Missing contents in SANS sec 401 of 2018 to 2019.
XxManishxX
Member Posts: 1 ■□□□□□□□□□
in GIAC
Hi. my brother had taken GSEC exam in 2018 so this books are in reference at that time as time passed and few concepts changed and i wanna take up GSEC next year was wishing if someone could help me out with latest cocepts and we could share the added parts from both sides.
As it's too much around 8k$ just for few concepts as im here directly taking GSE for 2k$.
Here are the missing as well as 2019 contents which was taken off
Here are the missing as well as 2019 contents which was taken off
401.1 : Securing Wieless Networks:
1. The Pervasiveness of "Wireless" Communications
2. Traditional Wireless: IEEE 802.11 and Its Continual Evolution
3. Personal Area Networks
4. 5G Cellular (Mobile) Communication
5. The Internet of Things
Note: Having an extra module : securing web communications.
401.2 :Defense-in-Depth and Attacks
1. Center for Internet Security Controls(but theres critical controls)
-Center for Internet Security (CIS) Controls.
2. Extra module of 401.1 (securing web communications) been added
3. Malicious Code and Exploit Mitigation
-High-Profile Breaches
-Ransomware
-Defensive Strategies
-Common Types of Attacks
-Instead Mitnick-Shimomura, Defensive strategies, common types of attacks.(added)
4. 4. Securing Web Communications(quite different).
Note: Having an extra Advaned Persistent Threat(APT)
401.3 : Threat Management
1. Active Defense
-Honeypots(added).
401.4: Cryptography, Incident Response, and Risk Management
1. Cryptography
-Steganography Overview(missing) edit:found but not listed in main page.
2. Incident-Handling and Contingency Planning
-Contingency Planning(instead Legal aspects of IH)
3. Contingency Planning(a seperate module)
401.5: Windows Security
1. Windows as a Service(instead Service packs,hotfixes & backups).
2.Network Services and Cloud Computing(instead Securing Windows - just n/w ser.)
-Network Services and Cloud Computing opics not covered as in
-Server Core and Server Nano
-Microsoft Azure and Office 365
3.Automation, Auditing, and Forensics
-Vulnub Scan & reporting(extra concept)
401.6: Linux Security
1. Linux Security: Structure, Permissions, and Access Controls
-Mobile Device Security(Android & IOS not present; instead apple MAC OS Sec)
-Linux Operating System(some concepts not present)
2. Hardening and Securing Linux Services
3.Monitoring and Attack Detection
-Grep,sed,awk & cut(added)
4.Security Utilities
Note: Alot of changes only in Linux
Comments
-
LonerVamp Member Posts: 518 ■■■■■■■■□□It's specifically against the terms of usage to share that material, you know?You could always look on ebay for a new set of materials.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
TechGromit Member Posts: 2,156 ■■■■■■■■■□XxManishxX said:.As it's too much around 8k$ just for few concepts as im here directly taking GSE for 2k$.
If I'm reading this right, you already have GSEC, GCIH and GCIA certifications, which are required before attempting the GSE. I would think you could renew your GSEC early for $400 to get the latest and greatest course material for SANS 401.Still searching for the corner in a round room. -
quogue66 Member Posts: 193 ■■■■□□□□□□TechGromit said:XxManishxX said:.As it's too much around 8k$ just for few concepts as im here directly taking GSE for 2k$.
If I'm reading this right, you already have GSEC, GCIH and GCIA certifications, which are required before attempting the GSE. I would think you could renew your GSEC early for $400 to get the latest and greatest course material for SANS 401.
-
TechGromit Member Posts: 2,156 ■■■■■■■■■□quogue66 said:I think he forgot the C in GSEC. I think he's saying that he prefers to pay 2k to challenge the GSEC rather than spend 8k to take SEC401 and the GSEC exam.Still searching for the corner in a round room.
-
bigdogz Member Posts: 881 ■■■■■■■■□□You can find the domains covered on SANS website. If you want to do this next year, you may want to start looking things up then as the content changes.
- Active defense, defense in depth, access control & password management
- Cryptography: basic concepts, algorithms and deployment, and application
- Defensible network architecture, networking & protocols, and network security
- Incident handling & response, vulnerability scanning and penetration testing
- Linux security: structure, permissions, & access; hardening & securing; monitoring & attack detection; & security utilities
- Security policy, contingency plans, critical controls and IT risk management
- Web communication security, virtualization and cloud security, and endpoint security
- Windows: access controls, automation, auditing, forensics, security infrastructure, & securing network services