Tweet

John Breth (JB) | CyberInsight® on YouTube

Oct 4 • 22 tweets • 12 min read

Everyone is posting "If I had to start over in tech" posts the past few days.

Almost all the tech vets have cloud as one of the technologies they said they would focus on.

I couldn't agree more!

So if you want to start...here's 20 cloud vids (AWS/Azure/CCSP) to help you!!!🧵

We're going to start with AWS first, since they are the mostly widely used, have the most services, and what I have the most experience in, #AWSCommunity 😂

You should set up a free account and if you don't know how to, I got you!

Most folks start with the #AWS CCP, it's their foundational certification. It's a solid spot to become familiar with their terminology and services.

Bonus points if you do labs along with it to help you learn.

Here's my review of the exam/resources

If you do go the #AWS CCP route, a practice test walkthrough might be helpful!

After the #AWS CCP, I wanted to take some of their harder exams, so I started to focus on the AWS SOA and SAA. But first I really had to get some hands on knowledge.

I started with understanding the networking/VPC portion.

Then I moved on to a few other key #AWS services and configuration options. CloudFormation is one of the ways to do Infrastructure as Code (IaC) in the AWS cloud.

Storing and backing up data is and the ease to be able to do it, is one of the cloud's main selling points. In this video I did a walkthrough on #AWS S3 and Backups.

In this walkthrough I focused on how to load balance traffic and build in resiliency when one of your instances fails.

You need to know how to set up alerting in AWS for when unplanned issues do occur. This video covers #AWS CloudWatch.

I did the #AWS associate certs backwards and did the hardest one first😂 It had labs and the exam kicked my butt, luckily I did pass.

Here's my review on the AWS SysOps Admin Associate exam.

If you are interested in the #AWS SOA, here is a practice test walkthrough I did for it🤝

After I passed the #AWS SOA, I read there was a lot of overlap between it and the Solutions Architect Associate (SAA) exam. Since the SAA is supposed to be easier, I took it a couple weeks later and passed!

Since I passed both the #AWS SOA and SAA I wanted to do an in-depth breakdown to help folks decide which exam they might want to pursue.

@RealTryHackMe

I've also started to get into the cybersecurity/blue/red side of #AWS. Here is a @RealTryHackMe walkthrough that covers basic AWS account and S3 enumeration.

@RealTryHackMe

And another #AWS @RealTryHackMe room covering the Elastic Container Registry (ECR).

I did go to BlackHat this year and take a 4 day #AWS pentesting class. This video is a recap of all of the different services and methods we covered!

@PenTestingCloud

And building on the stuff I learned at BlackHat, here is my first #AWS CTF video walkthrough from @PenTestingCloud

If you made it down this far and are still like, where is the freaking Microsoft stuff man, I feel you😂

Here is my review of Microsoft's foundational level cloud cert, AZ-900

And obviously, you by now know I love practice test walkthroughs, so here is one for AZ-900

@ISC2

This past year I did take one of the more advanced certs I've taken in many years, the @ISC2 CCSP, which is basically the CISSP for cloud technology. Here is my review/study guide.

@JuniperCertify

And lastly, it's a little bit more niche, but you know I do love @JuniperCertify, so here is a review of the JNCIA-Cloud exam.

I hope you found something helpful in at least one of these different videos!

I put out some entertaining and useful stuff...

Checkout my YouTube/Twitch channel CyberInsight

youtube.com/c/cyberinsight
twitch.tv/cyberinsight

My blogs and newsletter:
cyberinsight.tech

• • •

Missing some Tweet in this thread? You can try to force a refresh

This Thread may be Removed Anytime!

Twitter may remove this content at anytime! Save it as PDF for later use!

More from @JBizzle703

John Breth (JB) | CyberInsight® on YouTube

@JBizzle703

Aug 17

Someone asked me about creating CCNA labs and if it was worth spending $500 on equipment. I'm going to say no (unless you really want to get a bunch of gear), but I'm going to give you some CCNA lab options from free to $500+ in this thread🧵

First option is free and is a lab emulation software from Cisco called Packet Tracer. This is great and runs on your computer. Should be more than fine for CCNA (or Net+) studies. There are some limitations to what you can do with advanced configs.

learningnetwork.cisco.com/s/packet-trace…

If you find you need some more advanced features (like studying CCNP stuff), you can use the Cisco DevNet Cisco Modeling Labs Enterprise sandbox. This is a free version of CML, but you have to reserve time and the configs aren't saved in the cloud.

