Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Ethical Hacking Course -UCD

Comments

  • Posts: 5,917 ✭✭✭[Deleted User]


    No and you can learn it all for free online without having to shell out 1.5k



  • Registered Users Posts: 3,494 ✭✭✭IamMetaldave


    I wouldn’t be too worried about people doing much damage after that course.



  • Posts: 0 [Deleted User]


    I got an email recently about a FETCH course offering to teach the same for free can't recall who it was from but came through one of the various recruiters I'm signed up to . Good stuff to have but not a complete security qualification by any stretch.

    It would I guess complement experience and know how in a few roles I can think of but not to a level I'd rely on someone to be able to stand over something and say yup thats secure for sure.



  • Registered Users Posts: 18,843 ✭✭✭✭Donald Trump


    It's a trick OP.

    If you want to do that course you will get disqualified if you apply or pay for it.

    Lesson one is to hack UCD gateway server to get the lessons for free.


    Edit: On a serious note, I clicked on it and it looks mickey mouse enough. It seems a bit basic to me to be saying "Gain practical skills using tools like the Kali Linux system to facilitate security tests".

    Kali is just a distro which has the common security testing tools installed by default out of the box. It is something you might use alright - but it seems a bit weird to be advertising the course in that way....at least to me.


    (It's not my area in any way shape or form so feel free to correct me)



  • Registered Users Posts: 12,128 ✭✭✭✭MadYaker


    Why? The knowledge and skills required to solve those crimes are the same as the skills required to perpetrate the crimes.



  • Advertisement
  • Registered Users Posts: 2,551 ✭✭✭Squeeonline


    The piece of paper that says you signed up to do it ethically is the important bit.



  • Registered Users Posts: 3,916 ✭✭✭Grab All Association


    A gigabyte of RAM should do the trick



  • Posts: 1,263 ✭✭✭[Deleted User]



    Maybe so. I know very little about this area, but isn't there a tradition of cybersecurity companies hiring people that have hacked into secure sites and a) done no damage and b) revealed their identities after the fact (along with a list of salary requirements)?

    If so, would you not be painting a target on your back by signing up for this? (Thereby undermining your ability to hack in the first place.)



  • Registered Users Posts: 2,551 ✭✭✭Squeeonline


    I work IT-adjacent but not cyber security. infosec may be different. I think that at least in my industry (pharma) the majority of hires are through traditional HR. I imagine if you were looking for a job in cyber security, a degree in this field couldn't hurt. I'd hardly call it "painting a target".



  • Registered Users Posts: 18,843 ✭✭✭✭Donald Trump



    There are different levels. From the script kiddies to the people discovering new exploits.


    If someone has found a way in that all the boffins thought was closed off, then they are going to want to have that person on their side. I think that is what you are referring to as regards hackers being later hired. But that person is an exception.


    I would guess that that course maybe shows you how to run some of what the script kiddies are running so that you can find those relatively well-known holes in your system before they decide to probe it for you!



  • Advertisement
  • Moderators, Business & Finance Moderators, Motoring & Transport Moderators, Society & Culture Moderators Posts: 67,065 Mod ✭✭✭✭L1011


    If you work in IT and don't understand the basics in figuring out whether your systems are gapingly vulnerable, you need to change careers. Its entirely pertinent that this type of training exists.



  • Registered Users Posts: 13,763 ✭✭✭✭Potential-Monke


    It's worse than that. When we were still in the office, just taking a walk around you would see all the post it notes with usernames and passwords.... they can't get the simple stuff right, doing a course like this would be pointless, but it would look good on a CV, especially as noted above with the Ethical part. I recently did ITIL Foundations. It's literally putting businessey sounding words and processes onto common sense. But it looks good (and I didn't have to pay for it, and it was a week off for learning).



  • Posts: 0 [Deleted User]


    ^^^did it free too in 2015 as part of a skillnet and passed. Well worth it.



  • Registered Users Posts: 18,843 ✭✭✭✭Donald Trump



    Well in a large organisation, the generic IT grunt shouldn't have access to make any changes that might introduce vulnerabilities.



  • Posts: 0 [Deleted User]


    "Generic IT grunt" is a beautiful phrase. Almost art. They are the unsung heroes that keep the world turning.



  • Registered Users Posts: 2,294 ✭✭✭YellowFeather


    To be fair, that's kinda the point of ethical hacking. The purpose is to identify real or potential vulnerabilities. If you were so way inclined, you would be terrified by the things that "IT grunts" could do in a lot of companies. Let alone what an outside randomer can do with outdated systems and/or improperly trained staff.

    And ethical hacking is also great fun. Like being a child and given one of those plastic rulers with a label saying that they are unbreakable.



  • Posts: 0 [Deleted User]


    They aren’t really. People working in the lower rungs of IT have an extremely high opinion of themselves. It’s not exactly being on the frontline of a pandemic, or even being able to build a house. Most of it can be automated and moved to the cloud. It’s low skill and repetitive work.



  • Posts: 0 [Deleted User]


    It depends on your reasoning

    Is it just to gain experience in the area, open up doorways to other roles, or possibly get onto further academic learning?

    If it's just personal development, with no real aim... if you have the cash, go for it, it will be interesting a fun...

    If it for professional development with a view of moving roles, personally, I would go for something a bit more recognised.

    HR of companies will be looking for the likes of your CEH, OSCP, Sec+, Pentest+, CCNP Sec etc.....(queue the bashing of said exams, just saying it as that's what HR will be looking for)

    There are tons of stuff on Udemy and I'm almost sure Offensive Security (makers of Kali) have a free course on using it which covers the majority of what's mentioned in the UCD course.... but everyone mentions this as if it's easy to do, self study with no "consequence" (oh I have this assignment or test to do) is a skill in itself that doesn't come over night, some people (most) need a structured course.....

    If it's an academic angle, having a PD Cert from UCD will be great evidence of self learning...

    I was fortunate enough to get on the Cisco scholarship when they first brought out the CCNA CyberOPS exam... got free access to their online content and exams... it was fantastic... they had us going through various attacks using Kali,setting up firewalls and other defences.... it's a shame the cert isn't more recognised, as from what I can see, it would clear a lot of the Pentest+ material no problem... I would definitely recommend the course due to it's content, but unfortunately, it's not well recognised, so is possibly a waste of cash...



  • Registered Users Posts: 18,843 ✭✭✭✭Donald Trump



    I was merely addressing the point made that if a person working in IT wasn't up to speed on these issues that they needed to change careers. If you are in a large organisation you don't want the local IT help to be responsible for any of that stuff. Doing so would be a huge operational risk because you'd have a hodge-podge all over the place.

    The role of the local IT person might be just to set up a meeting between local teams and the network or security teams if there was new requirements. If something broke that needed fixing then they would need to coordinate with the relevant dedicated team to have it fixed. I worked in a place before where it would not be that unusual for an organisation wide patch to be pushed out which would break some local configuration. As in once or twice a year. Local IT would need to get the appropriate team on the phone and get it sorted.



  • Registered Users Posts: 2,294 ✭✭✭YellowFeather


    Keep living the dream dude!

    You said that the local IT grunt shouldn’t have access to make changes which would introduce vulnerabilities to a company. Agree with you on this, apart from your terminology, which could use some refinement. However, this isn’t the case in the majority of companies.



  • Advertisement
Advertisement