SANS Training

lanrexng2

I am curious do I really have to spend $3000 per course for each SANS training class? Note exams cost $400 a pop!

I hope to get the current versions of the GSEC, GCIH, GCIA and GSLC over the next 4 years. I will prep with extensive Operating Systems (Windows, Linux), Networking (Cisco, TCP-IP Bible etc), Programming (Python, Perl etc) and IT Security Management (Grad school, Work).

Is there a cheaper way to get SANS material and training? I understand the value of investing in yourself but isn't it a bit TOO MUCH?

docrice

If you opt for the OnDemand with the self-study, they usually have some kind of discount going on.

http://www.sans.org/ondemand/discounts.php

I think one reason for the cost is that they're very specialized in the security niche. There aren't SANS materials elsewhere like Amazon (not that's really good, anyway, from what I understand). If you think about it though, training courses through Global Knowledge or other similar training venues charge about the same, if not more, for less days of training.

You can always look through the SANS course syllabus and study the subject through other means (non-SANS books, etc.) and challenge the exam. That's much cheaper at $900 a shot and some people here have successfully done it. If you have sufficient industry experience and a decent amount of Windows and Unix hands-on, challenging the GSEC is definitely do-able.

docrice

The SANS SelfStudy is actually several thousand, depending on the course (if you click on Register you'll see the price list). $499 is for the certification attempt if you purchase it with a course.

https://www.sans.org/registration/register.php?conferenceid=208

JDMurray

lanrexng2 wrote: »

I understand the value of investing in yourself but isn't it a bit TOO MUCH?

You are not the customer that SANS is targeting. Their target market are businesses that want to send 5-10 security people to their training sessions. Training and certifying ten people will cost $40,000. After the SANS training, any one of those people could easily solve a security issue that would save a business at least $40K in expenses. From that perspective, the cost of SANS classes is a terrific bargain--to business organizations, not to individuals.

lanrexng2

JDMurray wrote: »

After the SANS training, any one of those people could easily solve a security issue that would save a business at least $40K in expenses. From that perspective, the cost of SANS classes is a terrific bargain--to business organizations, not to individuals.

I would have to agree with you which is why I am taking a new route to acquiring knowledge .
The job did send the best IT geeks to SANS courses but now it's limited to Intrusion Analysts and Incident Handlers etc

I will have a shot in the future there is no rush now as "Malcom Gladwell's essay, Outliers, mastery of anything - whether it's the Beatles in music or Bill Gates in the computer world - takes 10,000 hours of practice"

FYI The C|EH is laughed at by the above group.

veritas_libertas

docrice wrote: »

The SANS SelfStudy is actually several thousand, depending on the course (if you click on Register you'll see the price list). $499 is for the certification attempt if you purchase it with a course.

https://www.sans.org/registration/register.php?conferenceid=208

You're right. I looked at that wrong and ouch!

I deleted my earlier post to prevent confusion...

lanrexng2

docrice wrote: »

If you opt for the OnDemand with the self-study, they usually have some kind of discount going on.

SANS: OnDemand Discounts and Specials

I think one reason for the cost is that they're very specialized in the security niche. There aren't SANS materials elsewhere like Amazon (not that's really good, anyway, from what I understand). If you think about it though, training courses through Global Knowledge or other similar training venues charge about the same, if not more, for less days of training.

You can always look through the SANS course syllabus and study the subject through other means (non-SANS books, etc.) and challenge the exam. That's much cheaper at $900 a shot and some people here have successfully done it. If you have sufficient industry experience and a decent amount of Windows and Unix hands-on, challenging the GSEC is definitely do-able.

Thanks for the input Kimi (Raikkonen ? ) I am giving myself time to learn as much as possible through labs, sims and work and hopefully it happens.

I do plan to follow your route and I am wondering if you can be my virtual mentor

docrice

lanrexng2 wrote: »

I do plan to follow your route and I am wondering if you can be my virtual mentor

We all mentor each other here. I can provide free advice, but remember ... you get what you pay for.

Paul Boz

I'm about $15,000 in to SANS (all paid for by employers some-how) and think they're great if you're in to being a general security practitioner with expert or at least extremely advanced skillsets in many areas. SANS training and certification is a great way to express to the community general competency in whatever that cert is in. Its also very much instructor-lead and the instructors are generally pillars of the security community. I'd rather learn from the best of the best than from some generically written text book.

lanrexng2

I just took the online assessment in 20 minutes and honestly without any google I scored 43 / 50. The questions I missed where actually details about biometrics, SSL/TLS hand shake for a sudo newbie. I thought for a second I was taking the security+ without any simulation questions.

I am aware the assessment are just an simple assessment but are the questions that straight forward and plain?

Sir Kimi and Sir Paul can you kindly break down the test methodology for SANS exams particularly GSEC, GCIH, GCIA. How much labs/practical/configure... as opposed to multiple choice questions?

Thank you!

docrice

GIAC exams are all multiple choice (with the exception of the GSE lab). The GSEC assessment provides a good feel of the type of questions you'll see on the GSEC exam (180-questions, 5 hour time limit). I scored roughly the same as you when I first took the assessment, and if you're comfortable at that level then I'd guess you can just self-study the miscellaneous areas that you feel weak in based on the course syllabus and maybe challenge it (or just move onto taking another course that's more in-depth, like a 500-level such as the GCIA).

Don't over-estimate the GSEC. It's a good solid exam, but it's not tough if you have strong foundations already.

jmu200

I recently purchased the SANS GCIA materials and while it was painful on the pocket, it was definitely worth it. The materials, course-ware and instructor really are top notch, I'm learning a LOT. The workbook and virtual classes go pretty deep into packet inspection/analysis and are pretty effective at hammering the concepts into my brain.

I also write off my training materials and books when tax season arrives (unless my boss pays for it).

lanrexng2

docrice wrote: »

GIAC exams are all multiple choice (with the exception of the GSE lab). The GSEC assessment provides a good feel of the type of questions you'll see on the GSEC exam (180-questions, 5 hour time limit). I scored roughly the same as you when I first took the assessment, and if you're comfortable at that level then I'd guess you can just self-study the miscellaneous areas that you feel weak in based on the course syllabus and maybe challenge it (or just move onto taking another course that's more in-depth, like a 500-level such as the GCIA).

Don't over-estimate the GSEC. It's a good solid exam, but it's not tough if you have strong foundations already.

Thanks for that break down. I am in learning mode right now school out for summer break and about 300 hours of time designated for IA/IT studying. We'll see how it goes. CCNA and GSEC

I wish i could write it off in a couple of years hopefully I can own my own gig

Thanks