About to pay for SANS FOR572: Advanced Network Forensics and Analysis

UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNAPosts: 4,036Mod Mod
Only few courses available in my city, so I thought that would be the best one for me....

I don't wanna travel...and I'm not being picked for work-study icon_rolleyes.gif

https://www.sans.org/event/melbourne-2016
Goal: MBA, August 2020

Comments

  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    Feel free to share you thoughts, experiences..etc. It's my SANS training...and I figured I need to start getting them so!
    Goal: MBA, August 2020
  • the_Grinchthe_Grinch Posts: 4,158Member ■■■■■■■■■■
    I'm taking 511 right now and it is truly knowledge via firehose. Definitely worth it!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    @Grinch: sounds awesome mate! I thought it's time for me to step it up training wise, and if I wait for my employers it just won't happen. Looking forward to build and expand my packet analysis and forensic knowledge! I think I'll prepare with some wiresharsk kangfu in the next couple of months
    Goal: MBA, August 2020
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    So I'm not quite sure I have the best technical background to tackle this course, but I have time to prepare.

    What books do you recommend I do before taking this course? There is couple of months and I can do some reading/practice.
    Goal: MBA, August 2020
  • bsjj27bsjj27 Posts: 24Member ■■□□□□□□□□
  • cgrimaldocgrimaldo Posts: 439Member ■■■■□□□□□□
    UnixGuy, did you ever pull the trigger on the purchase? I just passed the GCIA and this is next on my list. I'm interested to hear your gameplan on tackling this. :)
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    cgrimaldo wrote: »
    UnixGuy, did you ever pull the trigger on the purchase? I just passed the GCIA and this is next on my list. I'm interested to hear your gameplan on tackling this. :)


    No I didnt :)
    Goal: MBA, August 2020
  • jamesleecolemanjamesleecoleman Posts: 1,899Member ■■■■■□□□□□
    I'm soo tempted to pay for my own SANS training and certification. I really would like to work in InfoSec.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • the_Grinchthe_Grinch Posts: 4,158Member ■■■■■■■■■■
    I just want to put it out there that SANS training isn't required to work in InfoSec. Does it help? Sure, but I got into InfoSec without any SANS training. Part of it is time and place, but the other side is a solid foundation that you can then turn around and articulate how to secure it. With your current certification list and some experience I don't doubt you could land an InfoSec position.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • billDFWbillDFW Posts: 45Member ■■□□□□□□□□
    of all the courses, which ones are the ones to get ? Self-funded and limited budget.
  • TranceSoulBrotherTranceSoulBrother Posts: 215Member
    Based on your previous posts, quite a few for you before stepping into the SANS arena. I would advise the basic COMPTIA triad, then build up to CASP and at least study/pass CISSP (even if you don't have the required 5 years of INFOSEC experience, at least you would have the knowledge and the designation of Associate of ISC2). Later, with more experience under your belt, tackle the SANS course. $6000 / course is nothing to sneeze at if you will not benefit and comfortably pass the test.
    I'm waiting a little more myself before pulling the trigger.
  • Danielm7Danielm7 Posts: 2,264Member ■■■■■■■■□□
    the_Grinch wrote: »
    I just want to put it out there that SANS training isn't required to work in InfoSec. Does it help? Sure, but I got into InfoSec without any SANS training. Part of it is time and place, but the other side is a solid foundation that you can then turn around and articulate how to secure it. With your current certification list and some experience I don't doubt you could land an InfoSec position.


    ++ This is spot on.
  • JoJoCal19JoJoCal19 California Kid Posts: 2,799Mod Mod
    Agree with TranceSoulBrother, get some experience and other certs under your belt before considering self-paying for SANS training. I'm now at a point where I will self pay some of the more advanced SANS courses. I'm looking to take the GPEN via Work Study or by challenging the exam but after that, I will probably just self-pay for GXPN, GWAPT and GREM.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Posts: 1,905Member ■■■■■■■■□□
    I'm soo tempted to pay for my own SANS training and certification. I really would like to work in InfoSec.

