Possible Study Text for GSEC

Hello all,

I was wondering if i can use the below text as a single study source for the GSEC exam in replacement of the official course material.

GSEC GIAC Security Essentials Certification All-in-One Exam Guide by Ron Messier.

GSEC GIAC Security Essentials Certification All-in-One Exam Guide: Ric Messier: 9780071820912: Amazon.com: Books

Thanks,

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

docrice

That's the first time I've seen this book (it was published just a few months ago). Interesting, although I must caution that SANS updates their courseware often (some more than others, although SANS SEC-401 probably doesn't warrant as-frequent updates compared to something like SEC-560) and the respective GIAC certification exam will update accordingly.

I'm under the impression that past publications regarding GIAC exam content has been less than desirable, although I've never read any of them. The best source material to study from is obviously the SANS courseware itself, but those tend to be priced out of reach for many individuals.

I'd guess this is the author:

http://www.washere.com/about-us
http://www.vtc.com/modules/products/authorInfo.php?author=407
http://www.linkedin.com/pub/ric-messier/0/86a/941

He obtained his GSEC certification back in March.

Another book that you can consider is:

http://www.amazon.com/Network-Security-Bible-Eric-Cole/dp/0470502495/ref=pd_sim_b_1

This was written by the SANS 401 author himself (Dr. Eric Cole), although I don't know if the contents of this book directly translate to the 401 courseware. I haven't read it.

If you get the first book, I'd be interested to know what you think of it.

pappyT

I've not taken the class or GSEC exam yet, but I'd also second the idea of the Network Security Bible. Definitely a book that likely has all of the content, as well as a useful resource outside of the exam studying as well.

To be honest, my personal opinion, I'd be very hesitant on the Messier book (especially as a single source), for a couple reasons.

1. First is that I know SANS and GIAC are pretty particular about their courseware and certifications, and have been active in protecting their IP and trademarks/copyright.
2. To go along with that, the agreements that you have to sign as you take the exam are very explicit in what an exam taker can or cannot share with others, as far as content of the exam. Even sharing the course books with coworkers technically is forbidden.

From SANS.org "No. Users may not copy, reproduce, distribute, display, modify or create derivative works based upon all or any portion of the courseware in any medium whether printed, electronic or otherwise, without the express written consent of the SANS Institute. Without limiting the foregoing, user may not reproduce, distribute, re-publish, display, modify, or create derivative works based upon all or any portion of the courseware for purposes of teaching any computer or electronic security courses to any third party without the express written consent of the SANS Institute. "

Based on 1 and 2, if this book is on the market, and Mr. Messier is not yet under legal action from SANS, then perhaps his book's content really isn't all that representative of the SANS/GIAC content contained on the exam?

I'm not saying you 'HAVE' to take the SANS course and have the 900+ pages of courseware, but I would not rely on the $40, 480 page book to be a single source study resource for the $1000+ exam try.

cyberguypr

Let's put it this way, if you don't use the official material, your probability of passing goes down drastically. This is mostly due to what was mentioned above. SANS changes the courseware regularly and that's where they pull questions from.

Also as mentioned, above, books by course authors are the next best thing after the official courseware. Dr. Cole, Ed Skoudis, and others have books that touch a lot of their respective course's content.

JDMurray

Dr. Cole's Network Security Bible has was more detail than what you need for the GSEC exam, but it will help you understand topics that you don't understand from only reading the GSEC courseware.

swish45

Thanks docrice,

I've had a quick skim through the text, and it looks like the text covers similar topics found in the Security+ curriculum, but in more depth.

I'm currently studying for the Security+ exam and can see some resemblance.

swish45

Appreciate the advice on Dr Cole's Book.

Looks like it's been organised well and has a level of depth that would help build a strong base.

The official course material is out of reach for me financially at this stage.

Considering i'm a newbie to the Security field, and will be sitting my Security+ exam soon, how confident should i be to use Dr Cole's book as my only reference for the exam?

Om other words, i study the text well what are my chances?

docrice

You could also contact Dr. Cole directly to get his take. Given his position, I would hope that he'll be honest and not just try to sway you into taking the SANS class:

http://www.securityhaven.com/

swish45

As suggested, i sent him an email 5 days ago, but haven't had a response.

Either the doc is on holidays or is subtly indicating his book is a good replacement for the official course material!

BillHoo

My experience from the only GIAC cert that I have taken and passed.

- I took the Security+ cert as an exercise in prepping for the GSLC. They are two different animals, but there was a bit of overlap and the SANS material covered in more depth. I'd say Darril Gibson's Security+ book covered 50-60 percent of the GSLC material. And it helped me solidify some concepts in my study. That said....
- Many of the GIAC exam question answers were copied verbatim or nearly so from the SANS texts. You literally have the anwers to the the GIAC exams in your SANS courseware books.
- Other source texts probably do not cover all the material in the SANS courseware.
- In particular examples in the SANS courseware derived from current events that become the base for test questions. It's one thing to know the answer of "What was the major control violated by Ed Snowden?" That was a major story. But there are hundreds of things that happen throughout the year that could become part of the courseware - "What Federal data was stolen from University Hospitals of Cleveland in 2013?" Sure, current events questions might make up only 2 or 3 questions, but that's 2 or 3 pieces of information you did not get exposed to.
- In some cases, a third party text might contain way more information than you need for the cert! Knowledge is good, but do you want to cram material not relevant to your goal at the last minute?

5ekurity

If you are a WGU student, the GSEC GIAC AIO text is available via Books 24x7. Included in the cost of tuition, can't hurt to look through.

swish45

5ekurity wrote: »

If you are a WGU student, the GSEC GIAC AIO text is available via Books 24x7. Included in the cost of tuition, can't hurt to look through.

Thanks 5ekurity!,

Is that the official GSEC course material that is offered during the course?

docrice

I strongly doubt that the GSEC AIO book is equivalent to the SANS courseware, but then again I've never seen it. I wouldn't compare them based on page count since SANS courseware has a lot of content over six books, but at the same time each page is half-covered in the form of a powerpoint slide and some specific notes about the topic for the bottom half of the page.

In the grander scheme of things, the GSEC material is relatively generalized and broad. If you need the certification, that's one thing, but if you're more interested in the knowledge, then the AIO might be a good investment.

CCNPforSure

I got this book for Christmas, Ill start reading it soon and get back to you after my exam as to how decent it is.

swish45

CCNPforSure wrote: »

I got this book for Christmas, Ill start reading it soon and get back to you after my exam as to how decent it is.

Thank you mate. really appreciate it.