Gcia

L0gicB0mb508L0gicB0mb508 Member Posts: 538
Just got word today that my company is going to pay for my SANS 503 course and my GCIA certification. I'm really excited about it.
I bring nothing useful to the table...
«13

Comments

  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Nice! Please post your experience with the class and the cert exam.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Congratz! That would be a blast.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    JDMurray wrote: »
    Nice! Please post your experience with the class and the cert exam.
    Will do. It may take a little bit before I get it all approved, but I will definitely post my experiences for you all.
    I bring nothing useful to the table...
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    Great news, yes please keep us up to date. I was told I would need to get this sometime so I am looking to take it next spring.
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    Sweet! A lot of the material is shared with the GCFW (TCPDump, snort, etc). You will like it very much :)
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    pbosworth@gmail.com
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Paul Boz wrote: »
    Sweet! A lot of the material is shared with the GCFW (TCPDump, snort, etc). You will like it very much :)

    After I get done with GCIA, I may actually go for the GCFW. It does sound like a really awesome class.
    I bring nothing useful to the table...
  • unsupportedunsupported Member Posts: 192
    I'm taking the Intrusion In-Depth course next month in DC. I'm in a holding pattern for preparing until after this semester, but I bought both the SANS GCIA and GCFW books as reference.
    -un

    “We build our computer (systems) the way we build our cities: over time, without a plan, on top of ruins” - Ellen Ullman
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    I just got final approval and my paperwork. It looks like I'm ready to go. I'll hopefully get signed up and started next week.
    I bring nothing useful to the table...
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    Excellent. I received word today that I should be able to register for the self-training for the GCIH in January. I'm looking forward to incident handling.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    pbosworth@gmail.com
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Paul Boz wrote: »
    Excellent. I received word today that I should be able to register for the self-training for the GCIH in January. I'm looking forward to incident handling.

    That would be a lot of fun. I work with a lady that has that cert as well as a few other SANS certs. I'll have to ask her how that one is. I think she actually teaches the intrusion analyst course from time to time.

    You're going to ba a SANS-aholic before is all said and done huh? haha
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Finally got the call from my company today that they are registering me. I hope to hear back by the end of the day. If not today then the next couple days. I'm keeping my fingers crossed things speed up a little after this point.
    I bring nothing useful to the table...
  • unsupportedunsupported Member Posts: 192
    Congrats on getting approval. I just took the GCIA course and it was amazing! I feel like that scene in The Matrix where Neo sees all the code that runs The Matrix and kicks The Agents ass.. well, 'cept with network packets. :)

    That's about all the write-up I've given the course 'cause I've been so busy. I should have taken notes on my thoughts and feelings... ahh, one of these days I'll do it.
    -un

    “We build our computer (systems) the way we build our cities: over time, without a plan, on top of ruins” - Ellen Ullman
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Congrats on getting approval. I just took the GCIA course and it was amazing! I feel like that scene in The Matrix where Neo sees all the code that runs The Matrix and kicks The Agents ass.. well, 'cept with network packets. :)

    That's about all the write-up I've given the course 'cause I've been so busy. I should have taken notes on my thoughts and feelings... ahh, one of these days I'll do it.

    I hope to give a good write up when i actually get to do it. Right now it seems like I've once again been dropped to a screeching halt.
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Andddd I'm still waiting. I think I may actually just do the OSCP on my own while I'm waiting. Good times.
    I bring nothing useful to the table...
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    You could start studying the GCIA subjects on your own so that when you get the material it makes more sense / you can get through it quicker. My strong networking background made the GCFW pretty easy. The more you know going into a SANS test the more you'll take out of it and the higher the score you'll obtain. Go to the SANS site and print each day's curriculum for the course. Go through the list researching the subjects until you get approved.

