1.

Cyber security Roadmap Overview

A cybersecurity roadmap is a structured plan to develop the skills, knowledge, and certifications
needed to protect digital systems, networks, and data from cyber threats. This roadmap is designed
for beginners with some technical interest (e.g., familiarity with packets or networking) and aims to
guide you to an entry-level cybersecurity role (e.g., SOC analyst, network security engineer) within
6–12 months, with a focus on network security protocols and packet-level protection.
Goals:
 Understand networking fundamentals (OSI/TCP-IP models, packets).
 Master network security protocols (TLS, IPsec, WPA3, etc.).
 Gain hands-on skills in securing packet flows and detecting threats.
 Earn relevant certifications for career advancement.
 Build a professional network and portfolio.

2. Step-by-Step Cybersecurity Roadmap (6–12 Months)

Month 1–2: Build Foundational Knowledge
Objective: Understand cybersecurity basics, networking, and packet flow.
 Key Concepts:
o Cybersecurity Basics: Learn about threats (malware, phishing, DDoS), CIA triad
(Confidentiality, Integrity, Availability), and risk management.

o Networking Fundamentals:
 OSI Model: Study all 7 layers (Physical to Application), focusing on packet
encapsulation (e.g., TCP segment, IP packet, Ethernet frame).

TCP/IP Model: Understand Link, Internet, Transport, and Application layers,

and how protocols like TCP, IP, and HTTP operate.
 Protocols: Learn TCP/IP, DNS, DHCP, and subnetting for packet routing and
addressing.
 Packet Flow: Study how packets are created, transmitted, and reassembled,
using tools like Wireshark.
o Network Security Protocols (introduction):
 TLS: Encrypts Application layer data (e.g., HTTPS).
 IPsec: Secures Network/Internet layer packets.
 WPA3: Protects Data Link layer frames in Wi-Fi.
 Resources:
o Free: Cisco Networking Academy (networking basics), Cybrary (cybersecurity intro),
TryHackMe (networking labs).

o Paid: CompTIA Network+ course (Professor Messer free videos).

o Books: “Networking All-in-One For Dummies” by Doug Lowe.

 Tools: Wireshark (packet analysis), VirtualBox (set up a home lab with Linux/Windows VMs).
  Tasks:
o Set up a virtual lab (e.g., Kali Linux, Windows Server).
o Capture and analyze packets using Wireshark to understand headers (e.g., IP, TCP,
TLS).
o Learn basic Linux commands (e.g., ping, traceroute) and Python scripting for
automation.

 Outcome: Understand packet flow, OSI/TCP-IP layers, and basic security protocols.

Month 3–4: Deepen Networking and Security Protocol Skills

Objective: Master network security protocols and packet-level security.
 Key Concepts:
o Network Security:
 Firewalls: Filter packets by IP/port (e.g., iptables, pfSense).
 IDS/IPS: Detect/block malicious packets (e.g., Snort).

VPNs: Use IPsec for secure packet tunneling.

o Security Protocols (in-depth):
 TLS 1.3: Study handshake, AES-256 encryption, and packet encryption. Use
tools to inspect TLS headers.
 IPsec: Learn AH/ESP modes, IKEv2 for VPNs, and packet encapsulation.
 WPA3: Understand SAE handshake, AES-GCMP encryption for Wi-Fi
frames.
 DNSSEC: Prevents DNS spoofing by signing packets.
 MACsec: Secures Ethernet frames in LANs.
o Packet-Level Threats:
 Packet sniffing, MITM, ARP poisoning, SYN floods.
 Countermeasures: Encryption (TLS, IPsec), secure protocols (DNSSEC,
WPA3).
 Resources:
o Free: TryHackMe (Network Security room), Hack The Box (basic labs).

o Paid: Udemy (Network Security courses), SANS SEC560 (advanced, if budget

allows).
o Books: “Practical Packet Analysis” by Chris Sanders (Wireshark focus).
 Tools:
o Snort (IDS for packet inspection).
o OpenVPN (IPsec setup).
o Kali Linux (tools like tcpdump, nmap).
 Tasks:
o Configure a firewall to filter packets (e.g., block port 80).
o Set up an IPsec VPN using strongSwan or OpenVPN.
o Simulate MITM attacks in a lab (e.g., ARP spoofing with BetterCAP) and mitigate
with WPA3/MACsec.
o Analyze TLS handshakes in Wireshark.
 Outcome: Proficiency in securing packets with protocols and detecting threats.

Month 5–6: Learn Ethical Hacking and Penetration Testing

Objective: Apply security protocols to identify and fix vulnerabilities.
 Key Concepts:
 o Ethical Hacking:
 Scanning: Use Nmap to identify open ports/services.
 Vulnerability Assessment: Find weaknesses (e.g., unpatched systems, weak
TLS versions).
 Penetration Testing: Simulate attacks (e.g., exploit misconfigured firewalls).
o Packet-Based Attacks:
 SQL injection: Injects malicious payloads via Application layer packets.
 DDoS: Floods Transport/Network layers with packets.
 Countermeasures: WAF (Application), rate limiting (Transport), IPsec
(Network).
o Security Protocols in Action:
 Use TLS to secure web apps, IPsec for network tunnels, WPA3 for Wi-Fi.
 Resources:
o Free: TryHackMe (Penetration Testing path), Hack The Box (CTF challenges).

o Paid: TCM Security’s Practical Ethical Hacking course.

o Books: “The Hacker Playbook 3” by Peter Kim.

