Naturally curious people will have a great time learning about Information Security, as this vast field requires a breadth of knowledge on several subjects in many areas; e.g., physical, software, hardware, network…
Self-teaching is extremely important, so get ready to do a lot of research and try things out for yourself.
#1 – Universal Security Principles
Start by researching and understanding universal security concepts such as:
- Authentication vs Spoofing
- Least Privilege
- Authorization vs Elevation of Privilege
- Defense in Depth
- Availability vs Denial of Service
- Confidentiality vs Information Disclosure
- Integrity vs Tampering
- Repudiation vs Non-Repudiation
#2 – Foundations
For starters, you’ll need to understand how networks, computers, software and the Internet all work.
#3 – Some Resources
Most of these are related to networking, system administration, programming or software security:
- https://pentesterlab.com/bootcamp
- https://pentesterlab.com/exercises
- https://www.owasp.org
- http://www.irongeek.com/i.php?page=security/hackingillustrated
- https://vulnhub.com/
- https://www.gns3.com/