Question regarding SEC401: Security Essentials OnDemand course and GIAC GSEC test

rono · August 2016

Hello,

I decided after months of thinking and evaluating that my 40's birthday gift it will be a SANS course because I really need a boost in my career. I have an Bachelor of Science in Network and System Administration, 10 years work experience in IT and som certification that are getting more than 10 years old now and full of dust

. My current position is network and security administrator in a small office (50 users) and I really want to get some of SANS "black belts" in security field. (I also train Kyokushin kay

which is kind of "SANS security courses" in karate).

I will choose to start with SEC401: Security Essentials OnDemand version of the course because it's suits me and my family best. I have take a look at the course syllabus and under the SEC401.4: Secure Communications i see that cryptography and stenography are well covered and the GIAC GSEC exam will test these concepts in depth. Especially under "Crypto Concepts" GIAC states that "The candidate will demonstrate a high-level understanding of the mathematical concepts which contribute to modern cryptography."

My question is for those who have passed the exam and is regarding how deep the exam will test the crypto concepts? I'm asking that because I know that I do not have a high-level understanding of the mathematical concepts such as discrete mathematics, probability, complex algorithms and so on.

( i have decided to jump over CompTIA Sec+ because i used Darril Gibsons practice test book and i feel that I'm doing well and the SANS Security Essentials Assessment shows me 3 stars in each of the 3 sections with a 69% score. I will self finance all this SANS course journey and I want to assure me that this is right for me and I'm ready for it.)

After GIAC GSEC 401 i intend to take 504 and 560 and hopefully entering the world of cool pentesters

.

cyberguypr · August 2016

Pay special attention to the two magic words: high-level. I haven't taken this class/cert but I am sure no advanced math on any kind is required. SANS classes are for security practitioners, not crypto experts. The material covered in the class will be tested at the exact same level i'ts presented, which again, I am sure doesn't cover any advanced math. Someone who has taken the class/cert will chime in shortly.

636-555-3226 · August 2016

GSEC is pretty entry-level. If you've got 10 years of general IT experience, I would not pay out of pocket for SEC401/GSEC. The crypto is very easy and just checks to make sure you understand how cryptography works and can apply it in a VERY basic manner.

rono · August 2016

Shall I start with Sec 560 then?

TechGromit · August 2016

That may be a little too advanced without some base knowledge first, You probably be better off with a SANS 501 or SANS 504 then jumping right into penetration testing. I can't say I taken SANS 560, but from what I read, OSCP covers many of the same concepts for a significantly less price tag.

rono wrote: »

My question is for those who have passed the exam and is regarding how deep the exam will test the crypto concepts? I'm asking that because I know that I do not have a high-level understanding of the mathematical concepts such as discrete mathematics, probability, complex algorithms and so on.

Yes those differential equation questions were tough. On a serious note, there really wasn't that many questions on crypto concepts and no math was involved.

rono · August 2016

thank you for all replies!

It seems that I have been scared a little bit regarding crypto. Dr.Eric Cole gets also in some details in his Network Security bible 2nd ed. and I thought that this section will get difficult in the test without a proper understanding of the mathematical concepts. Anyway...it seems like the GSEC starts to disappear from my plan since I feel like I know all the concepts from the course syllabus and i have work experience with most of them.

Now I want to ask you what is the right path for a beginner pen tester training and most important which vendor training shall I choose? They are many out there ,cheap/expensive, accredited/not accredited and so on. My "investment" plan is to get the right training and work experience for the next few years and then to start moving to a independent consultant role (maybe pen testing firm if i get the right team).I know that I want to be a pen tester! I have a good understanding of network concepts, Linux, and some Java programming experience and willing to adopt a pen tester way of living: finding hidden doors. I looked also to other paths like CISSP,CISO certifications but no,they are boring for me even though they can give you more cash. I always do what I like not what can potentially give me more money.

