GCIH or GMON
I am trying to plan for next years training. I am wondering which course I should pursue first? GCIH or GMON?
My current role is focused on the defensive side.
Thank You!
My current role is focused on the defensive side.
Thank You!
Comments
-
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
GMON will focus on detecting an attack where as GCIH (I believe) deals with the clean up. So if you are more on the detecting/hunting side go with GMON, if you are more on the incident response side go with GCIH.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
636-555-3226
Member Posts: 975 ■■■■■□□□□□
Both courses are great. If you're a blue teamer (defense) then I'd start with GMON. As your friends at SANS will tell you - offense informs defense, so GCIH (which includes hacking techniques) would also help you identify how bad guys work and give you something to think of as you're building your technical controls -
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Yea, after taking the GCIH I would assume the GMON would have to go over the defense aspects more. Was a lot of going over hacking techniques in the GCIH course. -
g33k3r
Member Posts: 249 ■■□□□□□□□□
Thanks everyone! This is very helpful. Has anyone take the GMON course with Seth Misenar? -
beads
Member Posts: 1,533 ■■■■■■■■■□
How does one recognize the hack without ever performing the offensive hack? Clearly, GMON is easier to absorb but how do you handle the incident past that point? There is reason we keep stressing hacking skills in security.
Perplexing.
- b/eads -
cyberguypr
Mod Posts: 6,928 Mod
<sarcasm> Not an issue. That very popular MSSP made a business model out of this. </sarcasm>
