SANS Certification
I do not quite understand how SANS Certifications work. Are they simply the same format as CompTIA, as in multiple-choice? I would like to obtain a few extra Security certifications, would SANS be a good pit-stop before Microsoft and Cisco? I currently have A+ and Sec+.
What would be the first certificate to obtain from SANS?
Hope someone can shed some light for me. Thank you.
What would be the first certificate to obtain from SANS?
Hope someone can shed some light for me. Thank you.
Working on MS-ISA at Western Governor's University
Comments
-
sprkymrk Member Posts: 4,884 ■■■□□□□□□□Check out http://www.giac.org/overview/ for exact info. As far as pit stops before MS/Cisco, I would probably reverse it. SANS GIAC certifications are supposed to be very tough, but I am only telling you what I have heard. I have taken the some MS/Cisco stuff, and for the most part they are just a notch above the CompTIA stuff in diffuculty IMHO. Anyway, here is a couple of paragraphs from their website:SANS training and GIAC certifications address a range of skill sets including entry level Information Security Officer and broad based Security Essentials, as well as advanced subject areas like Audit, Intrusion Detection, Incident Handling, Firewalls and Perimeter Protection, Forensics, Hacker Techniques, Windows and Unix Operating System Security. GIAC is unique in measuring specific skill knowledge areas instead of general purpose security knowledge.
GIAC certifications expire in a period of 4 years. Students must review the information and retake the exams in order to remain certified. Although there are other entry level certifications avaiable, GIAC is the only information security certification including advanced technical subject areas.All things are possible, only believe. -
Munck Member Posts: 150The questions are mostly multiple choice. IMO you don't need any vendorspecific certs before doing a SANS cert. If I were you, I would go to one of the conferences, joining a track that suits your interest. After that you have 4 months to complete the exams (normally 2 per cert).
As far as the first cert to obtain goes, that depends on your situation and current level of knowledge. Their "baseline" cert is GSEC, which is app. 70-80% of he material tested on the CISSP. I jumped right in and took the GCFW, as the material suited me better.
All in all I highly recommend SANS certs to anyone into security. Yes, they are expensive, but hey! - get your employer to pay for it I hope I get the chance to obtain the GCIA and/or GCIH in the future. -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□Munck wrote:The questions are mostly multiple choice. IMO you don't need any vendorspecific certs before doing a SANS cert. If I were you, I would go to one of the conferences, joining a track that suits your interest. After that you have 4 months to complete the exams (normally 2 per cert).
As far as the first cert to obtain goes, that depends on your situation and current level of knowledge. Their "baseline" cert is GSEC, which is app. 70-80% of he material tested on the CISSP. I jumped right in and took the GCFW, as the material suited me better.
All in all I highly recommend SANS certs to anyone into security. Yes, they are expensive, but hey! - get your employer to pay for it I hope I get the chance to obtain the GCIA and/or GCIH in the future.
You said each cert is 2 exams? How does that work? And did you have to write a practical (what they now call "Gold Cert") or did you just take the exam itself ("silver") - just curious how rigorous the process is for judging the written practical is. Thanks!All things are possible, only believe. -
JDMurray Admin Posts: 13,094 AdminSANS Network Security 2006 is October 1st-9th in Las Vegas at Caesar's Palace. Anyone going?
http://sans.org/ns2006/ -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□I would dearly love to, but as I am attending Black Hat/DefCon at the end of July/beginning of August I don't think I'll be able to.All things are possible, only believe.
-
JDMurray Admin Posts: 13,094 AdminBlackHat is too expensive for me, but Defcon 14's admission is only $100 cash at the door.
What is there to see at Defcon? I'm only a few hours from LV and might go if it's interesting enough.
http://www.blackhat.com/html/bh-usa-06/bh-usa-06-index.html
http://www.defcon.org/ -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□jdmurray wrote:BlackHat is too expensive for me, but Defcon 14's admission is only $100 cash at the door.
What is there to see at Defcon? I'm only a few hours from LV and might go if it's interesting enough.
http://www.blackhat.com/html/bh-usa-06/bh-usa-06-index.html
http://www.defcon.org/
The good stuff:-
Cheap admission.
Interesting and sometimes enlightening topics by smart people.
Cheap admission.
-
It was WAY overcrowded when I went.
The speakers were limited to about 45 minutes max.
Kind of chaotic atmosphere.
Due to space and time constraints it was impossible to sit 2 presentations in a row. You basically had to skip every other one.
