GSIF....necessary?
Hello All,
Never thought of going to this forum but decided to take a peek inside and I gotta say this certification set looks to be the most toughest and expensive I've seen so far(a grand for one exam??...not including a course) I took a look at the SANS GIAC website and all to get somewhat an idea of what you need to know and what can you learn from this...seems pretty interesting. I took a look at the roadmap and I saw the first introductory exam was the GSIF (GIAC Information Security Fundamentals) and out of curiosity was wondering would this be the first step for someone who would be interested in this kind of thing to take? Because from what I see here is that not a lot of people mention GSIF...its mostly GSEC (the intermediate level), is it even worth doing GSIF? The only guess I would make is that there isn't much of a difference between GSIF and GSEC so instead of spending $2000 you can kind of kill two birds here...or the GSIF exams is too easy for a test for that kind of money? Also, I notice there is no love for GCWN (GIAC Certified Windows Security Administrator) on the forum posts here? I'm asking because I am a Windows guy and always been interested in security, so I thought this would kind of go hand in hand....is this certification not worthy of mentioning?
Never thought of going to this forum but decided to take a peek inside and I gotta say this certification set looks to be the most toughest and expensive I've seen so far(a grand for one exam??...not including a course) I took a look at the SANS GIAC website and all to get somewhat an idea of what you need to know and what can you learn from this...seems pretty interesting. I took a look at the roadmap and I saw the first introductory exam was the GSIF (GIAC Information Security Fundamentals) and out of curiosity was wondering would this be the first step for someone who would be interested in this kind of thing to take? Because from what I see here is that not a lot of people mention GSIF...its mostly GSEC (the intermediate level), is it even worth doing GSIF? The only guess I would make is that there isn't much of a difference between GSIF and GSEC so instead of spending $2000 you can kind of kill two birds here...or the GSIF exams is too easy for a test for that kind of money? Also, I notice there is no love for GCWN (GIAC Certified Windows Security Administrator) on the forum posts here? I'm asking because I am a Windows guy and always been interested in security, so I thought this would kind of go hand in hand....is this certification not worthy of mentioning?
Comments
-
docrice Member Posts: 1,706 ■■■■■■■■■■I never really hear about the GISF, but I'd guess that for most people it's probably better to just go through Security+ and then tackle the GSEC. It depends on your existing experience and knowledge level.
The GCWN was just discussed recently here I think. I think it's a fine cert to have, but it's hardly recognized in the world of Microsoft products and related certifications.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
JDMurray Admin Posts: 13,099 AdminAssuming the target customers for SANS training and GIAC certifications are businesses and not individuals, the GISF is something designed to give professionals with no security experience a baseline in Information Security. I see legal, law enforcement, financial, and insurance people being the prime candidates for this cert.
If you want a cheaper way to check if you like InfoSec, take docrice's advice and start with Security+. -
docrice Member Posts: 1,706 ■■■■■■■■■■Should've looked closer at RomBUS' cert list. He already has Sec+, in which case I'd recommend doing the GSEC instead.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
-
JDMurray Admin Posts: 13,099 AdminIf it must be a GIAC cert then yes, GSEC definitely. If GIAC isn't a must, the SSCP is a good alternate.
-
RomBUS Member Posts: 699 ■■■■□□□□□□Thanks for the advice guys...dorice you have a decent amount of GIAC certs..did your company pay for that or you're just loaded? Dont mean to be nosey I just find it impressive. Also is it true that you can just take these exams at home? (without classes). I have not ever held a position in infosec but its always been something I kind of wanted to kickstart...just never given the opportunity or found a way to create it.
-
AlexNguyen Member Posts: 358 ■■■■□□□□□□Also is it true that you can just take these exams at home? (without classes).
Not at home, at a Pearson VUE testing center. You can challenge a GIAC cert without SANS training. It will cost you US$999. With SANS training, the exam will cost US$549.Knowledge has no value if it is not shared.
Knowledge can cure ignorance, but intelligence cannot cure stupidity. -
docrice Member Posts: 1,706 ■■■■■■■■■■dorice you have a decent amount of GIAC certs..did your company pay for that or you're just loaded?
