Get AI summaries of any video or article — Sign up free
the hacker’s roadmap (how to get started in IT in 2023) thumbnail

the hacker’s roadmap (how to get started in IT in 2023)

NetworkChuck·
5 min read

Based on NetworkChuck's video on YouTube. If you like this content, support the original creators by watching, liking and subscribing to their content.

TL;DR

Start with CompTIA A+ to build troubleshooting and system fundamentals before attempting cybersecurity or hacking topics.

Briefing

A practical, eight-step roadmap for breaking into IT and moving toward cybersecurity in 2023 centers on one idea: build job-ready fundamentals first, then stack security and hacking skills on top. The fastest route to employment isn’t jumping straight into “hacker” topics—it’s layering core IT knowledge (so we can troubleshoot, network, and understand systems) before attempting advanced offensive work. The payoff is employability: the path is designed to land an entry role—often help desk—where real experience accelerates everything else.

The first five steps apply to nearly any IT goal. Step one is “foundations,” starting with CompTIA A+. The rationale is twofold. A+ is positioned as a zero-to-competent starting point that fills gaps in “things you don’t even know you don’t know,” and it also functions as a resume signal for the first job, where employers typically want proven troubleshooting ability (including familiarity with concepts like virtual machines). The transcript also acknowledges the debate around A+, but argues the certification’s market value and breadth make it useful—especially for newcomers.

From there, the roadmap pushes security credentials early with CompTIA Security+. It’s framed as a foundational security requirement for many employers, including government roles tied to DoD 8570 compliance. Networking comes next because cybersecurity depends on understanding how systems communicate. Two certification tracks are offered: CompTIA Network+ (vendor-neutral) or Cisco CCNA (Cisco-focused but described as the “gold standard” for practical configuration knowledge). Linux is treated as essential “feet wet” knowledge rather than an attempt to become a Linux expert; the goal is to learn enough to operate confidently across the rest of IT work. Coding is placed later in the sequence—not because it’s unimportant, but because it’s more productive once networking, Linux, and security basics are in place. Still, the guidance is to start early enough to build familiarity, with Python recommended for beginners and Go as a faster, newer alternative.

Once fundamentals are in motion, the roadmap shifts into hands-on hacking. It recommends starting with CTFs (capture the flag) using platforms like PicoCTF, TryHackMe, and Hack The Box, emphasizing that early practice reveals whether someone actually enjoys hacking and highlights which foundational skills are missing. If hacking interest turns into a career direction, the next step is junior penetration testing certifications: CompTIA PenTest+ or the eJPT from INE. Both are described as similar in intent—preparing for entry-level penetration testing—while differing in training availability and cost. Finally, the path culminates with OSCP (Offensive Security Certified Professional), but only after PenTest+ or eJPT experience, because OSCP is portrayed as significantly harder and more “real hacker” in feel.

The roadmap ends with a career strategy: certifications matter, but on-the-job experience matters more. The ideal outcome is to start earning experience as soon as possible—often while continuing to level up with Security+, networking credentials, or Linux skills—because real-world tasks build competence faster than additional credentials alone. A short practice-exam segment reinforces the A+ foundation with sample questions on services, printers, batteries, multiplexing, and troubleshooting methodology.

Cornell Notes

The roadmap prioritizes employability by building IT fundamentals before pursuing cybersecurity and hacking. It recommends starting with CompTIA A+ to establish troubleshooting and system basics, then moving to CompTIA Security+ for foundational security knowledge and resume strength (including DoD 8570 relevance). Networking is treated as a core cybersecurity skill, with a choice between CompTIA Network+ (vendor-neutral) and Cisco CCNA (Cisco-focused and described as more configuration-practical). Linux and basic coding (Python or Go) are added to support later security work. Hands-on hacking begins with CTFs, then progresses to junior penetration testing certifications (CompTIA PenTest+ or eJPT from INE) before attempting OSCP.

Why does the roadmap insist on starting with CompTIA A+ instead of jumping straight into hacking topics?

A+ is framed as a “from zero” foundation that fills gaps in core IT knowledge—especially troubleshooting methodology and system concepts like virtual machines. It’s also positioned as a resume signal for the first job, which is often help desk rather than a direct cybersecurity role. The transcript argues that even if someone later pivots into networking, cloud, or ethical hacking, A+ provides the baseline employers expect for entry-level troubleshooting work.

What makes CompTIA Security+ a key early security credential in this plan?

