GCIA and general security cert advise

jmu200jmu200 Member Posts: 11 ■□□□□□□□□□
Hi there,

I currently have the CISSP, CCNP, and a bunch of other random certs. I've recently become interested in security--and went after the CISSP. I passed that and am now looking to narrow in on the field, specifically, intrusion analysis or penetration tester. I also have a long time goal of picking up the CCIE certification. Since the CCIE is such a long term goal for me, I'm looking to pick up smaller certs along the way--specifically, security related.

The GCIA seems like a logical cert for me to look into taking. It seems to be a more distinguished cert than say C|EH. Given the above, do you think the GCIA is a logical choice? Is there something else I should be looking at?

My next question is regarding study materials for the GCIA. I have a bunch of Addison Wesley books (Tao of Network Security monitoring, Extrusion Detection, Applied Security Visualization, Security Metrics), also I've been self-studying all the various tools out there (snort, nmap, nessus, p0f, tcpdump, wireshark, argus, sguil, etc!) -- I've heard there are some SANS books or "materials" I can purchase to study for the GCIA... But I can't find them anywhere? Do I need to register for the SANS course? I generally prefer self study and the course is expensive, are the materials available outside of the course? If so, where?

Thanks for any advice you may have for me!





  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    The only official study materials are available from SANS. If you just want just the books, it costs $3,161 (the self-study option). You can also add the OnDemand bundle for $400 which gives you a few months of access to the latest online audio / video slide presentations and MP3s of the course. You can register for a short OnDemand demo of each course through the SANS site for free to get a feel for it. If you purchase the exam attempt at the same time you order the course, it's an additional $500. If you order the exam challenge separately, it's $900.

    It gets expensive for sure.

    I think one can prepare for the GCIA exam without taking the SANS course, but the road will be longer unless you already have experience reading hex ****, using Snort or other IDS systems, and understand the common nuances of normal vs. abnormal IP communication patterns. Check your comfort level first:


    I've heard both good and bad things about the CEH, and it seems that it's highly dependent on the instructor (assuming you're thinking of taking a class). If you want to go the pentest route, check out OSCP, eLearnSecurity, and Heorot.net. SANS also has a SEC-560 course for the GPEN cert, but that's expensive just like the SEC-503 for the GCIA.


    In addition to just cert-focused courses, I'd recommend taking a look at TaoSecurity / Richard Bejtlich's TCP/IP Weapons School 3.0, which is something I'm seriously considering later this year.


    We've also been discussing the GCIA over the last few months. Search the forums for more info.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • Cthu1huCthu1hu Member Member Posts: 52 ■■■□□□□□□□
    Thanks for this great post docrice! I myself was thinking of this earlier today and you have answered my questions as well.
  • jmu200jmu200 Member Posts: 11 ■□□□□□□□□□
    Wow, that's a lot of great information docrice, thanks for your detailed reply!

    I think I'm going to go for the GCIA. I'd love to attend the TCP/IP weapons school, but at $2K per day... Ouch! I bet it is fantastic however, I mean look who the teacher is! icon_smile.gif

    For roughly 70 hours of content the $3161 price tag doesn't seem horrible. But it's still up there. Do you happen to know if you receive all the same materials if you attend the course in person? I think it would be a no-brainer to go for the course AND receive the materials, if they are included (it's only a few hundred dollars more).

    Have you used any SANS materials or taken any of their courses? Were you impressed with the quality?

    Thanks again! icon_thumright.gif
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I believe the difference between attending live instruction and taking the OnDemand bundle (which includes the books and the audio / video online media) is travel cost / being able to interact with other students in close physical proximity / and being able to ask questions directly to the instructor.

    I'll refer you to my recent thread for the rest of your query:

    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • jmu200jmu200 Member Posts: 11 ■□□□□□□□□□
    Congrats, and awesome review in the other post!

Sign In or Register to comment.