Which SANS course to begin with?
Hi All,
I work as a Pentester and hold handful of certs.
I've been going through the forum posts and it appears that GSEC is a popular SANS cert for starters. I have gone through its syllabii and it's huge and very complete..
The understanding that foundations should be built well is absolutely clear to me. The thing is, given the budget crunch, mgmt guys couldn't care any less now about 'foundations pitch' coming from any experienced personnel. You see what I mean here. Looking at how some cool guys here are doing multiple SANS courses and challenges, I got speechless for a while. Basically, now it's more about selling out to guys ups so they can approve fundings.
Given such a scenario, I am trying to identify the best suited subjects for me and the order of their execution.
I plan to work towards these 3 subjects:
1. GPEN
2. GWAPT
3. SANS Metasploit / GSEC
Please share your opinions and inputs on this choice, order, and / or experience to get started up with it.
SANS is damn expensive and equally worthy. So am may be looking for people's experiences on how they perhaps pursued these out of their wallets. That'd be inspiring to hear.
Another question, can I pool in with any other colleagues to purchase and share the SANS course material?
Best Regards,
iVictor
I work as a Pentester and hold handful of certs.
I've been going through the forum posts and it appears that GSEC is a popular SANS cert for starters. I have gone through its syllabii and it's huge and very complete..
The understanding that foundations should be built well is absolutely clear to me. The thing is, given the budget crunch, mgmt guys couldn't care any less now about 'foundations pitch' coming from any experienced personnel. You see what I mean here. Looking at how some cool guys here are doing multiple SANS courses and challenges, I got speechless for a while. Basically, now it's more about selling out to guys ups so they can approve fundings.
Given such a scenario, I am trying to identify the best suited subjects for me and the order of their execution.
I plan to work towards these 3 subjects:
1. GPEN
2. GWAPT
3. SANS Metasploit / GSEC
Please share your opinions and inputs on this choice, order, and / or experience to get started up with it.
SANS is damn expensive and equally worthy. So am may be looking for people's experiences on how they perhaps pursued these out of their wallets. That'd be inspiring to hear.
Another question, can I pool in with any other colleagues to purchase and share the SANS course material?
Best Regards,
iVictor
This is the Right Time
Comments
GPEN seems like the best place to start for you. The new Metasploit course looks awesome too. No interest in GAWN and the GIAC pen testing trifecta?
We get $4k/year to spend on training. Work paid for the GPEN challenge, but I paid for the GSEC since I had already exhausted my budget for the year.
Also, if you're interested in getting materials cheaply (relatively), you can visit a nearby conference and see if they have any extra course books that they're willing to sell.
Very far. I have to do GCIH and GCIA along with either another cert or a gold paper. Then I need to do the GSE written. That will make me eligible for the two-day lab, which they typically offer once per year in the fall.
I'm hoping to make an attempt at the lab in fall of 2011. That's actually a pretty tight schedule given the amount of material I need to get through (and other things I want to work on), so I'll probably fail, but it'll give me an idea of what to expect in 2012. I'm banking on this renewing my GIAC certs, so I believe I have until 2013, worst-case
CCNA Security | GSEC |GCFW | GCIH | GCIA
[email protected]
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/
The GIAC pen testing combo I find extremely interesting, is -> GPEN [ 560 ], GWAPT [ 542 ], GAWN [ 617 ].
We don't have such a training allocation per team member. That's probably one issue with big orgn. The spending & other facilities are really good for 'our' certifications though. Plus the US teams usually get it easier than many others.
I thought of getting used or extra materials but then SANS rarely happens in my part of the world. So that's not an available option.
True Paul. Do you imply if I can get my hands-on on GPEN materials, GCIH is not far off? If that's so, it'd be cool!
I watched this over. And man.. this has fueled me up even more. Thnx.
It seems there is an Advanced Pen Testing course launched recently by SANS: [ 660 ]
One question that hasn't been answered is if I can pool in with others to get the prep materials? Since exams are open-book, and buying SANS materials is not mandatory, I hope this should be fine?
Best Regards.
I've found enough other resources available online (legitimately - made into a notes document) and in print to be good enough. You can two practice exams when you challenge an exam, so you can use that to identify areas you need to work on. The course websites also provide day-by-day breakdowns of the topics. I'll probably bring in 5 700-1000 page books with me for my GCIH
Thanks for clearing this up. It seems a good possibility at least GPEN study material is not going to be shared b/w any of my team members cos they work on other domains. So books stay with me
When you say 'notes', I am sure you are NOT in any way referring to cram sheets or ****.
Can you refer me to those resources please?
Reg my question on GPEN and GCIH, if I have GPEN materials, GCIH is not far off...?
Hacking Exposed and the Open Source Penetration Tester's Toolkit books will go a long way.
Looking at the course sites, it looks like IH has one day of incident handling and the rest is largely the same. I'd like to take this within six months (probably double-up with GWAPT), and I'll have a post detailing my experiences. However, from my understanding, the course is taught from a different perspective. Think defense vs. offense. Ed's Couterhack: Reloaded seems to be a good book for that course. I'll probably supplement that with an IH book or two along with the NIST documents.
CCNA Security | GSEC |GCFW | GCIH | GCIA
[email protected]
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/