dlmyers wrote: » Taking the GMOB cert on Saturday. I haven't seen much posted about it. Has anyone taken it? I'd appreciate some perspective. Worried about some of the coding in the course and whether or not the real test is similar to the practice tests (which didn't have any code). Coding is on the list but I'm not there yet.
dlmyers GMOB Cert Taking the GMOB cert on Saturday. I haven't seen much posted about it. Has anyone taken it? I'd appreciate some perspective. Worried about some of the coding in the course and whether or not the real test is similar to the practice tests (which didn't have any code). Coding is on the list but I'm not there yet.
al88 wrote: » I'm honestly more interested in terms of GMOB vs GASF .. Is one recommended to be taken before the other one (assuming GMOB is the broad one just like GCIH to GCFA)? Or is one more offensive compared to a pure DFIR one? Both certs doesn't have enough coverage, unfortunately, even though mobiles are becoming a fixed point of nowadays Enterprise's hardening/investigations more than ever. I seek answers too
Randy_Randerson wrote: » I have both GMOB and GASF (along with 10 other GIAC certs, this include GCIH and GCFA as well). I have told SANS instructors to even take the vice versa course been FOR585 and SEC575 (yes Heather and Josh respectively). Why? Because they feed off of one another in ways that separately you are not nearly as strong as you would be if you had both. SEC575 is going to show you hard and true what makes iOS so much more secure than Android in terms of things like boot sequence + secure enclave + software updates. You'll not only learn what jailbreaking/rooting a device is, but WHY it can be done. This is important because those are things that you just are not going to get into with FOR585 because there is so much other stuff they go over. For instance, in SEC575 you are not going to learn how to actually build out a SQL statement for a SQLi database to parse chat messages. But you will in FOR585! Likewise, you will go over in Android how to create a malicious Android app with cert pinning and everything. In FOR585 you'll just learn how to decompile the apk and submit it for malware analysis through a web portal. So you can really take this full circle! Frankly SEC575 and FOR585 are my two favorite classes that SANS has to offer. As you said, mobile device are not going anywhere. Having the knowledge of how these devices tick is going to make you that much better over your peers IMO. It is an area of InfoSec that still sadly lacks in my opinion, namely because it isn't as sexy as trying to break into a network or as easy as analyzing a Window OS. Let me know if you have other questions!
dlmyers wrote: » Well, that was a roller coaster! Through coverage of the material and some obscure facts as SANS is known to do. This completes the Pen Testing and Ethical Hacking Graduate Certificate for me. I'm relieved and beyond happy. Thanks for the responses, the code part was minimal and you just had to know he material well along with a good index. I'd recommend the course and the grad cert program (through the GI Bill). I'm amazed at all I've learned. Next stop, CISSP.
al88 wrote: » This was a great input and real eye opener. I've always disliked the overlap between SANS courses (looking at you FOR578 ) as i saw it as I'm not learning anything new, but I really see how they compliment each other depending at the course's end goal, as you really can't fit everything (with quality)in a single course. The way I see it from your explanation, is that i should go to SEC575 first to understand why everything the way it is, and based on it I'll be able to build policies and procedures for my enterprise. Then dive deep into FOR585 when and if things go wrong or at least to prepare for that. What do you think?