developer.cisco.com/docs/sandbox/#…

Read 12 tweets

John Breth (JB) | CyberInsight® on YouTube

@JBizzle703

Dec 15, 2021

@_jayprimo

I saw a tweet from @_jayprimo about wishing he had some cheat sheets when learning cyber tools. So, I wanted to make this thread for new folks who want to learn about some of the most used cyber tools (free labs/walkthroughs/command cheat sheets)👇

@RealTryHackMe

NMAP is used for discovering hosts/services on a network. Normally first step in enumeration by pentesters.

@RealTryHackMe has a free lab, here is my walkthrough video of the room (link to the room is in the vid des) and a handy syntax sheet I use a lot!

@tryhackme

Netcat is used to transfer files/make remote backdoor connections. Used with other pentesting tools like metasploit (we'll hit that too).

Used in a bunch of free @tryhackme rooms, here is one of my walkthroughs with it. @SANSInstitute cheat sheet!

Read 8 tweets

John Breth (JB) | CyberInsight® on YouTube

@JBizzle703

Sep 4, 2021

Had a few folks ask about how to get hands on experience when starting to get into tech/cyber. So this thread some of my recommendations of FREE labs/software for networking, Linux, Windows, cybersecurity, and coding that I have used.

I'm going to plug my own stuff first 😂 I have various playlists devoted to lab walkthroughs for networking (Net+/CCNA), Linux, cyber defense, and offensive cyber labs. The majority using free tools for you to follow along🤝
youtube.com/c/cyberinsight

For free networking labs:

Cisco packet tracer:
netacad.com/courses/packet…
Juniper vLabs:
jlabs.juniper.net/vlabs/

Some great lab books (using packet tracer, affiliate links):
amzn.to/3DLDSSg (101 Labs Net+)
amzn.to/3yNWbSN (101 Labs CCNA)

Read 9 tweets

John Breth (JB) | CyberInsight® on YouTube

@JBizzle703

Feb 7, 2021

https://twitter.com/GKnutley/status/1358186826700386304

Random thoughts on planning a small office relocation. This is off the top of my head. So might change some steps IRL. Step one is going to be updated asset list/documentation/cable connections. What devices/software/data currently exists and what will need to be moved /1

https://twitter.com/GKnutley/status/1358186826700386304

Figure out what IT closets/cabling options are in the new spot and plan accordingly and create transition documentation(cable plan, rack layouts, updated diagrams if needed . Pre-run/label as much as you can. Make sure you test these connections(cable drops to comms closets). /2

Backup all device configs/critical data as needed. If you can phase deployments, that is cool, but you might have to do a hard cut over. Figure out what you are doing for circuits (new or migrating). /3

Read 9 tweets

John Breth (JB) | CyberInsight® on YouTube

@JBizzle703

Aug 21, 2020

I've been seeing some tweets about #BlueTeam and documentation and diagrams. Diagrams are an important part of the engineering process! So, I figured I'd do a little diagram breakdown for folks wondering what are some useful types of diagrams.

High level diagrams provide a non-technical overhead perspective of the environment. If you are at all familiar with DoDAF, this would be like your OV-1 diagram. These should tell a high level story and be easily explainable to someone who is new/and or non-technical.

Network level diagrams show logical connectivity between all nodes/devices in the environment. It should include the IP/hostname of the devices. Other details to include are VLAN information, system/authorization boundaries, as well as any unique information that might make sense

Read 12 tweets

John Breth (JB) | CyberInsight® on YouTube

@JBizzle703

Aug 14, 2020

For fun 😬 let's chat about network ACL's and a high level approach to securing your network. The purpose is to provide multiple levels of protection (i.e. defense in depth).

4 main ACL's to talk about:
✅Premise ACL's
✅Inter-zone ACL's
✅Intra-zone ACL's
✅Host-based ACL's

Let's start on the outside with Premise ACL's. These reside on your most outward facing network devices (probably a router or switch) where your Internet circuits are plugged into. These ACL’s would knock down a large amount of unwanted SPAM packets that flood the Internet.

I would implement both inbound and outbound rules. Only allow out traffic from your specific publicly routable IP space, block private IP space, implement Bogans lists, and also only allow known expected protocols that should be coming into your environment from the Internet.