I don’t understand why people recommend to start straight away into Security with Hacking/Pen-testing/Risk… Bla Bla. That’s not recommended for a fresher, if he/she isn’t sure about the domain.
Consider some facts about Security Domain.
Computer Security has two paradigms.
- Network Security
- Information Security
Both are close cousins, but both have several differences.
Information Security deals with entire security as a whole. This is where you’ll get Ethical Hacking, Cyber Security, Vulnerability Assessment, Risk Analysis, CISSP, CISA etc etc. This includes Physical Security too.
Network Security deals with Firewalls, VPN, IDS/IPS, Content/Web Filtering, partially Routing/Switching of the network traffic. This is where all the policy enforcement are made to protect/secure networks.