillar of network security knowledge? The strong silent partner of the security field is programming. While there is a lot to be said for understanding networking and protocols, they are all related to the programs that use them. It is therefore with an understanding of programming and the ability to actually program that a far more profound knowledge of network security will come.

It could be argued that one need not program to be good at network security. However the point remains that to obtain an advanced skill set, you will have no choice but to pick up programming to make it to the next level.

Read More