Security+ is presented as foundational security knowledge required by many job postings, particularly government roles tied to DoD 8570 compliance. The transcript emphasizes that it functions as both learning and a “required checkbox” for hiring, making it a practical first security certification rather than a niche add-on.

How does the roadmap choose between CompTIA Network+ and Cisco CCNA?

Network+ is described as vendor-neutral, while CCNA is described as Cisco-focused and therefore more configuration-practical. The transcript calls CCNA the “gold standard” for networking certifications, arguing that Cisco knowledge transfers to other vendors because industry setups often mirror Cisco approaches. Cost is also compared: CCNA is stated as $300 versus Network+ at $359.

What role do CTFs play before any penetration-testing certification?

CTFs (capture the flag) are recommended early as hands-on practice on real vulnerable targets. The transcript says they serve two purposes: they reveal what hacking actually feels like (including whether someone enjoys it), and they make skill gaps obvious by showing which foundational topics (networking, Linux, programming, security basics) are needed to progress.

What’s the difference in the roadmap between PenTest+ and eJPT, and why does it matter?

Both are described as aiming at junior penetration testing capability. PenTest+ is positioned as having easier training availability (with IT Pro TV mentioned) but is described as more expensive ($392). eJPT is described as cheaper ($249) but with official training tied to INE only; the transcript notes INE acquired e-learning security, the original creator of eJPT, and that the official curriculum is delivered through INE.

Why does the roadmap delay OSCP until after PenTest+ or eJPT?

OSCP is portrayed as hard and as the point where many people feel like a “real hacker.” The transcript advises not attempting it until after trying PenTest+ or eJPT because those certifications provide a similar style of preparation and experience. It also suggests stopping after OSCP rather than chasing more certifications, since experience on the job becomes the main growth driver.

Review Questions

  1. If someone already knows basic IT troubleshooting, which parts of the roadmap might still be necessary for employability, and why?
  2. How would you justify choosing CCNA over Network+ (or vice versa) using the transcript’s criteria?
  3. What evidence from CTF performance would tell you to return to fundamentals before attempting OSCP?

Key Points

  1. 1

    Start with CompTIA A+ to build troubleshooting and system fundamentals before attempting cybersecurity or hacking topics.

  2. 2

    Use CompTIA Security+ early because it provides foundational security knowledge and is frequently required for roles, including government positions tied to DoD 8570 compliance.

  3. 3

    Treat networking as a core cybersecurity skill and choose either CompTIA Network+ (vendor-neutral) or Cisco CCNA (Cisco-focused, configuration-practical).

  4. 4

    Learn Linux well enough to operate confidently, not to become a Linux specialist before other skills are in place.

  5. 5

    Add basic coding familiarity (Python or Go) early enough to support later security work, even if coding comes after core IT foundations.

  6. 6

    Practice hacking through CTFs (e.g., PicoCTF, TryHackMe, Hack The Box) to test interest and identify knowledge gaps.

  7. 7

    Progress from CTFs to junior penetration testing certifications (CompTIA PenTest+ or eJPT from INE) before attempting OSCP, then prioritize real-world experience over more certifications.

Highlights

The roadmap’s core employment strategy is to build fundamentals first so the first job—often help desk—becomes attainable quickly.
CTFs are framed as both a motivation check (“do I actually like this?”) and a diagnostic tool that exposes missing prerequisites.
CCNA is presented as more configuration-practical than Network+, with the transcript claiming it carries extra resume weight.
OSCP is positioned as a late-stage goal that should come only after PenTest+ or eJPT preparation.
Certifications are treated as accelerators, but on-the-job experience is described as the real “gold standard” for skill growth.

Topics

  • IT Roadmap
  • CompTIA A+
  • Security+
  • Networking Certifications
  • CTFs and Penetration Testing
  • OSCP

Mentioned

  • IT Pro TV
  • Code Academy
  • TryHackMe
  • Hack The Box
  • PicoCTF
  • Boza
  • INE
  • Jeremy
  • IT
  • CTF
  • A+
  • CompTIA
  • TIA
  • OSCP
  • DoD
  • DoD 8570
  • D O D 85 70
  • CCNA
  • IP
  • OS
  • PaaS
  • VM
  • TCP
  • eJPT
  • INE
  • IN E
  • DoD 8570 compliance

Get summaries like this for any content

Videos, articles, research papers — all summarized by AI and searchable in one place.

Start building your library