Paying 5700$ to SANS course (GCIH)

UnixGuy

So how do you guys feel about paying 5700 dollars for a five days course with SANS? (I signed up for the volunteer work/study program but I've yet to hear back).

I'm seriously considering paying the fees for this course: Incident Handling Course | Training Hacker Techniques | SANS SEC504
as they are coming to my city.

Do you think it's worth it?

My background in incident handling and penetration testing = zero. I want to eventually work in forensics and incident handling. Any thoughts?

SaSkiller

Do you intend to attend the course or just take the training? One of the big issues I have with SANS (And why I have never attended the live course) is that travel costs have to be considered as well. All told you may be looking at 6-7k total.

UnixGuy

I really want to attend the training and pass the exam as well. No travel cost as this will be in my city, but yeah I'll have to take 5 days off work, that's a cost too.

SaSkiller

That's a rough call man. Honestly I'm not sure if it is worth it, when I take it through VLive or other delivery method I can wear PJ's all day. I suppose you could at the conference as well though...

LionelTeo

5700 is not going to net you any positive ROI in the short term, except to help to switch to IT Security Field. You got to know where you stand in terms of IT Security Knowledge, I would recommend to attempt CEH via self study first and the self study for GCIH to maximize your ROI.

You can picked up Counter Hack Reloaded by the same author which had covered a good portion of the course material except the incident handling part, where you can cover with another book. You can also picked up latest edition of hacking exposed to learn about the new attacks which Counter Hack Reloaded had missed since its published date. Once you beef up your foundation with CEH, you can probably self study for GCIH, it is possible to challenge it.

UnixGuy

I think I agree with you guys. I could do a lot more stuff on my own like (CEH, CHFI, CISSP,..even OSCP) without the need to pay for this expensive training.

I have recently move to the IT security field, but I don't do incident handling really, barely analysing logs and ops type work. I guess I should do more self-study and certifications before paying 5K to SANS course.

LionelTeo

Just to add on there is overlapping concepts cover by CEH and GCIH. Once you get CEH, just study counter hack reloaded and incident response and forensic and go for GCIH. I had challenge all my GIAC certs except GCED, so it is possible to do it. Just be resourceful and work hard and you will get it.

UnixGuy

Sounds like a plan, cheers mate!

joelsfood

I think passing on this one right now would be the best choice for you. As much as I value education in it's own right, I do'nt think this would be the best investment for you right now.

That being said, I'm in a $5500 ccie course this week. So I'm definitely not against training in general.

E Double U

I'm only taking SEC504 because my employer is paying for it. I prefer to self-study and use thousands to take my family of four on annual vacation

joelsfood

Exactly, EDoubleU. Work is paying for this course. I am happy to have it though. And I'll be happy to take my wife and kid to the beach in San Jose after I take my lab exam, with work paying for the hotel and my plane ticket.

GForce75

Ya, getting the other stuff would be a good move as they mentioned. Then, that will probably help increase your knowledge for the SANS course. Best of luck and way to stay proactive. If you need help holding that money, i'll send you my paypal address

chanakyajupudi

You may want to consider the Work Study program. It costs you 900$ if you get selected. I have done them 4 times till now. I passed three certs. Failed one.

UnixGuy

I applied for work-study program, waiting for their response now

philz1982

I personally would take 5700 and apply it to books, software and lab equipment.

cyberguypr

I love SANS but only do courses through Work Study. Can't imagine paying $5k+ out of pocket for one class.