After TechGromit reply I assume that a possible path can be : to choose SANS being a solid vendor in cybersecurity (but expensive for self financing )and take in this order: SEC501, SEC504, SEC 560 and so on ...maybe SEC 573, SEC 567 and so on.

Or maybe to choose Offensive Security certs, or Mile2s, or EC-Council ? Which vendor it will prepare me best to get on the business market not job market because I have worked for others almost 20 years and explained things I learned hard to people not understanding what is it about but the have decision power over me and I want to stop doing that!

TechGromit · August 2016

What I like to do is do a search on the job boards and see what certifications employers are looking for. If you type in Philadelphia, 100 mile radius, you come up with 6 matches for the OSCP certification and 9 matches for the GPEN. GPEN $6,575 (training plus exam attempt) is five times more expensive than OSCP $1,300 (3 months lab access). From the point of view of return on investment for the number of jobs available, the OSCP is a better investment. You should have a solid foundation in Linux and some Python would be helpful, but it's not a requirement. The OSCP is strictly a technical Pentesting certification, the SEC501, SEC504, SEC 560, line would give you a solid foundation that would allow you to expand into incident handling, but your looking at about 20 grand investment before you even land your first PenTesting gig.

rono · August 2016

Yeah, agree that SANS path is very expensive. I think a smart approach in my situation is to start with OSCP and try to get some experience in pentesting field. If it will be a market for this here in Norway I will go for SANS certs and others with a good reputation.

My impression about Norway is that not many firms, employers(IT-head position), recruiting firms have a clear understating about let's say what is the difference between a vulnerability test and a pentest? I mean my new IT-chief last autumn when he has begun has asking me "What it's SANS and GIAC?" when I was applying for financial cover for a SANS course. I hope that not all IT-chiefs in Norway are like this but the last 3 I had the never challenged me technically/professional! and I'm not blaming them, I blaim myself because I let the time passed by without proper action.

Has anyone have any experience with the SEPP certification and training from https://www.social-engineer.com/social-engineering-training/ .they are pricey too.

kiki162 · August 2016

Why GSEC? Why not go for CISSP instead? I challenged the GSEC exam, and the Network Security Bible is a good start. When I first started on GSEC after getting through the CISSP exam, I figure there would be a lot of the same topic covered. GSEC is definitely entry level, however I'd recommend going for Sec+ > SSCP > CISSP > GSEC. I think some of the CISSP exams get into "Crypto" topics a little more.

CISSP definitely covers a LOT of information, so I can understand why it may seem boring. If you dive into that exam, use Transcender for a good testing engine. Even the GIAC exams are tough, especially when you take a class where you don't completely understand the concepts, or how something works. Looking back, the CISSP gives you a taste of what is to come with GIAC exams.

One piece of advice on GIAC, look at getting more experience on the Linux admin side. You have 10 yrs experience, but it sounds like your jumping ahead of yourself just to get to an "ideal" role. As an example, I've seen people take bootcamps to get their MCSE or CCNA or both in hopes of getting a better paying job within a few months. Even if you did pass those exams, your only going to retain that information for a short time, and with no experience, you'll still start at the bottom and eventually work your way up.

You have to build your experience over time, and this type of stuff doesn't happen overnight. In order to really get yourself "there", I'd suggest making it a point to do 2-3 exams per year. One because you'll need the CPE credits, and two because you'll be able to stay on top of your skills set. You have the option of doing work-study for GIAC which is a lot cheaper, but you'll need to devote a good week for it. Also, see if your work will pay for some of these classes, maybe not fully, but a little bit.

I think your goals are good, however I'd look at "pen tester" jobs, and see what they REALLY require as far as experience is concerned. Get yourself a copy of Nessus Home to do some vulnerability scanning. Get a Kali box setup, and play with Metasploit, Armitage, sqlmap, and other pen testing tools. Work on getting Sec+, and other security certs. Even GSEC is a good one, but I think you can challenge it based on your experience. At $1200, you DONT wanna mess that up.

Question regarding SEC401: Security Essentials OnDemand course and GIAC GSEC test

Comments