GCWN Self Study

berto_tester

New to TE, but have been stalking for a while and really enjoy what is offered. I have looked at the majority of the forum for the information I need but no joy.

My employer will reimburse me for the GIAC exams, and I really want to take the GCWN.

Current Experience/Certs
Associates of Microsoft Networking -- Server 2003/Exchange stuff
Bachelors of Information Security 2010 Grad
Currently Pursuing a Masters in infosec Expected Grad date Aug 2015
Sec +
Linux +
CEHv8 2015
CISSP 2015
Server 2008 AD Certified 2014
Vista Certified 2010

So that is my background, I also work in the field, but opportunities for hands on are hit and miss.


I really want to challenge the GIAC GCWN, but have no idea what books to get, other than the ones provided by the SANS course.

I am in a position where I can dedicate quite a bit of time to self study, Just need to know what to study.

Thanks in advance

berto_tester

This needs a bump. I find it hard to believe there isn't anyone on here that hasn't challenged the GIAC GCWN

veritas_libertas

Berto_Tester: I think there is a reason you don't hear much about the GCWN certification being challenged. It's simply not as popular as other GIAC exams, such as the GSEC and the GCIH. As a comparison, there are 36,720 GSECs. The GCWN only has 3,015 certified individuals.

berto_tester

@veritas_libertas, that is legit. I am just looking to enhance my skills/knowledge in the Microsoft Security realm. And while doing so grab another cert.

berto_tester

That makes sense, but I really want to add to my Windows Security toolkit, and MCSA is way to much informaiton about the servers and the tests are bloated, I dont have the experience to pass those. Any other ideas for MS security?

veritas_libertas

I disagree. You need time with MS in order to know how to secure it. I would grab the MCSA books, spend time labbing and then pass the exam.

5ekurity

Agree with veritas - you need to understand what you are securing to understand why it needs to be secured, what the risks are for not securing it, and how to do so while balancing the fine line of operational functionality (delivering service to the business) and security (ensuring that service is not abused / compromised / etc).

That last point is more of a "know the business" item, but you won't get far in security without being able to do that dance. It's easier to say "no" to everything than "let's find a way to do both".

veritas_libertas

5ekurity wrote: »

...but you won't get far in security without being able to do that dance. It's easier to say "no" to everything than "let's find a way to do both".

Yes, and the first time a competent department head decides to question what you say and your only response is "because security!" you will quickly learn that business usability almost always trumps security.

docrice

Do you want to gain the certification "badge" or gain the knowledge to be effective? If you really want to get good at Windows security, build your own domain/forest, understand the security concepts like tokens, permissions, privileges, rights, etc.. In a business environment, Active Directory is an overarching umbrella for which you must understand, including LDAP principles, trusts, Group Policy, etc..

If you're comfortable with these, then check out Windows Internals. Also start brushing up with PowerShell, etc..

The SANS 505 syllabus is pretty much here:
https://www.sans.org/course/securing-windows-with-powershell

cyberguypr

Adding to what's being said, if you are afraid of an MCSA you shouldn't be looking at GCWN. Having been through this class I can tell you the cert will be of no value if you don't delve into the minutiae of the Windows platform. The issue is that out there in the real world implementing even a small security related change without understanding the underlying foundation can have an enormous ripple effect. Scary stuff.