Potentially Dumb Question about GSEC

So, my job is paying for me to get the SANS CyberSecurity Engineering core certification. I already have the CISSP (2010) and old Security+ (2009). When I signed up for the first class, which requires passing the GSEC, it did not include the OnDemand course (that I can tell).

I'm trying to find good resources for self-study. Is there any way to get hands on the SANS GSEC books (I don't see them on sale anywhere online)? Are there any good substitutes - all I see on Amazon are lowly rated and dated prep materials? I'm fairly knowledgeable, however I am a little hesitant to waste one of my 2 practice exams without any prep materials just to see where I am.

Thoughts?

Find more posts tagged with

Comments

iBrokeIT

Did you actually apply to the graduate school through SANS.edu? If I remember correctly, you pay $5k for the SANS class and associated cert. Sounds like you are not doing that and probably should contact someone at the school before you proceed.

keirreadams

I did apply through the Graduate School, and they routed me to this Self-Study course vice the OnDemand one. I didn't realize until after my job paid for the course that the Self-Study course does not include the study materials (how do you "self-study" without the materials?)

keirreadams

The course is significantly cheaper than the $5K; I guess that should have been a tip-off, that something would be missing.

iBrokeIT

Sounds to me like there was a miscommunication and you should probably contact them again to correct the mistake.

The GIAC exams are written 100% from the SANS books that you receive when you attend a SANS class in person or through OnDemand. That is how the majority of people prepare for their GIAC exams. You certainly can review the exam objectives and try to source material on the internet but that is extremely difficult.

https://www.sans.edu/academics/certificates/cybersecurity-engineering-core

Tuition for each course in a certificate program is $5,000, and all courses may be taken either live at a SANS event or online from home or work. Credit is earned only when a student enrolls first in a given certificate program and then registers for the appropriate graduate courses.

keirreadams

Agreed. I sent the enrollment manager an email yesterday... guess I'll wait and see what I hear from them. I'm sure I can pass the test, but without the books the Syllabus isn't really that helpful regarding where to start studying.

docrice

The SelfStudy option provides you the books and MP3s. The OnDemand option simply expands that to provide sort of a segmented video tutorial to go along with it. If you didn't get books with SelfStudy, then it sounds like someone dropped the ball.

Interestingly, when I look on their website it looks like SANS SEC401 includes the OnDemand bundle by default: https://www.sans.org/selfstudy/

If the course is way less than $5k, something doesn't sound right.

keirreadams

So, what I'm signed up for is "Course completion tuition: GIAC Exam & Paper/NetWars, when class is waived" - cost was $1879. I don't see anywhere in my email exchange with SANS prior to registering where OnDemand or Course Materials are included. I'll share what I get when I speak to them (Tuesday, I assume).

Although, if there is anyone else who had something similar - I'd be greatly interested in learning about what prep materials were utilized.

docrice

It sounds like you're signed up for some kind of package which allows you to challenge the GSEC exam, do a Gold paper, and perhaps NetWars? Interesting combination. But from what I can tell that's not SelfStudy as it implies there's no actual course or courseware.

keirreadams

I think you are correct. I'm just concerned that it wasn't explained to me that way when I talked to them. I initially had funding from my job for the full $5000 course, and they led me to the cheaper option. I wanted the test materials, and the OnDemand. Water under the bridge at this point, but I cant imagine just sitting for the exam without any prep materials. I'm not quite that arrogant.

Danielm7

Yeah the test materials and ondemand should be the full cost.

keirreadams

Agree. What I'm really looking for here I guess is - for people who "Challenge the exam" - never heard that term before today, what kind of prep materials are useful. I can't seem to find anything. SANS gave me a syllabus, but it is very broad. There are a couple of readings, but I'd still like more to go on. The only book that I saw on Amazon that seems moderately credible is "GSEC GIAC Security Essentials Certification All-in-One Exam Guide" - but based on the reviews the material is dated.

I'm looking for Linux and Windows security materials that would be useful in prepping for the exam. Less concerned with the other topics.

docrice

The general consensus seems to be that if you want to challenge the exam (that is, take the exam without taking the related SANS training course), using Network Security Bible by Eric Cole (who authored SEC401) as a reference is probably the way to go.

https://www.amazon.com/Network-Security-Bible-Eric-Cole/dp/0470502495

Note, however, that SANS course materials update frequently and the above reference is likely very dated to the material tested on the exam.

keirreadams

docrice wrote: »

The general consensus seems to be that if you want to challenge the exam (that is, take the exam without taking the related SANS training course), using Network Security Bible by Eric Cole (who authored SEC401) as a reference is probably the way to go.

https://www.amazon.com/Network-Security-Bible-Eric-Cole/dp/0470502495

Note, however, that SANS course materials update frequently and the above reference is likely very dated to the material tested on the exam.

Thanks much - any value in using update CISSP materials to prep? I know I need to refresh on encryption...

docrice

I've never taken the CISSP exam, but my understanding is that while there's some high-level overlap with the GSEC, the latter is much more technically-focused. However, I don't think there's a lot of deep encryption coverage on the GSEC as it's more cursory compared to other subject domains that 401 covers.

keirreadams

CISSP definitely wasn't terribly technical. Part of the reason I wanted to go after the SANS certs is because they are more technical in nature. Oh well... I'll pull some materials in the next couple of weeks and get to work. At least there are the two practice tests...