Considering GIAC

SephStorm

I am considering at least one GIAC Certification, they seem pretty respected within the community, and seeing as I'll be working within the government again for the next few years I might as well plan one for next year.

Question is where to start? By the time I start studing for GIAC, I should have Sec+ under my belt, I'm thinking I should start with GSEC. On the other hand GSIF I think I have seen referred to as Security++, which could be a good thing.

Also, I am very annoyed with the way GIAC offer no training for their certs. (Outside of the bootcamps, I believe) Can you guys offer advice for studing/prep?

I think that covers my first round of questions. If anyone is working with the Army in INFOSEC, please message me. Probably a weird place to ask, but idk, about making a separate thread.

dynamik

GSEC would be a good starting place. You can challenge the exams for $900. That will give you two practice exams as well, so you can get a feel for the material on the actual exam. You can also do self-study. You get the course books, practice exams, and online training as well. It doesn't save you any money, but you don't have to cram everything into 5-6 days.

Also, you might want to shoot a little higher than the GSEC. They have a lot of really interesting courses. You'll still need GSEC-level knowledge to make the most of them, but you don't need to drop $900 or $3500 to get that.

SephStorm

Where do I get the self study material from?

GAngel

SephStorm wrote: »

Where do I get the self study material from?

There is no official self study options available outside of SANS training. That's one of the reasons there certs retain such high value. They make it very hard to pass without a) doing there study program or b) already being a SME on the subject.

You can try to get your hands on there course material but there are a long line of us doing the same

SephStorm

Well, I work at a bookstore and I checked with my boss, we have a hard to find seach tool for our books here, I looked and there are GIAC books for sale I think at some decent prices. If anyone is interested let me know and I can tell you what we have.

GAngel

SephStorm wrote: »

Well, I work at a bookstore and I checked with my boss, we have a hard to find seach tool for our books here, I looked and there are GIAC books for sale I think at some decent prices. If anyone is interested let me know and I can tell you what we have.

Can you check the years released and title's. They may be old books.

dynamik

Yea, if those are what I'm thinking of, those are ancient. The recent materials aren't "books"; they're bound print-outs of the course slides with detailed explanations. There are no SKUs or anything to look up.

SephStorm

I believe some of them are recent, but i'll check when i work there again on saturday.

todmanav

dynamik wrote: »

GSEC would be a good starting place. You can challenge the exams for $900. That will give you two practice exams as well, so you can get a feel for the material on the actual exam. You can also do self-study. You get the course books, practice exams, and online training as well. It doesn't save you any money, but you don't have to cram everything into 5-6 days.

Also, you might want to shoot a little higher than the GSEC. They have a lot of really interesting courses. You'll still need GSEC-level knowledge to make the most of them, but you don't need to drop $900 or $3500 to get that.

Even Im planning on the $900 challenge, but if any kind soul who finished GSEC, willing to share the latest GSEC materials? please?

SephStorm

Hello,

Update, I checked yesterday, and at least some of them are recent, two of the ones I checked had a published date of 2009, and many of them just didnt list the dates, but I could look them up online if anyone is interested.

unsupported

GIAC certifications and the related SANS courses are often taught/authored by industry leaders who have all ready written books, which in turn became the course material. For example, Ed Skoudis' Counter Hack: Reloaded is the basis for SEC504/GCIH, and there is Network Intrusion Detection by Northcutt and Novak which was the basis for SEC503/GCIA.

I believe the SEC401 SANS Security Essentials Bootcamp Style was heavily authored by Dr. Eric Cole. While there are some SANS material available on Amazon, Dr. Cole has written a considerable amount of material. Upon a quick examination it appears Network Security Bible has a lot of the topics on the GSEC.

My recommendation would be to review the GSEC Certification Bulletin (GSEC Certification Bulletin) and then look through some of his books to see if they match.

There are also cheaper alternatives to the live training. SANS offers a mentor program, where you are guided through the material by a local mentor who has scored high on the certification test. There are also on demand bundles where you can just listen to the course MP3s, or even take live virtual training.

If you are in a town where SANS has it's local conferences you may even look at the opportunity to become a facilitator. It is called the work study program, where you pay approximately $800. You get the study materials, the MP3s, attendance at the training, and a certification attempt if it is related to the course. In order to make up the difference in the money, you have to work it off, by showing up early and staying late to help out. You make sure the instructor's and students needs are taken care of, setup, pass out materials. Basically, you have to work, but you get to experience everything. GIAC/SANS gives preference to college students. More information is found here, SANS: Work Study Program.

A friend from another board has facilitated and mentored a lot and enjoys the experience. I am considering it for the GSEC course myself, because of budget concerns.

j_a_s_o_n

Also be aware that SANS updates their material *very* frequently and the GIAC tests are based directly (as in word-for-word) on the SANS materials. Even a book that's less than a year old could potentially be different enough to throw you.

unsupported

j_a_s_o_n wrote: »

Also be aware that SANS updates their material *very* frequently and the GIAC tests are based directly (as in word-for-word) on the SANS materials. Even a book that's less than a year old could potentially be different enough to throw you.

I used a year old SEC504 work book for the GCIH and had no issues. In fact, the 4 year old Counter Hack: Reloaded had word for word questions. I do not think that updating some information in the work books would cause much of an issue for the certification test.