Missing contents in SANS sec 401 of 2018 to 2019.

XxManishxXXxManishxX Member Posts: 1 ■□□□□□□□□□
Hi. my brother had taken GSEC exam in 2018 so this books are in reference at that time as time passed and few concepts changed and i wanna take up GSEC next year was wishing if someone could help me out with latest cocepts and we could share the added parts from both sides.
As it's too much around 8k$ just for few concepts as im here directly taking GSE for 2k$.

Here are the missing as well as 2019 contents which was taken off

401.1 : Securing Wieless Networks:

1. The Pervasiveness of "Wireless" Communications
2. Traditional Wireless: IEEE 802.11 and Its Continual Evolution
3. Personal Area Networks
4. 5G Cellular (Mobile) Communication
5. The Internet of Things

Note: Having an extra module : securing web communications.

401.2 :Defense-in-Depth and Attacks

1. Center for Internet Security Controls(but theres critical controls)
-Center for Internet Security (CIS) Controls.
2. Extra module of 401.1 (securing web communications) been added
3. Malicious Code and Exploit Mitigation
-High-Profile Breaches
-Ransomware
-Defensive Strategies
-Common Types of Attacks
-Instead Mitnick-Shimomura, Defensive strategies, common types of attacks.(added)
4. 4.  Securing Web Communications(quite different).

Note: Having an extra Advaned Persistent Threat(APT)

401.3 : Threat Management
1. Active Defense
-Honeypots(added).

401.4: Cryptography, Incident Response, and Risk Management
1. Cryptography
-Steganography Overview(missing) edit:found but not listed in main page.
2. Incident-Handling and Contingency Planning 
-Contingency Planning(instead Legal aspects of IH)
3. Contingency Planning(a seperate module)

401.5: Windows Security
1. Windows as a Service(instead Service packs,hotfixes & backups).
2.Network Services and Cloud Computing(instead Securing Windows - just n/w ser.)
-Network Services and Cloud Computing opics not covered as in
-Server Core and Server Nano
-Microsoft Azure and Office 365
3.Automation, Auditing, and Forensics
-Vulnub Scan & reporting(extra concept)

401.6: Linux Security
1. Linux Security: Structure, Permissions, and Access Controls
-Mobile Device Security(Android & IOS not present; instead apple MAC OS Sec)
-Linux Operating System(some concepts not present)
2. Hardening and Securing Linux Services
3.Monitoring and Attack Detection
-Grep,sed,awk & cut(added)
4.Security Utilities
Note: Alot of changes only in Linux

Comments

  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    It's specifically against the terms of usage to share that material, you know?

    You could always look on ebay for a new set of materials.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    .
    As it's too much around 8k$ just for few concepts as im here directly taking GSE for 2k$.


    If I'm reading this right, you already have GSEC, GCIH and GCIA certifications, which are required before attempting the GSE. I would think you could renew your GSEC early for $400 to get the latest and greatest course material for SANS 401. 
    Still searching for the corner in a round room.
  • quogue66quogue66 Member Posts: 193 ■■■■□□□□□□
    .
    As it's too much around 8k$ just for few concepts as im here directly taking GSE for 2k$.


    If I'm reading this right, you already have GSEC, GCIH and GCIA certifications, which are required before attempting the GSE. I would think you could renew your GSEC early for $400 to get the latest and greatest course material for SANS 401. 
    I think he forgot the C in GSEC.  I think he's saying that he prefers to pay 2k to challenge the GSEC rather than spend 8k to take SEC401 and the GSEC exam.
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    edited December 2019
    quogue66 said:
    I think he forgot the C in GSEC.  I think he's saying that he prefers to pay 2k to challenge the GSEC rather than spend 8k to take SEC401 and the GSEC exam.
    Ahh, I missed that.  I would be hesitant challenging the exam with outdated materials and limited knowledge/experience especially the GSEC, given it's popularity, I'm sure it's updated far more often than say the GREM. 2018 is now two years past, plenty of time for 3 or 4 revisions. While possible to pass the exam with older materials, since much of the core concepts are the same, you have to ace what material you do have available to you, I would guess it's 80% the same at this point.     
    Still searching for the corner in a round room.
  • bigdogzbigdogz Member Posts: 881 ■■■■■■■■□□
    You can find the domains covered on SANS website. If you want to do this next year, you may want to start looking things up then as the content changes.

    • Active defense, defense in depth, access control & password management
    • Cryptography: basic concepts, algorithms and deployment, and application
    • Defensible network architecture, networking & protocols, and network security
    • Incident handling & response, vulnerability scanning and penetration testing
    • Linux security: structure, permissions, & access; hardening & securing; monitoring & attack detection; & security utilities
    • Security policy, contingency plans, critical controls and IT risk management
    • Web communication security, virtualization and cloud security, and endpoint security
    • Windows: access controls, automation, auditing, forensics, security infrastructure, & securing network services


Sign In or Register to comment.