GIAC Certs

E Double UE Double U Posts: 1,474Member ■■■■■■■□□□
My boss says CCIE Security is overkill for our team and CEH isn't necessary so he wouldn't pay for these, but he would send me to SANS training. I checked out the site and see quite a few certs that look interesting, but I don't know where to begin. Do I have to begin at a specific cert like taking CCNA before other Cisco certs? Or can I just pick any one?

GISP, GSEC, GCIH, GCIA, and GPEN all look interesting. The GISP looks like the same material as CISSP so should I just skip that one since I'm taking CISSP soon? Can GSEC be skipped since I have CCNP Security? This is my third year in Security with experience with firewalls, VPN, proxies, MDM, physical security, email filters, etc.
"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson


  • 5ekurity5ekurity Posts: 346Member ■■□□□□□□□□
    I just did the GSEC material and I'm hoping to test here sometime soon. I found some stuff to be very familiar, while other stuff was a refresher, and a little was completely new. There was a lot of 'I'm familiar with that, and I get it, but Dr. Cole put a real interesting spin on that' to really make you think outside the box.

    I'd recommend doing the free trial excerpt of the training material and seeing what you like. Of course, your role and responsibilities will also play into what choice would be best for you. If you are heavily network focused, you might want to look into the GCIA.
  • E Double UE Double U Posts: 1,474Member ■■■■■■■□□□
    Thanks for the info! I am heavily network focused and would like to remain hands on.
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • cyberguyprcyberguypr Senior Member Posts: 6,636Mod Mod
    The world of SANS is great. Although some courses build on each other (FOR408 > FOR50icon_cool.gif, for many you can start anywhere you feel comfortable. Make sure you peek at the catalog as it has information better organized than the website.

    When I got into SANS I looked at the GSEC topics and found them too basic. Since I am a Windows guy I started with SEC505: Securing Windows. From there I moved to SEC504: Hacker Techniques, Exploits & Incident Handling. My next one is SEC501: Advanced Security Essentials - Enterprise Defender. I'm an addict now.

    I always try to create awareness of the Work/Study Program. If funds are tight and the boss complains about the hefty $5k price tag you can facilitate one of the events and get the class, audio MP3s, onDemand, and one attempt at the cert for $900.
  • E Double UE Double U Posts: 1,474Member ■■■■■■■□□□
    Thanks cyberguy! So much to choose from. I actually don't like having so many interesting options because that makes it harder to choose.
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • idr0pidr0p Posts: 104Member
    So as you have probably seen on the site SANs has various tracks in which you can take (Forensics, Pentesting, , SecOps, Management..etc)

    I would go with the 504 (GCIH) this will dabble deep enough into most of those areas that you will get an idea of the path you would like to take. It is also a good intermediate certification for people who have a couple years in InfoSec.
  • E Double UE Double U Posts: 1,474Member ■■■■■■■□□□
    Security Administration seems like the way for me to go. I might just go for the GCIH since that seems to be a higher level than GSEC. I was interested in GSEC since it has Linux which I don't have any experience with.
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • E Double UE Double U Posts: 1,474Member ■■■■■■■□□□
    Has anyone taken the On-Demand or VLive courses? I'm curious as to how they compare to actually being in the classroom.
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • 5ekurity5ekurity Posts: 346Member ■■□□□□□□□□
    I took mine OnDemand - being the GSEC was my first, I have no classroom experience so I can only speak to my OnDemand experience.

    Overall, I thought it was great and it allowed me to go at my own pace (balancing work/life/school/training) and I was provided with everything needed to be successful. The thing I liked most about OnDemand is the ability to move back and forth between videos, i.e. if there was a concept I needed to hear be explained again, or write down a note or whatnot - I could do that, and pick up where I left off. They also have contact information for if you run into any difficulties while studying - i.e. you aren't clear on a topic or a command, how a tool works, etc. Last, from a cost perspective, it allowed me to maximize my training budget by not having to fly out / stay in a hotel.

    If I feel comfortable with the material being presented based on the 'syllabus', I'd definitely do OnDemand again (aiming for the GCIH in 2015, likely OnDemand). If it was something where I felt that I would need more help / guidance with an instructor in the room, then I would go on-site to the classroom training.
  • docricedocrice Posts: 1,706Member
    I've done both. A downside of OnDemand is if there's a capture-the-flag challenge on the final day of class, you won't experience working in a team. Being at a SANS event also gives you networking opportunities with peers in the field as well as evening presentations and panel discussions. NetWars is also available for free at the larger conferences. It's a very immersive event if you take advantage of all that's there.

    But OnDemand allows you four months of access to the material to go through as your schedule (and discipline) permits with a VirtualMentor who typically responds within hours of a query (in my limited experienced of using them). You also don't have the travel costs to the event, obviously. There are also discount offerings posted that people forget to mention:

    I've never done vLive, so I can't speak to that. The best bang-for-the-buck if you want to attend an actual conference is the WorkStudy program.
    Hopefully-useful stuff I've written:
  • JoJoCal19JoJoCal19 California Kid Posts: 2,735Mod Mod
    How is the OnDemand compared to the Self Study? I know you said OnDemand allows four months of access. How about Self Study? I put in for Work Study for SANS East 2015 in Orlando in April.
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
  • MattSCMattSC Posts: 25Member ■□□□□□□□□□
    The Self Study description lists four months of access to the audio recordings. However, if it's anything like the MP3 access you receive with the other course options (live and On Demand), you should be able to save the MP3 files locally for later review.
  • E Double UE Double U Posts: 1,474Member ■■■■■■■□□□
    I'll be taking the SEC504 in Amsterdam this May. I'm pretty excited.
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • fuz1onfuz1on Posts: 961Member
    E Double U wrote: »
    I'll be taking the SEC504 in Amsterdam this May. I'm pretty excited.

    Cool!!! Good luck! | ProHacker.Co(nsultant) | ITaaS.Co(nstultant) | | @fuz1on
    Transmosis | | LinkedIn |
    If evil be spoken of you and it be true, correct yourself, if it be a lie, laugh at it. - Epictetus
    The only real failure in life is not to be true to the best one knows. - Buddha
    If you are not willing to learn, no one can help you. If you are determined to learn, no one can stop you. - Unknown
Sign In or Register to comment.