 Tools: Metasploit, Burp Suite (web testing), Nmap, Nessus (vulnerability scanning).
 Tasks:
o Perform a network scan to identify vulnerabilities (e.g., outdated TLS versions).
o Test a web app for SQL injection, ensuring TLS protects data.
o Simulate a DDoS attack in a lab and mitigate with firewall rules.
 Outcome: Ability to test and secure networks using protocols and tools.

Month 7–9: Earn a Certification and Specialize

Objective: Validate skills with a certification and focus on network security.
 Certifications (choose one based on goals):
o CompTIA Security+: Entry-level, covers TLS, IPsec, firewalls, and packet security.

o CompTIA Network+: Focuses on networking and protocols (prerequisite for

Security+).

o Certified Ethical Hacker (CEH): Emphasizes pen testing and packet-based attacks.
o Cisco CyberOps Associate: SOC-focused, includes packet analysis with Wireshark.
 Specialization:
o Network Security: Deepen knowledge of IPsec, MACsec, and IDS/IPS.
o SOC Analyst: Focus on SIEM tools (e.g., Splunk) and packet monitoring.
o Cloud Security: Learn AWS/Azure network security (e.g., VPCs, encrypted packets).
 Resources:
o Free: Professor Messer (Security+ videos), Cisco Networking Academy (CyberOps).
o Paid: Pluralsight (CEH prep), CBT Nuggets (Security+/Network+).
 Tasks:
o Study for and pass a certification exam (e.g., Security+ in 2 months).
o Build a project: Configure a secure network with IPsec VPN and WPA3 Wi-Fi.
o Contribute to open-source security tools (e.g., Snort rules) for portfolio.
 Outcome: Industry-recognized certification and specialized network security skills.

Month 10–12: Gain Practical Experience and Network

Objective: Apply skills, build a portfolio, and land a job.
  Practical Experience:
o Home Lab: Simulate a corporate network with firewalls, IDS, and IPsec VPNs.
o CTFs: Solve network security challenges on Hack The Box or TryHackMe.

o Internships/Freelancing: Apply for entry-level roles or freelance gigs (e.g.,

vulnerability scanning).

 Networking:
o Join communities: LinkedIn, Reddit, Discord cybersecurity groups.

o Attend events: DEF CON, BSides, or virtual summits.

o Follow experts on X for trends (e.g.,

@joshuadjpaul

@AndersonOnovre

).

 Portfolio:
o Document projects: Write-ups of lab setups (e.g., IPsec VPN config) or CTF
solutions.
o Create a GitHub repo with scripts (e.g., Python for packet analysis).

 Job Roles:
o Junior SOC Analyst: Monitor packet traffic, use SIEM tools.
o Network Security Engineer: Configure firewalls, IPsec, and WPA3.
o Security Analyst: Analyze vulnerabilities and secure packet flows.

 Tasks:
o Apply to 5–10 entry-level jobs (e.g., via LinkedIn, Indeed).
o Publish a blog or LinkedIn post on a project (e.g., “Securing a Network with TLS and
IPsec”).
o Network with 10 professionals via LinkedIn or X.
 Outcome: Entry-level job or internship, professional network, and portfolio.

