Category: Uncategorized

So as you may be able to gather from the title I have transitioned out of the automotive industry (FINALLY!) and into the IT sector. The transition wasn’t as smooth as one would have hoped but it finally came. I am going to be intentionally vague and leave the name of the company I am working for out of this as well as off my public facing resume. After that disclaimer I have been hired by a non-profit company as a “Help Desk/System Admin” hybrid. Essentially my formal title says Help Desk but my roles and responsibilities is more in line with System Administrator.

I have found that the knowledge base that I have gained from doing independent learning, formal schooling, and the diagnostic mindset that was fostered in automotive have been critical to me being able to thrive in this role. The parts of networking I have struggled with (memorizing ports/protocols and cable ratings) have played little to no role in my current job. As for training this has been great for me, I spent a week over at the main HQ for our IT division shadowing my new co workers and getting my feet wet. Then week two I was on my own as the only IT staff in the region I live in. This means a couple of great things, first off I get my own private office in an administrative building that I get to tailor to my liking. Second being that I am the feet on the ground for all of the locations in my region which is a nice handful (about 38% of the companies locations fall in my region). The last thing is an interesting worker retraining note, apparently my predecessor ran things vastly differently than the way I intend to, that person basically segregated themselves entirely from the main body of the company and made themselves the ONLY source of IT support for this region. I on the other hand do not want to be the only IT support for this region, I would like it to be a group effort, where the entire team works together to support the entire company and if there is a physical requirement for someone to be on premise at a site that is where I take over. I wouldn’t expect a co-worker to to travel an hour plus to do something that I can accomplish in a quarter of the time. It has been a user re-education since most of the people in my region know I am the local person and contact me directly and I have been redirecting to the main IT communications.

Learning how the network I am working on is set up and the different methods we use to manage them has been awesome! I feel like I am soaking it up like a sponge even though I don’t have a ton of experience with a lot of the interfaces. My co-workers have been telling me that they have been pleasantly surprised by my technical acumen and the only reason it exists is because of my flat out obsession with understanding all of the angles of how computers work, communicate, or break. I have had several people shocked at the fact this is my first IT job and I am less than 3 months into the position which feels amazing and almost validating the years of what has felt like unrewarded hard work. At the end of the day I got lucky finding this position, but I also put a ton of work on the back end to make sure once the opportunity revealed itself I could snatch it up and run away with it. Keep pushing towards your dreams, I am on finally on my launch pad just enjoying being in the field and continuing my learning while I work. In down time I am doing research, playing with different things that I have got access to and seeing how to best interact with it.

I received my CompTIA Security+ certification in October of 2022 completing the SYO-601 after 4 months of studying. I accomplished this task using a few different tools and techniques that I wanted to outline here in case any Sec+ hopefuls were looking at how others studied. I used a combination of free and paid tools (Professor Messer and ITproTV) to immerse myself in the content and fully grasp the concepts outlined in the CompTIA learning objectives using both active and passive learning techniques.

Day to day learning:

 I set aside 1-2 hours per day (mine happened to be while I was commuting to and from work) and watched the Security+ videos on ITproTV taking the time to rewind and rewatch any videos or topics I didn’t fully comprehend. I actively focused on the visualization of the topics and ensuring I was fully grasping what they were saying while covering them. Then while at work I played the Professor Messer Youtube series dedicated to the same topic. I found he went through the materials in a different order which helped break up any monotony. While at work I couldn’t afford to watch the video most of the time and was not always at my workstation where the video would be playing but while at my workstation I tried my best to be listening to the videos while I concentrated on doing my job. I considered this to be passive learning since it was background noise that I was listening to but didn’t occupy the forefront of my thoughts. Then on my way home if I still felt fresh I would spend another hour picking up where I left off on ITproTV fully engaged in the topics. I cruised through the Professor Messer content relatively quickly considering it was playing most days for about 10 hours per day so I kept replaying it. Each pass through I would hear something new that I had missed on a previous iteration, however after 3 replays I sought out new SY0-601 full study guides on Youtube and played those.

Bigger picture:

Since CompTIA also implements performance based questions I knew going in videos wouldn’t be enough, which is why I decided to choose to pay for ITproTV. On my days off I would sit down at my PC and do 2-3 virtual labs offered by ITproTV in their Security+ course. I also went a step further and stood up a small virtual network using VMware Workstation. The network only consisted of 3 machines 1 I downloaded from Vulnhub, the second was Metasploitable 2, and the last machine was just Kali Linux. I installed a couple of the tools that are in the learning objectives for the exam (Harvester, Nessus, and Sn1per) which I used to probe the metasploitable box. The installation was a learning process in and of itself but I got to play with the interfaces unrestricted by a virtual lab in a safe and legal manner. As I drew closer to finishing my ITproTV course I substituted the course material Professor Messer offered for his study group podcasts on Spotify. This gave me the opportunity to annoy my coworkers by blurting out random answers to questions I thought I knew throughout my work day. This is also where I took my first practice test on ITproTV and got a 78%.

Finale:

Once I felt comfortable with the materials and had finished the ITproTV course I purchased the voucher and carefully scheduled my on premise test for the last day of my 5 day weekend. When that 5 day off period came, I sat down and started rewatching the ITproTV course on 2x speed until I felt my brain start melting. Then I would play video games with it playing in the background the rest of the day. The day before the exam I didn’t study at all, instead I took another practice test and only scored 56%! I was crushed but I was still being optimistic and thought even if I take the test and fail I can take it again (not that I could necessarily afford it again) and decided to hop on my motorcycle and go down to the testing facility (a local community college). Once there I wanted to scope out the parking, campus layout, find the testing room, and ask about accommodations for me to keep my helmet. After I took the rest of the day off from studying, rode around on my bike, enjoyed some face time with my significant other, and got plenty of rest. The next morning I arrived early to the testing center, got all checked in, and took the test. I passed, with a 782 (750 is minimum) which while not the highest score is still a passing score! I am now onto studying for my Network+ using these same TTPs.