SANS Guys: Anyone doing the GCWN?
Bl8ckr0uter
Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
in GIAC
So AD, gp, and other Windows security technologies are about to become a big part of my life. So much so that my mind has wandered to the world of windows certification. I know I am going to do the GSEC at some point (I already started to think about it as I am finishing up the S+) but I was wondering if anyone here has done the GCWN from SANS. I wish there was something like a MCITP Windows Security and since I don't want to be a windows admin (I want to be a security admin) would it be better to go for the SANS cert or the MS cert...or both?
Comments
-
veritas_libertas Member Posts: 5,746 ■■■■■■■■■■So AD, gp, and other Windows security technologies are about to become a big part of my life. So much so that my mind has wandered to the world of windows certification. I know I am going to do the GSEC at some point (I already started to think about it as I am finishing up the S+) but I was wondering if anyone here has done the GCWN from SANS. I wish there was something like a MCITP Windows Security and since I don't want to be a windows admin (I want to be a security admin) would it be better to go for the SANS cert or the MS cert...or both?
I'm strongly considering doing it in the future since OS security fascinates me so much. It's a lot of money though. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□I'm debating challenging it. It seems like a lot of recap from the MCSE:S/MCITP tracks. I didn't see anything that seemed new to my on the objectives list. I unfortunately don't have $900 lying around and the GCIH, GCIA, and GWAPT are higher on the list.
Both would be ideal, but I'd start with the MCSE/MCITP tracks unless you feel you have some solid Windows experience. The GIAC certs are pretty specific and assume a solid foundation; they're also not as widely known (which can also be a good thing). You're not likely going to hop straight to a Windows Security position and will likely need to build up some experience with some systems administration/engineering work, so starting with GCWN probably won't get you the most bang for your buck (and time). -
veritas_libertas Member Posts: 5,746 ■■■■■■■■■■I'm debating challenging it. It seems like a lot of recap from the MCSE:S/MCITP tracks. I didn't see anything that seemed new to my on the objectives list. I unfortunately don't have $900 lying around and the GCIH, GCIA, and GWAPT are higher on the list.
Both would be ideal, but I'd start with the MCSE/MCITP tracks unless you feel you have some solid Windows experience. The GIAC certs are pretty specific and assume a solid foundation; they're also not as widely known (which can also be a good thing). You're not likely going to hop straight to a Windows Security position and will likely need to build up some experience with some systems administration/engineering work, so starting with GCWN probably won't get you the most bang for your buck (and time).
Good advice, I was just coming back to suggest doing the MCIP:EA or MCSE first. Any other advice on learning MS security Dynamik? -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□@Dyn
That's kind of what's happening to me though. Basically I am very slowing getting handed some of the sec aspects of AD. When you say "do" the MCITP do you really mean learn the material or do you think actually having the cert would be best as well. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□veritas_libertas wrote: »Good advice, I was just coming back to suggest doing the MCIP:EA or MCSE first. Any other advice on learning MS security Dynamik?
Amazon.com: Microsoft Windows Server 2003 PKI and Certificate Security (Pro - One-Offs) (9780735620216): Brian Komar, Microsoft Corporation: Books
Amazon.com: Windows Server 2008 PKI and Certificate Security (PRO-Other) (9780735625167): Brian Komar: Books
Amazon.com: Microsoft Windows Security Resource Kit (9780735621749): Ben Smith, Brian Komar
Amazon.com: Windows Server 2008 Security Resource Kit (PRO - Resource Kit) (9780735625044):
Tons of stuff in the Technet library, virtual labs, etc.
This isn't twitter; there's a quote button. JKThat's kind of what's happening to me though. Basically I am very slowing getting handed some of the sec aspects of AD. When you say "do" the MCITP do you really mean learn the material or do you think actually having the cert would be best as well.
I'd get the certs if you go to the trouble of learning the material. The Server 2003/2008 Inside Out books are good tomes for a single source of information on Windows Server, but I felt they were lacking depth in some areas. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□I'd get the certs if you go to the trouble of learning the material. The Server 2003/2008 Inside Out books are good tomes for a single source of information on Windows Server, but I felt they were lacking depth in some areas.
The way I see it is this: We are running 2003 on our DCs and will be for at least the next year or so. If I do the MCSA I will feel the need to upgrade to 2k8 at some point. If I do the 2k8 I will feel like I won't be able to full use my knowledge on our existing 2k3 (and a few 2k severs) network. If I did the Sans cert it seems like a bit more generic. Plus the material looked like exactly what I will be doing. I won't be the Windows admin per se , I will just be the windows security admin if that makes any sense. Maybe I am underestimating the cert but I just see windows security as a weakness in my skillset and I want to fill that.
Mind you I am planning to do this after Sec+ GSEC (and probably SSCP). -
dynamik Banned Posts: 12,312 ■■■■■■■■■□I'm a bit proponent of the You can't secure what you don't understand philosophy. I think people who just focus on security instead of developing a thorough understanding of the underlying technologies end up being half-assed security administrators, engineers, etc.
I wouldn't bother with the MCSA if I were you. If you want to do the 2003 track still, do the full-blown MCSE. The MCSA doesn't even get into Active Directory (unless you count defining forest and tree and discussing basic items like OUs from a high level). It also isn't that well known, so it's not going to help your resume much.
If you're doing the Microsoft certs after all those other ones, where are you going to stand when the next version of Windows Server comes out? Estimates I've seen put it mid-2012. Can you get value out of certifying on 2003 at this point? Maybe...
The vast majority of what you learn going through the 2008 track will be applicable to Server 2003 as well. You could easily fill in the gaps or learn the minor differences to perform your day-to-day duties. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□So do you think that doing MCITP:SA or EA then SANS would be a better route?
My whole thing is the sheer amount of certifications I have. I don't feel the need to catch em all (pokemon!). But I guess your right. I either need to at least spend a large amount of time learning the "admin" part of security administration. I do want to be the best I can be though. I don't know, I am looking forward to the material but I am not looking forward to the certs. Maybe I feel this way because my coworker has no certs at all. Maybe he is already rubbing off on me. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□So do you think that doing MCITP:SA or EA then SANS would be a better route?
My whole thing is the sheer amount of certifications I have. I don't feel the need to catch em all (pokemon!). But I guess your right. I either need to at least spend a large amount of time learning the "admin" part of security administration. I do want to be the best I can be though. I don't know, I am looking forward to the material but I am not looking forward to the certs. Maybe I feel this way because my coworker has no certs at all. Maybe he is already rubbing off on me.
Regarding this, and then PM you sent to me, is there a reason you should do any of the MCP/MCTS/MCSE/MCITP/GCWN? I don't remember you being a die-hard Windows guy, so I was a bit surprised to see you bring this up at all. Does certifying in any of these benefit you in any way? Is there another certification that would be more beneficial for you?
You could amass a respectable amount of knowledge from the materials I've already listed, Hacking Exposed: Windows, and so on. If that's all you need, why certify? Is this something you want to work with long-term? -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□To be honest, not particularly. I am just thinking about my overall security knowledge. Most security positions want some windows cert or something and my job is wanting me to have the knowledge on par w/ at least an MCSA. IDK though...