🖇️Learning Dependencies

Way of Learning

  • When approaching a situation, we use the patterns we have been conditioned to use. As highlighted before, the art of thinking "outside the box" is an essential part of the "hacker mindset," or the way we must think as penetration testers to solve complex problems. Thinking outside the box means seeing things beyond the limitations placed on us.

  • The learning process is not just theoretical and practical; it also largely depends on our emotional state. If we feel good and know we will reach our goal, we will be successful. Another essential part of success is knowing our goal. We will overcome obstacles put in our way. If we do not have a goal, we will stop at the first obstacle. Without a goal, we will be disoriented, moving from one topic to another.

Learning Efficiency

  • The problem here is the sheer size of the information security field. All of the technical information we need to be successful in this field is already out there. The primary and most difficult objective we must overcome is the combination of our knowledge, adaptation, and new information.

  • It often is not easy to find the information we need. First, we have to determine what kind of information we need by asking these two questions:

    • What do we already know?

    • What do we not know yet?

Failure is one of the parts of the learning process which make us successful. Experience is built on failures. It explains that we know how to handle different and sometimes adverse situations where something does not work as expected.

  • Many companies are searching for good penetration testers and information security specialists. However, we need to define what it means to be good. To be good at something means we know what we are doing. If we know what we are doing, it means we are experienced in this topic.

  • Experience means we have a vast repertoire in this field. Repertoire comes from associations and practical experience. When we say practical experience, we want to know how much we have to practice to become competent at a specific task, but there is no specific answer to that.

    • There is something called the "10,000-Hour Rule," which explains that you need to spend 10,000 hours becoming good at something. We do not want to spend 10,000 hours learning a skill.

    • The Pareto principle states that with 20% of the effort, we can achieve 80% of the effect. Conversely, this means that with 80% of the effort, we can achieve the remaining 20% of the effect, which is 100% missing. However, it is essential to note that it does not apply to everything but is a general rule applied to specific areas.

Learning Types

  • The Learning Pyramid can be represented in many different ways. It describes the learning efficiency of different types of practice. There are two main types: passive and active learning.

Passive Learning

  • If we go through the modules, of a penetration testing course, just by reading, we will learn only about 10% of the whole penetration testing experience.

  • By watching some demonstrations, we will not learn more than 30%.

Active Learning

  • When we start to discuss our entire enumeration process, results, and findings with others, we will see different points of view, results, and information to compare with our own and find out what we missed. By using this type of active learning, we collect up to 50% experience.

  • Before we can discuss our results with others, we should practice on our own. So while we practice, our learning experience grows to 75%.

Learning Process

  • Information has a certain level of quality. However, not all information is helpful. More than that, some information can confuse and disorient us completely. To learn to discern such information, we need a repertoire, which we collect by practicing. Therefore, it is essential to understand the context of the topic we are researching.

  • Efficiency depends not only on the quality of information we find but also on the usage of that information. Moreover, it depends on our motivation, focus, and goal. There are many different ways to stay motivated.

    • An excellent method that works very well is recognizing success, even the most minor successes.

    • When we know our goal, we know the direction of our actions. If we are focused on our goal, we will notice when we drift from our path.

    • By following our path, we will automatically look back and see how far we have come. At this point, it is vital to notice the progress we have made. Looking back and seeing how far we have come will keep us motivated.

Progress is noticeable when the question that tortured us has lost its meaning.

  • Many people struggle during the learning process because they have to learn a lot of different topics. It is vital to take breaks and remain calm. As for how many breaks we need and how long they should be, we have to answer this question ourselves because only we know what effects and consequences our actions will have on us.

  • There are many ways that we become "stuck". It could be that we focused too much and lost the context of the task at hand, or we are tired and did not take enough breaks.

    • Solving a problem like this requires creativity. In penetration testing, it is essential to pay attention to details that appear unimportant at first glance.

    • It is crucial to train the eye to notice even the most minor details.

The Goal

  • The term goal refers to a state that lies in the future, generally changed from the present, desirable, and that we aspire to fulfill. A goal is thus a defined and desired endpoint of a process.

  • here are many different types of goals. For every single goal, dozens of different formulas and models have been created to achieve them in the "best possible" way. However, finding a suitable model that fits our personal needs, life experiences, and goals is not easy.

  • A meta-analysis of over 200 studies with more than 40,000 participants shows that over 90 percent of people are significantly more successful in achieving their dreams by setting challenging and specific goals.

  • None of the current "great" and well-known personalities will say that they knew the path that led them to the goal beforehand. None of these people knew it. However, what they did know was the goal they had set for themselves.

  • No matter what goal we have in mind, we must decide on it.

  • Optional Exercise: Write down the goal you want to achieve as precisely as possible. Try to break it down and describe it in 500 words at most.

PreviousLearning MindsetNextLearning Process

Last updated