3. Visual for Canvas Panel: Cybersecurity Roadmap with OSI/TCP-IP and Protocols
Description:
 Layout: A horizontal timeline (12 months) overlaid with OSI and TCP/IP model stacks,
showing where skills, protocols, and certifications align.
 Content:
o Timeline (Bottom):
 Months 1–2: Basics (Networking, OSI/TCP-IP, TLS intro).
 Months 3–4: Protocols (TLS, IPsec, WPA3).
 Months 5–6: Ethical Hacking (packet attacks, mitigation).
 Months 7–9: Certifications (Security+, CyberOps).
 Months 10–12: Experience (labs, jobs).
o OSI Stack (Left):
 L7: Application (TLS, DNSSEC, S/MIME).
 L6: Presentation (TLS encryption).
 L5: Session (TLS sessions).
 L4: Transport (DTLS, TLS).
 L3: Network (IPsec).
 L2: Data Link (WPA3, MACsec).
 L1: Physical (physical security).
o TCP/IP Stack (Right):
 Application: TLS, DNSSEC, S/MIME.
 Transport: TLS, DTLS.
 Internet: IPsec.
 Link: WPA3, MACsec.
o Connections:
 Lines linking roadmap steps to layers (e.g., Month 3: TLS → OSI L6/L7,
TCP/IP Application).
 Highlight certifications (e.g., Security+ spans L3–L7).
 Packet example: Show headers (TLS, IPsec, WPA3) added during
encapsulation.
 Design:
o Color-code layers (e.g., OSI L3: Red, TCP/IP Internet: Red).
o Timeline milestones as icons (e.g., book for basics, certificate for Security+).
o Sidebar with tools (Wireshark, Nmap) and threats (MITM, DDoS).
 Example Layout:
 OSI Model Timeline (Months 1–12) TCP/IP Model
 +----------+ +--------------------------+ +----------+
 | App (L7) |<-->| M1–2: Basics (TLS intro) |<-->| App |
 | TLS, DNS | | M3–4: Protocols (IPsec) | | TLS, DNS |
 +----------+ | M5–6: Hacking (MITM) | +----------+
 | Pres (L6)| | M7–9: Certs (Security+) | | |
 | TLS | | M10–12: Jobs (SOC) | | |
 +----------+ +--------------------------+ +----------+
 | Sess (L5)| Packet: [WPA3[IPsec[TLS[]]]] | Trans |
 | TLS | | DTLS |
 +----------+ +----------+
 | Trans(L4)|<---------------------------->| Internet |
 | DTLS |<---------------------------->| IPsec |
  +----------+ +----------+
 | Net (L3) |<---------------------------->| Link |
 | IPsec |<---------------------------->| WPA3 |
 +----------+ +----------+
 | Link (L2)| | |
 | WPA3 | | |
 +----------+ | |
 | Phys (L1)| | |
+----------+ +----------+
 Canvas Features:
o Interactive: Click a month to see skills/protocols learned.
o Zoomable packet view: Show TLS/IPsec/WPA3 headers.
o Filter by layer to highlight relevant protocols (e.g., L3: IPsec).

4. Real-Time Insights (Web and X, April 16, 2025)

Drawing from provided web and X sources, here are current trends and insights shaping
cybersecurity roadmaps, with a focus on network security protocols:
 Web Insights:
o Demand for Network Security Skills: GeeksforGeeks (2025) emphasizes network
security and cryptography as core skills, with protocols like TLS and IPsec critical for
roles like SOC analysts.

o Certifications: CompTIA Security+ and Cisco CyberOps are recommended for

beginners, covering packet analysis and protocols (TLS, IPsec). SANS and
CyberDefenders highlight these for 2025 roadmaps.

o Protocol Relevance: Cloudflare notes TLS 1.3’s dominance for securing Application
layer packets, while IPsec is key for zero-trust and SD-WAN. WPA3 is standard for
Wi-Fi security.

o Hands-On Learning: TryHackMe and Hack The Box are widely recommended for
practicing packet-based attacks (e.g., MITM) and countermeasures (e.g., TLS,
WPA3).

o Emerging Trends: NIST discussions highlight post-quantum cryptography for

TLS/IPsec due to quantum risks, expected to impact roadmaps by 2030.

 X Insights:
o Community Roadmaps: X posts from
 @AndersonOnovre

and

@joshuadjpaul

outline 2025 roadmaps, emphasizing networking (TCP/IP, OSI), ethical hacking, and
protocols like TLS and IPsec.

o Practical Focus:

@skyletmoringa

suggests focusing on packet analysis (e.g., Wireshark) and Linux for network
security, aligning with protocol mastery.

o Certifications and Labs:

@hackysterio

shares a SOC analyst roadmap, recommending Cisco CyberOps and labs for packet
monitoring, reinforcing protocol skills.

 Sentiment: Both web and X sources stress practical, hands-on learning (labs, CTFs) and
certifications (Security+, CyberOps) for network security, with protocols like TLS 1.3, IPsec,
and WPA3 as must-knows for 2025.

5. Key Takeaways
 Roadmap Structure: Progress from networking basics (OSI/TCP-IP, packets) to mastering
security protocols (TLS, IPsec, WPA3), ethical hacking, certifications, and job-ready
experience.
 Network Security Focus: Emphasizes securing packets with protocols and tools (firewalls,
IDS), critical for roles like SOC analyst or network security engineer.
 Certifications: CompTIA Security+ and Cisco CyberOps are ideal for validating protocol and
packet skills.
 Practical Skills: Labs (TryHackMe, Hack The Box) and tools (Wireshark, Snort) are essential
for mastering packet-level security.
 2025 Trends: TLS 1.3, IPsec, and WPA3 dominate, with post-quantum cryptography on the
horizon.
6. How to Use This Roadmap
 Visual Implementation:
o Create the canvas panel using Canva, Lucidchart, or PowerPoint, with the timeline
and OSI/TCP-IP stacks.
o Add interactive elements (e.g., clickable months) for study planning.
 Learning Plan:
o Follow the monthly tasks, starting with free resources (Cisco, TryHackMe).
o Dedicate 10–15 hours/week to study and labs.
o Track progress with a checklist (e.g., roadmap.sh).

 Career Prep:
o Build a GitHub portfolio with lab write-ups (e.g., IPsec setup).
o Network on LinkedIn/X and apply for jobs after Month 9.
o Use certifications to stand out in applications.