Few months ago, google launched it’s own cyber-security certificate so that they can bridge cybersecurity skills gap in the industry. Luckily our college offered few students free google courses on coursera, and I got a chance to take all of the google’s courses for free! I wish I got some subscription to udemy free courses rather than coursera [as anyone can apply financial aid, and get any course for free and there is no point in getting this scholarship]. But anyways since I got access to all of the google’s courses, I thought to myself why not do google’s cybersecurity course?
This blog will consist of my journey with this course, and I will be sharing my thoughts about this course along with some tips and tricks to complete this course in the shortest time possible. After all a certificate from well reputed company like google always looks good on one’s resume.
The course content is really good and well detailed. One has to cover up all eight modules to get a certificate of completion under this specialization. One might think eight modules sounds like a lot of work, and it may take more than three months of hard work then worry not my friend, if one puts in focused work [I am referring to high quality focused work which includes no distractions, no social media usage, just pure work] along with little tricks shared in this blog, one can complete this course within few couple of weeks. And I don’t think one has to have some prior experience or knowledge to achieve this feat.
The first module is named '‘Foundations of Cybersecurity’', and as you might have guessed, it introduces the student to the new and amazing world of cyber. It also gives an brief overview on what is cyber-security, who is an cyber analyst, determines the core skills needed to become an analyst, introduces to eight domains of the CISSP [i.e eight important areas of cyber-security. Also introduces to the concept of CIA triad, and lastly gives you an overview of cyber-security tools and programming languages used. Do note that all modules except for the last one have 4 weeks of worth content, and if you got 24 hours of free time, one can cover up to 2-6 weeks of content in a day.
The second module Play It Safe: Manage Security Risks once again touches upon eight domains in the CISSP and also covers up Risk Management Framework from the NIST [ National Institute of Standards and Technology]. Week 2 teaches about OWASP guidelines along with the concept of what is a security audit. Again in week 3 you will be seeing a lot about cybersecurity tools and what is a SIEM. Lastly at week 4 this course ends with the concept of playbook. This course gave me an new perspective as I thought a good cyber-security professional remembers everything in memory, and knows it all. But most of the big companies have playbook [something like step by step guide on how to get xyz done] and sometimes to get most amazing security work done all it takes is to follow the steps from a playbook mindfully! This idea was something new to me and it changed the way I think about cybersecurity and made me realize maybe cybersecurity is not as hard as I used to think ….
Now the third module Connect and Protect: Networks and Network Security, is all about teaching networking concepts and introduces the concepts of network hardening, securing and few definitions related to network security. Nothing fancy but crucial to build up an solid foundation.
The fourth module '‘Tools of the Trade: Linux and SQL’' is all about linux and slightly introduces to the world of sql. For the first three weeks we get to learn linux from scratch up to the point where one can operate linux smoothly, install, run and configure things from the internet and maintain them. Coming to the last week you have SQL which introduces to SELECT, FROM and WHERE statements, along with operators and joins [inner join, outer join etc]. I liked the way weekly assignment for the last week was arranged, one has to manually type in SQL statement to get answer for an MCQ, which is really unique, amazing and gives us the students hands on experience.
Some tips and tricks to cover up this course in the shortest possible time!
I get it you leet haxors claim that cert don’t any value, and just want a piece of paper that pushes your skill through the HR. You people may have different reasons to complete this course in shortest possible time and I don’t judge you for this, but do make a small note that this course does fill your knowledge gap. So do spare your valuable time in completing this course. Coming to the tips and tricks you have the following options:
1. Skip the video part, just read and make note of reading material. This may sound unreasonable but the thing is most of the video have just plain definitions which you can get at the end of the module in form of glossary so it’s better not to spend your time here.
2. Skip non graded assignments. Yes you heard me right, only the weekly assignment that consists of 10 MCQ questions decides if you have completed the course material for the particular week, so it is of your best interest to skip these assignments and focus on the main one.
Now so far everything seems so easy, a walk in the part right? but after the SQL part here is where things get to become serious. The fifth module Assets, Threats, and Vulnerabilities, dives deep into all the technical terms one has to know from defining assets threats and vulnerabilities on week 1 and using NIST cyber-security framework to challenges faced in security, implementing security controls, policies and frameworks and defense in depth strategies. Personally I felt week 4 of this module was light, as it included already known and familiar concepts like owasp top 10, attacks like web injection attacks, click jacking and frameworks related to threat modelling.
The sixth module Sound the Alarm: Detection and Response, is all about incident handling, touches upon the NIST incident handling process, and cover theoretically major tools like SIEM, EDR etc. Again it was not too easy, but at the same time filled with tons of information which can’t be skipped.
Now so far we have covered 6/8 modules and only are left. Luckily one is python module and another one job preparation module, things should be easy right? right??
The problem is I may have coded quite couple of times in python, did not really understand the core concepts and lot of coding revolved around memorizing things. Did not know sometimes memorizing things could be helpful. This module for sure filled those gaps which I had while learning python due to memorization and at the same time similar to the sql in week4 of '‘ Tools of the Trade: Linux and SQL ’' module this too had some practical coding and debugging exercise in the weekly assignment, which means one should find and rectify errors in order to get the answer for the MCQ test. I wish there was more pythonic content but then realized that this is a cybersecurity specialization course, and google has their own python course…
The last module “Put It to Work: Prepare for Cybersecurity Jobs”, shared some cool job search websites, and cool online resume builders along with google’s interview preparation website which is really cool.
For cyber-security interview check:
https://grow.google/certificates/interview-warmup/category/cybersecurity/all-questions/
For jobs do visit the following websites:
https://www.foundit.in/
https://in.indeed.com/?r=us
https://www.ziprecruiter.com/?tsid=109002303&mid=2303
https://www.careerbuilder.co.in/?siteid=fromCBUS
To build up resume online check:
https://www.foundit.in/seeker/resume-builder
https://applieddigitalskills.withgoogle.com/c/college-and-continuing-education/en/start-a-resume/overview.html
https://create.microsoft.com/en-us
https://googlecerts.biginterview.com/
https://app.enhancv.com/industry-examples#science-and-research
Some more tips…
Do focus on labs or atleast try to do it’s equivalent from platforms like tryhackme.
If you plan to finish this course on shortest time, atleast do download the glossary, and all the important documents in the form of .docx and .pdf for future reference and go through them whenever time permits.
Final thoughts on this course:
This course is excellent and should be everyone’s first cyber-security certificate or atleast must to do course to add up in your resume. If you have got some experience in cyber, I would still recommend completing this course as it fills up any gaps of knowledge which one may have. I am a bit saddened by the fact that this course is not covers more of breadth-wise knowledge rather than depth-wise , at the same time happy that this breadth-wise knowledge builds up an rock solid foundation.
This is certainly not the one magically course that makes any person from n00b to pro nor does it solve all of our problems. Cybersecurity is very vast, and one should be well prepared in all ways to face challenges in area, as well as constantly learning. But as a wise man once said “A journey of thousand miles begin with a single step”, and without a single doubt I can assure you that this course did aid me to start my journey. So are you starting yours?