CISSP to GSEC, is it advisable ? Or on to something else..

Maximus54

Hello
I recently took my CISSP exam and passed but as I was reading the many comments about the value of the certification, I read that I should also add a few more 'technical' certification from vendor like SANS. I read that the GSEC domains are similar to the CISSP domains so does anyone recommend that I also get met my GSEC even though I already have my CISSP and if so how easy would it be for me to take GSEC right away before I start forgetting the CISSP courseware?

docrice

The GSEC is much more technically-oriented. Unless you have actual hands-on experience in the domains covered by the GSEC, you'll probably need to spend some time studying for it. The CISSP and GSEC are pretty complementary from what I understand, and while they cover roughly the same subject areas, the GSEC is more in-depth.

Maximus54

Ooops made a mistake and responded to you instead of the thread but I was inquiring about how I can get a hold of the course ware without having to pay the $4000. I have the courseware dated 2005 from a friend, both the pdf and mp3, so should I use that and not worry about finding a recent one?

JDMurray

You can only get the SANS courseware by purchasing it directly from SANS via their SANS training program. Obtaining it any other way is a violation of the SANS/GIAC licensing agreement signed by the person who originally obtained the courseware and by anyone using it to challenge a GIAC exam. I wanted to point this out because your questions make it look as though a CISSP-certified professional is requesting pirated copyrighted materials in a public forum.

All that being said, the book Network Security Bible by Eric Cole is a very complete reference of the topics on the GSEC exam. Dr. Cole has spent the past 14 years researching, writing, and teaching the SANS 401 Security Essential course and maintains the content of the GIAC GSEC exam.

BTW, the cost to challenge a GIAC exam is currently $999US.

swild

That one is on my bookshelf to be read after I finish WGU. Hopefully I can get an employer in the future to sponsor me for a SANS course.

Maximus54

BTW will I be able to bring Network Security Bible by Eric Cole study guide with me during testing or are we only allowed to bring SANS OnDemand study guide? I am only asking since JDMurray said that there is a SANS/GIAC licensing agreement signed for the books.

docrice

You're allowed to bring any printed materials as long as they fit in a regular book bag (although I'm not sure what the specifics of this is). Common sense probably applies. That said, know the subject domains well enough. You won't have enough to time to verify every answer with a reference check to the printed materials.

laughing_man

docrice wrote: »

You're allowed to bring any printed materials as long as they fit in a regular book bag (although I'm not sure what the specifics of this is). Common sense probably applies. That said, know the subject domains well enough. You won't have enough to time to verify every answer with a reference check to the printed materials.

This.

You will be at a disadvantage going into the exam without having read/studied the actual SANS courseware. SANS exams are based solely on their material, so while someone can certainly challenge an exam and pass, it is a much more difficult path.

Why not have your employer pay for the class?

Maximus54

docrice I have been doing nothing but security for that last 3-4 months with Sec+, CCNA sec and finally CISSP so I am hoping that my many months of studying will help tremendously especially from the CISSP material since the domains are similar and we all know CISSP covers everything under the sun in security(1300 pages of reading)
laughing_man,
I wish that I could get them to pay for it but they won't because like most management they'd rather rely on security through obscurity, in other words we are too small and unimportant to get the attention of any attacker, as ridiculous as that sounds.

JDMurray

Yeah, they said in SANS 401 that all paper was allowed in the exam, just no electronics. Dr. Cole's book should come in very handy for a few exam questions.

And the black book bag they passed out at SANS training is quite large. It easily fits the six SANS 401 books and then some. I was think about just taking the books and my notes to the exam to avoid the formality of having the bag searched, but that's a lot of bound paper to juggle.

Maximus54

Docrice, a while back when I was thinking of implementing Snort into our network, i was thinking about studying for the SnortCP certification before i started working on that project but I could not find much information about it. I was pulled off that project and put on another one but I will have to resume with that implementation soon so how hard is it to get the SnortCP and did you take a class or study on your own and if so what materials did you use? Thanks.

docrice

Knowing the material from the CISSP, CCNA Security, and Security+ won't be sufficient to get through the GSEC. While the GSEC itself is also broad, it does get deeper into the more technical minutia of general security, tools, Windows, Unix, virtualization, etc..

Regarding the SnortCP:
http://www.techexams.net/forums/security-certifications/77438-review-snort-ids-ips-rule-writing.html

You can probably do just as well in your career by reading the Snort User's Guide and running your own IDS, but intrusion detection and analysis requires a prerequisite set of skills, namely an understanding of low-level networking protocols as well as payload insepction.

laughing_man

Maximus -

I don't want you to think I am discouraging from challenging GSEC. Your background certainly shows that you are a better candidate than most to challenge this exam.

GSEC covers a lot of networking concepts, certainly not CCNA level, but still fairly in depth. Perhaps you could pitch to your employer from that angle, that the GSEC cert is holistic in its approach to security. I certainly walked away knowing more about network functionality.

Maximus54

JDMurray, Laughing_man and Docrice I appreciate all of your help, I think I am going to wait until I can find an employer who can pay for the SANS class and/or study material. From your comments, I have concluded that it would probably be a mistake for me to take the challenge without the course ware material so I will wait. I was initially thinking that you guys would recommend the other exams like the GCIH or GCIA instead since there are similarities between CISSP and GSEC. Anyway thanks again.