Gced?
Bl8ckr0uter
Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
in GIAC
Anybody thought about doing this exam? Looks pretty interesting?
Comments
-
docrice Member Posts: 1,706 ■■■■■■■■■■I read through the course description a while back and it seemed like a great follow-up to 401, but I can see why not many people seem to do it. While I'm sure I could gain from it personally, I still think it feels rather basic compared to the SANS courses which goes in-depth into specific areas. At the moment, there are only 165 GCED certified professionals. Compare that to nearly 6000 GCIHs and almost 3000 GCIAs and you can see what the popular vote says.
I'm sure it's a good course though. SANS hasn't disappointed me yet.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□I read through the course description a while back and it seemed like a great follow-up to 401, but I can see why not many people seem to do it. While I'm sure I could gain from it personally, I still think it feels rather basic compared to the SANS courses which goes in-depth into specific areas. At the moment, there are only 165 GCED certified professionals. Compare that to nearly 6000 GCIHs and almost 3000 GCIAs and you can see what the popular vote says.
I'm sure it's a good course though. SANS hasn't disappointed me yet.
So like there is no way I would be able to pay for any of the courses so basically I am trying to find a cert or two to challenge. People (including you ) have honestly scared away from GCIA at the moment (I'll probably wait until I next year to go after it as I no longer thing I can do it with the Wireshark book some links and a dream ). I am not doing GSEC because idk if it would be worth for money. Idk man... -
docrice Member Posts: 1,706 ■■■■■■■■■■It's good to aim for the cert, but aim for the knowledge first. These four-letter acronyms provide a nice shiny-shiny on the resume and business card, but in the real world it's all about what you can deliver.
The GSEC is still a very honorable cert. If you know Windows and Unix decently and understand common crypto types and other security concepts, I think it's definitely possible to pass. I would have passed with just my experience alone. Plus, the cert's highly-recognized (at least for those who recognize GIAC to begin with). Remember, these are open-book exams and you can bring in whatever printed material you want as reference, as long as it all fits within a reasonably-sized bag.
If the GCIA scares you (and it should for the uninitiated), then it's just a matter of getting comfortable with TCP/IP (which the Wireshark book provides a strong start on), using tcpdump, understanding hex, knowing the layer 3 and 4 headers, and some basics of DNS and HTTP. Oh yeah, and knowing some Snort basics. This is all achievable with time and patience. The 503 course does provide some acceleration to your learning, but if cost is the factor, then just be patient and keep chipping away at the material which you can certainly learn on your own time. No one gets good at this within a few months.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□It's good to aim for the cert, but aim for the knowledge first. These four-letter acronyms provide a nice shiny-shiny on the resume and business card, but in the real world it's all about what you can deliver.
I agree completely.The GSEC is still a very honorable cert. If you know Windows and Unix decently and understand common crypto types and other security concepts, I think it's definitely possible to pass. I would have passed with just my experience alone. Plus, the cert's highly-recognized (at least for those who recognize GIAC to begin with). Remember, these are open-book exams and you can bring in whatever printed material you want as reference, as long as it all fits within a reasonably-sized bag.
I keep hearing the opposite though. People seem to say GSEC is like Security+ level and it seems like I don't want to spend $900 on a test that isn't respected ya know?If the GCIA scares you (and it should for the uninitiated), then it's just a matter of getting comfortable with TCP/IP (which the Wireshark book provides a strong start on), using tcpdump, understanding hex, knowing the layer 3 and 4 headers, and some basics of DNS and HTTP. Oh yeah, and knowing some Snort basics. This is all achievable with time and patience. The 503 course does provide some acceleration to your learning, but if cost is the factor, then just be patient and keep chipping away at the material which you can certainly learn on your own time. No one gets good at this within a few months.
Well I mean people who have accomplished things I respect (including yourself) basically make this test seem like a mother----. Honestly the test I really want to do is GCIA, GCIH GPEN and GCED or GCFW. -
docrice Member Posts: 1,706 ■■■■■■■■■■Bl8ckr0uter wrote: »I keep hearing the opposite though. People seem to say GSEC is like Security+ level and it seems like I don't want to spend $900 on a test that isn't respected ya know?
In my eyes, there's a noticeable difference between Security+ and GSEC. If my only hiring criteria was based on certification, the GSEC would absolutely blow away Sec+. This is not to say that the GSEC is hard, but it's not a CompTIA cert by any means. I followed up on Sec+ with the GSEC so I'm pretty aware of how they feel side-by-side. On the same areas that these two certs cover, the GSEC goes a bit deeper. Plus, it starts getting into the more practical sysadmin Windows / Unix side of things.