A former employer sponsored one. The others I funded on my own by unloading my bank account at great personal sacrifice.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
ptilsen Member Posts: 2,835 ■■■■■■■■■■I honestly can't see any sense in GISF. Any employer that will pay for GIAC might as well send you to GSEC. For non-professionals or more entry-level professionals, I don't see that GISF really holds any value over Security+. I realize GIAC's market is more for organization-sponsored certification, but I still see Security+ as a more logical starting point for the organization.
-
AlexNguyen Member Posts: 358 ■■■■□□□□□□I realize GIAC's market is more for organization-sponsored certification, but I still see Security+ as a more logical starting point for the organization.
CompTIA's certs are well known in the US. But in Canada (Quebec), I did not see any IT job postings asking for CompTIA's certs yet. For IT security, employers are asking for (ISC)2, ISACA, GIAC, EC-Council, DRI, or BCI certs.Knowledge has no value if it is not shared.
Knowledge can cure ignorance, but intelligence cannot cure stupidity. -
ptilsen Member Posts: 2,835 ■■■■■■■■■■AlexNguyen wrote: »CompTIA's certs are well known in the US. But in Canada (Quebec), I did not see any IT job postings asking for CompTIA's certs yet. For IT security, employers are asking for (ISC)2, ISACA, GIAC, EC-Council, DRI, or BCI certs.
But is anyone, anywhere asking for GISF? -
JDMurray Admin Posts: 13,099 AdminBut is anyone, anywhere asking for GISF?
-
ptilsen Member Posts: 2,835 ■■■■■■■■■■Indeed, and all but two of them also list Security+. All of them are really looking for a higher level of certification. But, yes, to answer my own question, evidently there are at least ten job openings listing GISF.
However, given the 428 listing Security+ on Dice, I'm going back to my original point. -
AlexNguyen Member Posts: 358 ■■■■□□□□□□...evidently there are at least ten job openings listing GISF.
However, given the 428 listing Security+ on Dice, I'm going back to my original point.
IMHO, why bother to get an "entry level" cert (GISF or Security+). You can read books and self-study. Then go for a higher level cert (GSEC).Knowledge has no value if it is not shared.
Knowledge can cure ignorance, but intelligence cannot cure stupidity. -
ptilsen Member Posts: 2,835 ■■■■■■■■■■AlexNguyen wrote: »IMHO, why bother to get an "entry level" cert (GISF or Security+). You can read books and self-study. Then go for a higher level cert (GSEC).
GSEC is expensive and won't get you an entry-level job, necessarily. Not that Security+ is likely to, but at least it's cheap. -
JDMurray Admin Posts: 13,099 AdminSomeone with SANS 401 training and the GSEC cert would make a great entry-level candidate however unlikely an entry-level person would be to have those qualifications.
-
ipchain Member Posts: 297GSEC is comparable to CISSP in terms of the vast amount of information that it covers. The GSEC would make a great entry-level candidate, but there are cheaper alternatives as others have already stated.Every day hurts, the last one kills.
-
RomBUS Member Posts: 699 ■■■■□□□□□□Do you guys know anyone that has paid for GSEC out of pocket? Instead of through the company? Is it wise to pay out of pocket? I am asking because I would think having GSEC would give anyone a boost going into the InfoSec field to get a little advantage to try to get their feet wet in there
-
laughing_man Member Posts: 84 ■■□□□□□□□□Taking GSEC now on the company's dollar. A good cert, but I am not sure I would pay $4000+ of my own money to take it. If I had to pick a similar cert to do with my own cash, I would do SSCP or CEH.
-
reppgoa Member Posts: 151GSEC is a solid cert. Its the first cert I have passed that I feel actually tested me.
-
RomBUS Member Posts: 699 ■■■■□□□□□□laughing_man wrote: »Taking GSEC now on the company's dollar. A good cert, but I am not sure I would pay $4000+ of my own money to take it. If I had to pick a similar cert to do with my own cash, I would do SSCP or CEH.
SSCP hmm....I should look into that. Thanks for the info, $4000+ is not the ideal range I want to spend on a cert.