Also, I am a stick-in-the-mud homebody family guy and the party atmosphere with a lot of 17-22 year olds in leather, black, and ripped denims with multiple piercings, spiked and colored hair, etc. is just not my crowd. No offence, as they were all friendly and that's just their style, but as a late 30's year old clean cut guy that wore clean blue jeans and a polo shirt I got made as a Fed in the "spot the fed" contest more than once.All things are possible, only believe. -
Munck Member Posts: 150sprkymrk,
Not having expperience with PIX or FW-1 is not a problem. SANS won't teach you how a use a specific firewall brand. They teach you why and when to use a specific type of firewall. (amongst many other things - think defense-in-debth)
For the GCFW, the first exam is TCP/IP. The second is - well, the rest of the curriculum You take them by logging into your SANS account online. The questions are "open book", meaning you have everything (including google) at your disposal. I quess I don't have to say that time management is a major issue here...
Actually, I'm starting my practical in August When completing the "Silver" certification, you have up to two years to finish the "Gold" cert. Right now I'm trying to decide on a particular subject. I plan on spending 2-3 months on the assignment.
If you have further questions, fell free to shoot -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□Most excellent Munck, thank you. It would be great if you started a thread on your practical experience when you are close to finishing. I would be curious to hear about the ins and outs and what all you went through. Oh, and of course post us a link to the finished product on SANS Reading Room!All things are possible, only believe.
-
JDMurray Admin Posts: 13,094 Adminsprkymrk wrote:but as a late 30's year old clean cut guy that wore clean blue jeans and a polo shirt I got made as a Fed in the "spot the fed" contest more than once.
-
sprkymrk Member Posts: 4,884 ■■■□□□□□□□jdmurray wrote:sprkymrk wrote:but as a late 30's year old clean cut guy that wore clean blue jeans and a polo shirt I got made as a Fed in the "spot the fed" contest more than once.All things are possible, only believe.
-
cbigbrick Member Posts: 284I was able to attend the SANS conference in Washington, DC in early July. It was excellant!! They are now offering a Masters Degree based on their certification tests. Not a bad deal IMHO.
I will also be taking 3 SANS certification exams by November 4th.
Stay tuned!!!And in conclusion your point was.....???
Don't get so upset...it's just ones and zeros. -
cbigbrick Member Posts: 284Very simple. When I was at the conference, I attended 2 courses. The first one was 401, which requires 2 exams to be ceritfied and the 405, which requires 1 exams to be certified. There is also a time limit of 4 months after completing the courses to take the these exams. They do this because material changes.
The do have self study programs, I think. Please refer to SANS.org website for more infomation.And in conclusion your point was.....???
Don't get so upset...it's just ones and zeros. -
p0et Member Posts: 48 ■■□□□□□□□□Actually, I'm starting my practical in August When completing the "Silver" certification, you have up to two years to finish the "Gold" cert. Right now I'm trying to decide on a particular subject. I plan on spending 2-3 months on the assignment.
I received an email from a lady at SANS who assured me that the practicals are no longer required. She said that if you do decide to write a practical you will have a Gold cert and if you just do the exams, you will still be certified.. just silver, not Gold.[/quote] -
Munck Member Posts: 150p0et, she's right. As I wrote you have two years after earning silver to finish gold - if you choose to. It's volentary. As you see on the GIAC website most people stop at silver.
-
p0et Member Posts: 48 ■■□□□□□□□□After going through my SANS folder in gmail, weeding through 300 newsletters, etc.. i ran into 2 asking where I was. turns out i'm accepted to be a Volunteer at SANS Vancouver! I immediately filled out the forms and tried to fax them off but everytime i get "no answer". Still have yet to receive an email reply from them. That's one thing I don't like about SANS... it takes forever for them to respond to any emails. Another thing is that they don't have any books or anything like that you can study from.. it's all just slides.
-
Munck Member Posts: 150Stephen Northcutt (from SANS) have published a couple of books relating to the GCFW and GCIA certifications.
For the GCFW, Inside Network Security, 2nd edition is a good read:
http://www.amazon.com/Inside-Network-Perimeter-Security-2nd/dp/0672327376/sr=8-1/qid=1160120403/ref=pd_bbs_1/104-9811880-5531122?ie=UTF8&s=books
For the GCIA, Network Intrusion Detection, 3rd edition is a good read:
http://www.amazon.com/Network-Intrusion-Detection-Stephen-Northcutt/dp/0735712654/sr=8-2/qid=1160120403/ref=pd_bbs_2/104-9811880-5531122?ie=UTF8&s=books -
blacksun Member Posts: 5 ■□□□□□□□□□Hey guys,
The SANS cert's are all about the minute and clear Basic's of IT-Security,
which covers in-depth and the Basics of how TCP/IP protocols work,
Incident Handling process,
Protecting against the worms,trojans,Backdoor/Malicious code.. rather.
and the Laws & Ethics too.
So If anyone wants to know & learn more of the Security from Scratch,
I would say you should go in for atleast GCIH.
Thanks.Nitin Kushwaha
The Firewall's should be treated as a family,
all zones as relatives within,
all members as the most valuable assets.
If you love your family! you will make sure you & others are SECURE.