If you want to compare the GSEC to the higher-level GIAC certs, then sure it's easier. There's a reason why GIAC Security Essentials is via a SANS 400-level offering vs. a GCIA / GCIH which is via a 500-level. One doesn't compare Algebra vs. Calculus.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□How much difference is GSEC vs like GCIA or GCIH? I mean how much time would you say someone would need between the two certs to get to the next level? I know it is a loaded question but what I am curious about is like IF I had the funds to do GSEC first (which I probably won't for a while), how much more difficult are the higher level test. I plan on doing SSCP in July so that might feel that might be same level as it.
-
docrice Member Posts: 1,706 ■■■■■■■■■■I think this would be very dependent on your existing experience. To generalize (and keep in mind that I may be grossly over-simplifying some things and making assumptions in other areas), the GSEC provides a nice solid overview on a lot of things, but it doesn't really get into intrusion detection / analysis or incident handling. It's a good balance of practical theory and some practical application that's useful in the workplace. If you're a general sysadmin who doesn't really have a security focus or mindset, the GSEC gets you going. Sysadmins are concerned about availability and deployment. Security sysadmins are about that and doing it with proper caution.
The higher-level stuff generally assumes that you have the requisite knowledge from the lower-level, but may not necessarily revisit many of those foundations. Instead, the 500-level SANS courses spends its focus tuned into its given area.
Let's take the 504 / GCIH, for example. It assumes that you already know how operating systems work, some peculiars of Windows or Unix, and the use of existing crypto systems. It also assumes that you're not tied to a GUI. If you're scared of the command line, then you need to spend some quality time with Mr. Blinking Cursor, especially in Unix.
Let's look at it from another angle. If your primary experience is in routing and switching, have some fluency in maintaining access lists, spend your lunchtime looking at logs and hunting down ghosts, and deal with site-to-site tunnels, then the GCFW may be the logical step. You still need to know TCP/IP decently (although not as much as the GCIA) and have some working knowledge of how common MITM attacks work, but for a network admin like that the GCFW might be easier than the GSEC.
So as I said, it depends on your experience and interest. While SANS does have a flowchart of course / certification paths, a lot of these classes can be take / exams challenged based on your existing skill level in whatever area you're comfortable in.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□I think this would be very dependent on your existing experience. To generalize (and keep in mind that I may be grossly over-simplifying some things and making assumptions in other areas), the GSEC provides a nice solid overview on a lot of things, but it doesn't really get into intrusion detection / analysis or incident handling. It's a good balance of practical theory and some practical application that's useful in the workplace. If you're a general sysadmin who doesn't really have a security focus or mindset, the GSEC gets you going. Sysadmins are concerned about availability and deployment. Security sysadmins are about that and doing it with proper caution.
The higher-level stuff generally assumes that you have the requisite knowledge from the lower-level, but may not necessarily revisit many of those foundations. Instead, the 500-level SANS courses spends its focus tuned into its given area.
Let's take the 504 / GCIH, for example. It assumes that you already know how operating systems work, some peculiars of Windows or Unix, and the use of existing crypto systems. It also assumes that you're not tied to a GUI. If you're scared of the command line, then you need to spend some quality time with Mr. Blinking Cursor, especially in Unix.
Let's look at it from another angle. If your primary experience is in routing and switching, have some fluency in maintaining access lists, spend your lunchtime looking at logs and hunting down ghosts, and deal with site-to-site tunnels, then the GCFW may be the logical step. You still need to know TCP/IP decently (although not as much as the GCIA) and have some working knowledge of how common MITM attacks work, but for a network admin like that the GCFW might be easier than the GSEC.
So as I said, it depends on your experience and interest. While SANS does have a flowchart of course / certification paths, a lot of these classes can be take / exams challenged based on your existing skill level in whatever area you're comfortable in.
+Rep. I think you answered my question. I think you hit spot on what I needed to hear. That said, I think I really will skip GSEC for now. GCFW and GCIA are closer to what I am doing and GPEN is closer to what they want me to do. -
paladion Registered Users Posts: 1 ■□□□□□□□□□Hi Mate,
First of all i would like to say hello !!! I have gone through the above thread also the course descriptions in the GIAC site.I would like to know which certification is more valuable (GCED) or (GCFW) in the prespective of the more job oppurtunities.I am currently working as Firewall and IDP engineer with 5 years of experience in my current job and would like to focus on next level job... Gathering information about the next job for diversified knowledge and more pay, but till now i couldn't come to conclusion...It would be great if could also share your views about the next level of job
Thanks -Paladion -
docrice Member Posts: 1,706 ■■■■■■■■■■The GCED isn't very well-known and I haven't seen it specifically mentioned in any job postings. The GCFW isn't very well-known either, but I've seen it here and there. Also keep in mind that that if organizations are aware of GIAC certifications, they'll probably notice a GCED.
I personally haven't pursued the GCED, but my guess is that you'll get more overall bang for your buck with a GCIA, GCIH, or others.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/