SANS 660 Preperation

thealphathealpha ■■■□□□□□□□Posts: 29Member ■■■□□□□□□□
in GIAC
My employer has finally agreed to let me take a SANS course, and I have chosen the 660. Does anyone have any recommendations beyond reviewing the course objectives for preparing for this course? I have taken the eCCPT and eWPT, however I don't think either of those are quite enough. OSCP is out of the question in terms of completing before the SANS course.
· Share on FacebookShare on Twitter

Comments

  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS CCP, CCSK Posts: 375Member ■■■■■□□□□□
    I believe SEC560 and OSCP are the more compared courses. Have you done pen testing before? Have you written any exploits? Keep in mind this is an exploit writing course, not just using exploits to get root. I suppose if you've passed the eCCPT, you might be ready. Just make sure to look at the prerequisite suggestions and syllabus.
    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS CCP, CCSK
    2019 goals: GWAPT, Linux+, (possible: SLAE, CCSK, AWS SA-A)
    · Share on FacebookShare on Twitter
  • ITHokieITHokie GXPN | GPEN | GCIH | GPYC | CISSP | CEH | MCSE | CCNA | Others Posts: 158Member ■■■■□□□□□□
    Even if you're comfortable with pen testing, half the course is security research centric. Memory, assembly, smashing the stack, bypassing ASLR etc. If you don't have recent experience with those, that's where my focus would be. It's a tough climb. One option is to look at exploit writing or assembly content at SecurityTube.
    · Share on FacebookShare on Twitter
  • spiderjerichospiderjericho CCNP, CCDP, CCNA R&S, CCNA Security, CCDA, CISSP, CISM, CISA, CRISC, Network+, Security+, CySa+, Pen San DiegoPosts: 839Member ■■■■□□□□□□
    Would you guys say eCPPT>GPEN>OSCP>GXPN>OSCE as a decent track?
    · Share on FacebookShare on Twitter
  • ITHokieITHokie GXPN | GPEN | GCIH | GPYC | CISSP | CEH | MCSE | CCNA | Others Posts: 158Member ■■■■□□□□□□
    I'm not really familiar with eCPPT content, but yeah. That looks good.
    · Share on FacebookShare on Twitter
  • supasecuritybrosupasecuritybro ■■■■□□□□□□ Posts: 206Member ■■■■□□□□□□
    The GPEN would be better prior to the eCPPT, its not as in depth as the eCPPT.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ eCTHP (paused), CISM, OSCP, AWS
    Book/CBT/Study Material:​ Max Power
    · Share on FacebookShare on Twitter
Sign In or Register to comment.