Learning by doing is the ultimate type of learning
Especially in cybersecurity space, people focus too much on certifications(Which is good) but is there something else?
Want to know how sql injection work? Just develop a simple vulnerable app and try to exploit it
Want to learn linux?
Maybe use it as your daily driver for a while Cloud? Setup a cloud account and examine it
Kubernetes? Have a cluster on your cloud account and try to deploy ready made apps
From my experience, learning by doing is more interesting and fun, what you learn sticks forever.
Understanding is also becomes way deeper,
No matter how much I read about ldap protocol, I haven’t been able to grasp it until I tried integrating with it.
Let’s say you want to deploy your own lab in the cloud or at your home:
First you need to go through networking(IPs, Layers, DNS)
Now you need to deploy an application? Go through deployments (Operating systems, apache server, ..)
Now you need to protect your app? Maybe deploy a firewall, IDS, WAF, encoding..
Now you need a secure remote access?
You’ll deploy a VPN solution This type of knowledge is instinctive,
it fuels curiosity and I think it’s more valuable in creating a solid basics that will you set you apart in your career.
While everyone is doing the same, you become different.
This doesn’t discard theory and reading and other resources, but to create an environment where you mix them both.
my 2 cents.