    If you paying for SANS on your own dime, I would at least try to get a work study. There have been people that never attended training and were picked. Just don't be picky about location and select a lot of courses.
    Still searching for the corner in a round room.
  • jamesleecolemanjamesleecoleman Posts: 1,899Member ■■■■■□□□□□
    the_Grinch wrote: »
    I just want to put it out there that SANS training isn't required to work in InfoSec. Does it help? Sure, but I got into InfoSec without any SANS training. Part of it is time and place, but the other side is a solid foundation that you can then turn around and articulate how to secure it. With your current certification list and some experience I don't doubt you could land an InfoSec position.

    Thank you for the input. I'm looking for a solid foundation for InfoSec for sure but it's just that there are so many roads to get there. It's tough trying to get the experience and I'm totally working on learning new things which can help put me in the spot that I need to be in. I keep trying to ask people at work, who deal with security related things for tasks so I can learn but no one has anything. I'm gonna talk to someone in the security department soon to see if there will be any hands on technical stuff later. Right now it's just risk management and policies for the most part.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    @James: since you already registered for eLearnSecurity eCPPT ...if you study for that and finish you WILL learn a lot about InfoSec (not just pentesting), your networking background will improve and system knowledge as well. Keep doing what you're doing, knowledge will build up sooner than you think.
    Goal: MBA, August 2020
  • jamesleecolemanjamesleecoleman Posts: 1,899Member ■■■■■□□□□□
    Thanks UnixGuy. I keep telling myself to keep doing what I'm doing. eCPPT is way over my head at times. Gotta spend time on youtube for help.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    ..eCPPT is way over my head at times....


    and this is the best and fastest way to learn and grow.
    Goal: MBA, August 2020
  • LionelTeoLionelTeo Posts: 526Member ■■■■■■□□□□
    Reconnaissance and study your target. In this case its the SANS GNFA certification. Johnathan Ham is one of the instructor for this course and is an author of the book regarding network forensics. https://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace/dp/0132564718
    Check the content page of the books and the SANS course, there is quite a good amount of similarties
  • idirumidirum Posts: 3Registered Users ■□□□□□□□□□
    I am new to this forum, and I absolutely agree with this post. The best and closest book you can find to GNFA. I am currently taking GNFA as well, I was blessed to work with a company that paid for my course. My day-to-day job is basically wearing couple of hats in the security world, from malware analysis, endpoint analysis to network forensics. My materials hasn't arrived yet, I've been going through the onDemand, since 07/08 (the day I got my access) and already knocked half of 572.1 . What I can tell you so far is that, it's going great, loving it and plethora of knowledge to be gained with all the information. Most of the things I have encountered thus far is something I already know, but you would stumble upon information that you never thought or knew from time to time, especially true for tools you might/might not know.

    My goal is to tackle GCFA, GREM and GCIH.
  • idirumidirum Posts: 3Registered Users ■□□□□□□□□□
    idirum wrote: »
    I am new to this forum, and I absolutely agree with this post. The best and closest book you can find to GNFA.

    I was referring to LionelTeo's post regarding "Network Forensics Tracking Hackers Through Cyberspace". Sorry, wasn't able to edit my posted reply above.
  • secmonstersecmonster Posts: 4Registered Users ■□□□□□□□□□
    Thought this was a great course, real eye opener.
  • christians1christians1 Posts: 6Member ■■□□□□□□□□
    Did you ever complete the for572?
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,036Mod Mod
    I didn't pay nor take course.
    Goal: MBA, August 2020
  • justSomeGuyjustSomeGuy Posts: 4Registered Users ■□□□□□□□□□
    Has anyone actually taken the 572 exam? I'm curious as to how much overlap with 503 there is in the course material.
Sign In or Register to comment.