About to pay for SANS FOR572: Advanced Network Forensics and Analysis

UnixGuyUnixGuy Mod Posts: 4,564 Mod
Only few courses available in my city, so I thought that would be the best one for me....

I don't wanna travel...and I'm not being picked for work-study icon_rolleyes.gif

https://www.sans.org/event/melbourne-2016
Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


Comments

  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    Feel free to share you thoughts, experiences..etc. It's my SANS training...and I figured I need to start getting them so!
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I'm taking 511 right now and it is truly knowledge via firehose. Definitely worth it!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    @Grinch: sounds awesome mate! I thought it's time for me to step it up training wise, and if I wait for my employers it just won't happen. Looking forward to build and expand my packet analysis and forensic knowledge! I think I'll prepare with some wiresharsk kangfu in the next couple of months
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    So I'm not quite sure I have the best technical background to tackle this course, but I have time to prepare.

    What books do you recommend I do before taking this course? There is couple of months and I can do some reading/practice.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • bsjj27bsjj27 Member Posts: 24 ■■□□□□□□□□
  • cgrimaldocgrimaldo Member Posts: 439 ■■■■□□□□□□
    UnixGuy, did you ever pull the trigger on the purchase? I just passed the GCIA and this is next on my list. I'm interested to hear your gameplan on tackling this. :)
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    cgrimaldo wrote: »
    UnixGuy, did you ever pull the trigger on the purchase? I just passed the GCIA and this is next on my list. I'm interested to hear your gameplan on tackling this. :)


    No I didnt :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    I'm soo tempted to pay for my own SANS training and certification. I really would like to work in InfoSec.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I just want to put it out there that SANS training isn't required to work in InfoSec. Does it help? Sure, but I got into InfoSec without any SANS training. Part of it is time and place, but the other side is a solid foundation that you can then turn around and articulate how to secure it. With your current certification list and some experience I don't doubt you could land an InfoSec position.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • billDFWbillDFW Member Posts: 45 ■■□□□□□□□□
    of all the courses, which ones are the ones to get ? Self-funded and limited budget.
  • TranceSoulBrotherTranceSoulBrother Member Posts: 215
    Based on your previous posts, quite a few for you before stepping into the SANS arena. I would advise the basic COMPTIA triad, then build up to CASP and at least study/pass CISSP (even if you don't have the required 5 years of INFOSEC experience, at least you would have the knowledge and the designation of Associate of ISC2). Later, with more experience under your belt, tackle the SANS course. $6000 / course is nothing to sneeze at if you will not benefit and comfortably pass the test.
    I'm waiting a little more myself before pulling the trigger.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    the_Grinch wrote: »
    I just want to put it out there that SANS training isn't required to work in InfoSec. Does it help? Sure, but I got into InfoSec without any SANS training. Part of it is time and place, but the other side is a solid foundation that you can then turn around and articulate how to secure it. With your current certification list and some experience I don't doubt you could land an InfoSec position.


    ++ This is spot on.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Agree with TranceSoulBrother, get some experience and other certs under your belt before considering self-paying for SANS training. I'm now at a point where I will self pay some of the more advanced SANS courses. I'm looking to take the GPEN via Work Study or by challenging the exam but after that, I will probably just self-pay for GXPN, GWAPT and GREM.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    I'm soo tempted to pay for my own SANS training and certification. I really would like to work in InfoSec.

    If you paying for SANS on your own dime, I would at least try to get a work study. There have been people that never attended training and were picked. Just don't be picky about location and select a lot of courses.
    Still searching for the corner in a round room.
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    the_Grinch wrote: »
    I just want to put it out there that SANS training isn't required to work in InfoSec. Does it help? Sure, but I got into InfoSec without any SANS training. Part of it is time and place, but the other side is a solid foundation that you can then turn around and articulate how to secure it. With your current certification list and some experience I don't doubt you could land an InfoSec position.

    Thank you for the input. I'm looking for a solid foundation for InfoSec for sure but it's just that there are so many roads to get there. It's tough trying to get the experience and I'm totally working on learning new things which can help put me in the spot that I need to be in. I keep trying to ask people at work, who deal with security related things for tasks so I can learn but no one has anything. I'm gonna talk to someone in the security department soon to see if there will be any hands on technical stuff later. Right now it's just risk management and policies for the most part.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    @James: since you already registered for eLearnSecurity eCPPT ...if you study for that and finish you WILL learn a lot about InfoSec (not just pentesting), your networking background will improve and system knowledge as well. Keep doing what you're doing, knowledge will build up sooner than you think.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    Thanks UnixGuy. I keep telling myself to keep doing what I'm doing. eCPPT is way over my head at times. Gotta spend time on youtube for help.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    ..eCPPT is way over my head at times....


    and this is the best and fastest way to learn and grow.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    Reconnaissance and study your target. In this case its the SANS GNFA certification. Johnathan Ham is one of the instructor for this course and is an author of the book regarding network forensics. https://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace/dp/0132564718
    Check the content page of the books and the SANS course, there is quite a good amount of similarties
  • idirumidirum Registered Users Posts: 3 ■□□□□□□□□□
    I am new to this forum, and I absolutely agree with this post. The best and closest book you can find to GNFA. I am currently taking GNFA as well, I was blessed to work with a company that paid for my course. My day-to-day job is basically wearing couple of hats in the security world, from malware analysis, endpoint analysis to network forensics. My materials hasn't arrived yet, I've been going through the onDemand, since 07/08 (the day I got my access) and already knocked half of 572.1 . What I can tell you so far is that, it's going great, loving it and plethora of knowledge to be gained with all the information. Most of the things I have encountered thus far is something I already know, but you would stumble upon information that you never thought or knew from time to time, especially true for tools you might/might not know.

    My goal is to tackle GCFA, GREM and GCIH.
  • idirumidirum Registered Users Posts: 3 ■□□□□□□□□□
    idirum wrote: »
    I am new to this forum, and I absolutely agree with this post. The best and closest book you can find to GNFA.

    I was referring to LionelTeo's post regarding "Network Forensics Tracking Hackers Through Cyberspace". Sorry, wasn't able to edit my posted reply above.
  • secmonstersecmonster Registered Users Posts: 4 ■□□□□□□□□□
    Thought this was a great course, real eye opener.
  • christians1christians1 Member Posts: 6 ■■■□□□□□□□
    Did you ever complete the for572?
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    I didn't pay nor take course.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • justSomeGuyjustSomeGuy Registered Users Posts: 4 ■□□□□□□□□□
    Has anyone actually taken the 572 exam? I'm curious as to how much overlap with 503 there is in the course material.
Sign In or Register to comment.