GCIH resource

BillHoo

I was going over my notes as I've been studying for SANS 504 and found this little nugget for those who are looking for resources other than the 504 course for GCIH cert.

I found a note that mentioned a booked title "Incident Handling Step by Step" which is an outline of the course, but more material is covered.

My guess is that would be "Computer Security Incident Handling Step by Step" by Steven Northcutt who founded GIAC and Presides over SANS.


http://www.amazon.com/Computer-Security-Incident-Handling-Step/dp/0967299217

cyberguypr

One available for sale for $347.31. I'm thinking it's a NO!!! The free NIST 800-61 should be sufficient.

TechGromit

cyberguypr wrote: »

One available for sale for $347.31. I'm thinking it's a NO!!! The free NIST 800-61 should be sufficient.

I show 10 used from 7.91 on Amazon, but a new one will run you $491.01. The book is from 2003, sounds a little dated, not sure how useful it will be for the exam.

cyberguypr

OP posted ISBN 978-0967299211 from 1998. Yours is 978-0972427371 which is "newer" as of 2003. But yeah, I see very little value. NIST and the Incident Response & Computer Forensics book should cover the test objectives for IR pretty well.

valbizuresjr81

I would stick to using the SANS course material. All the information you need can be found within. Just make a really solid index.

BillHoo

By all means, if you paid for the course material that is the preferable path. But if someone doesn't have the course material and wants to wing it, they could try the book.

tpasmall

Counter Hack Reloaded is dated as well, but still useful for the exam