What is Information Security, Penetration Testing and Ethical Hacking?

Written by intel

ETM Show # 5 is a chat with Frank Trezza, an InfoSec Professional and Certified Ethical Hacker, about how he got started, examples of cyber attacks and best practices to protect yourself.

InfoSec security attributes and qualities from the CIA Triad
Information Security Attributes and Qualities aka CIA Triad

After listening to this episode you will learn:

  • How Frank found the teacher’s answers to the course assignments for the year
  • How the field of InfoSec and Cyber Security got him out of homelessness
  • How he used Social Engineering to get into DEFCON
  • How to learn a few key skills without knowing “everything” (but still easily having access to the unknown knowledge you need)
  • Some industry standards for Pen Testing
  • Why a lot of courses aren’t very good (and the best way to really learn the craft)
  • Some free or cheap tools you can get to start learning right away
  • Why you shouldn’t get used to using one tool alone
  • Examples and definitions of various Cyber attacks
  • Best practices to protect yourself from attackers
  • Why the work from home trend caused a revolution in Cybersecurity
  • Why Vulnerability Assessments are less accurate than Pen Test audits
  • The idea of “Security Theater” and why it always be a cat and mouse game

Subscribe to ETM

Listen on Apple Podcast Logo

InfoSec Show Notes

Action Steps for InfoSec Learning

  1. Re-listen to 55:00 for best security practices
  2. Out of what was mentioned, what do you do or not do?
  3. Make a list of ways to improve your security model
  4. Read the NIST Cybersecurity Framework and PTES 1.1
  5. What did you understand or did not understand?
  6. Note down how you can apply what you read
  7. Feel free to comment below with any questions, comments or insights

Further ETM Resources

About the author


Hi! I am the Emerging Tech Mastery (ETM) friendly robot overlord and mascot. Thanks for checking us out.

Leave a Comment