    Here's day one's curriculum for the GCIA:
    * Refresher of TCP/IP
    o Including tcpdump, hexadecimal, TCP/IP Communication model
    * TCP/IP Communication Model
    o TCP, UDP, and ICMP
    * IP Fragmentation
    o How It Works
    o Initial Fragment and Protocol Information
    o Additional Fragments and Offset
    o Malicious Fragmentation
    * Internet Control Message Protocol (ICMP)
    o ICMP Theory
    o Mapping Using ICMP
    o Normal ICMP Behavior
    o Malicious ICMP Traffic
    * Stimulus and Response
    o Expected Behavior for Normal Activity
    o Normal but Unconventional Stimulus-Response
    o Behaviors and Categories of Abnormal Stimulus-Response
    * Microsoft Protocols
    o SMB/CIFS
    o DCE/RPC
    o Active Directory
    * Domain Name System (DNS)
    o Client and Server Interaction
    o Server to Server Interaction
    o Primary and Secondary Servers
    o Transport Protocol Used (TCP/UDP)
    o Intelligence Gathering Tools
    o DNS: the Dark Side
    * Internet Routing
    o Static Routing
    o The Role of Address Resolution Protocol
    o Loose Source Routing
    o Dynamic Routing Protocols
    o Multicast Routing
    * IPsec
    * IPv6

    You can study every single one of these subjects to well beyond the course's requirements without the course material. I suggest you do that rather than investing time into a cert that you may not complete by the time your SANS cert gets approved.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    pbosworth@gmail.com
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • carboncopycarboncopy Member Posts: 259
    That's cool that you are going to take that class! I think it will lots of fun :)

    I am praying that I get approved to go to the SANS event taking place in Disney in a couple of months.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    I just printed them off. Doesn't look too bad at all. I'll have to brush up on my Snort rule writing. I see that now.
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    carboncopy wrote: »
    That's cool that you are going to take that class! I think it will lots of fun :)

    I am praying that I get approved to go to the SANS event taking place in Disney in a couple of months.

    Good luck to you. I hope your process goes much faster than mine.
    I bring nothing useful to the table...
  • carboncopycarboncopy Member Posts: 259
    Good luck to you. I hope your process goes much faster than mine.

    Yeah I hope so too... I really do.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    carboncopy wrote: »
    Yeah I hope so too... I really do.
    I'll get there someday. Maybe.
    I bring nothing useful to the table...
  • carboncopycarboncopy Member Posts: 259
    I'll get there someday. Maybe.

    Almost threw a WV joke there... but was able to hold myself back :P
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    shuddup packet monkey before i pimp slap you.
    I bring nothing useful to the table...
  • carboncopycarboncopy Member Posts: 259
    shuddup packet monkey before i pimp slap you.

    I wonder how many people on here are actually at work....

    This thread is going in the wrong direction, lol.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    I finally got started today. I'm really excited. The OnDemand stuff looks pretty good. You have the option of watching the videos or listening to the mp3s before your books arrive. I guess it's going to be a busy month, i expected this to take even longer, so i signed up for OSCP as well. Oh well, I think this material will keep me interested enough that I can do the double courses.
    I bring nothing useful to the table...
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    I guess it's going to be a busy month, i expected this to take even longer, so i signed up for OSCP as well. Oh well, I think this material will keep me interested enough that I can do the double courses.
    Good heavens! No job and family then? ;)
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    JDMurray wrote: »
    Good heavens! No job and family then? ;)

    i may not have a wife once I'm done haha.
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    No real progress on this. I've actually had a little bit of a hard time getting into this material. Work has been pretty demanding, so I haven't had a chance to really study like I want to. I realllly need to get on it though.icon_sad.gif
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    I finally got around to studying for this bad boy a little. Im about 1/3 way through the first book which is TCP/IP for Intrusion detection. This particular book in the series is just to get everyone up to speed on the basics of TCP/IP and some of the general concepts covered in the course. So far I've covered the following:
    tcpdump overview
    TCP/IP overview
    analysis of the IP header from tcpdump's hex output
    fragmentation
    historical fragmentation attacks
    ICMP overview

    Each little segment has its own quiz at the end. Sometimes the questions are a little vague, but over all they are pretty good. They actually give you sample output from tcpdump and ask questions on it. I do like the real world factor of it.
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Wow, I'm burnt out. Work has been pretty hectic, so it's kind of wearing me down. I'm about 1/2 way through this, but it's hard to find the motivation to continue. Right now I'm doing a new Snort install and I've been going through the OnDemand videos.
    I bring nothing useful to the table...
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    That is awesome. I do need to complete GCIA and GCIH classes and exams to earn my GSE and work towards my Cyber Guardian Credential.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
Sign In or Register to comment.