Can you recommend some books for GSEC

AmcoAmco Member Posts: 73 ■■□□□□□□□□
Any books or study guides you found useful for the GSEC. icon_thumright.gif

Comments

  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Amco wrote: »
    Any books or study guides you found useful for the GSEC. icon_thumright.gif

    For starters Network Security Bible (written by the same guy who helped write the test). I plan on going for the test next year. I have a list around here somewhere. I'll post it when I find it. I think I am going to use one of the Security resource kits for windows 2003/2008 to help with the windows security aspect. I know I also wanted Hardening linux (no jokes, low hanging fruit). I know I am also going to use my ISCW book for some of the network security aspects of the exam. I think a book like counterhackreloaded would help with some of the other objectives. There are a few folks here who have taken the exam so I also wanted to pick their brains at the end of the year. For some of the more advanced InfoSec people on here, apparently this test was pretty easy but to me the objectives look a bit broad. I plan to self study and challenge the test.

    As I am looking at the objectives again, the Network Security Bible covers a lot of them. I just cannot say whether or not it is enough for the exam.
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    SANS updates their course content often, but that book by Eric Cole is pretty recent and from glancing at the table of contents it looks pretty similar to the official GSEC course materials I have (although arranged in a slightly different order). I'd probably expect this though since Dr. Cole authored the GSEC.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    docrice wrote: »
    SANS updates their course content often, but that book by Eric Cole is pretty recent and from glancing at the table of contents it looks pretty similar to the official GSEC course materials I have (although arranged in a slightly different order). I'd probably expect this though since Dr. Cole authored the GSEC.

    Do you think that the Network Security Bible will be enough (along with a few other things)? Basically do you think that this test can be self studied?
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I've only seen that book's table of contents so I don't know how "GSEC-thorough" it is and all I can do is speculate without having it in-hand. That said, yes the GSEC can be self-studied for, but since the certification covers such a wide range of topics, it probably won't be easy unless you have existing experience in common security topics like basic crypto, authentication controls, basic forensics, policies, examining packet traces, wireless, etc., as well as general Windows / Linux security.

    I'd bet that book would be invaluable though.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    docrice wrote: »
    I've only seen that book's table of contents so I don't know how "GSEC-thorough" it is and all I can do is speculate without having it in-hand. That said, yes the GSEC can be self-studied for, but since the certification covers such a wide range of topics, it probably won't be easy unless you have existing experience in common security topics like basic crypto, authentication controls, basic forensics, policies, examining packet traces, wireless, etc., as well as general Windows / Linux security.

    I'd bet that book would be invaluable though.

    I have it. It is a good read, a bit dry at times though. I don't have that much experience but I think with a few months (4 or so) I should be able to self study for it.
  • rwmidlrwmidl Member Posts: 807 ■■■■■■□□□□
    Are you just taking the test or are you going to take the class from SANS first?
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • AmcoAmco Member Posts: 73 ■■□□□□□□□□
    I really don't have the money for a class, so it's going to be self-study.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Amco wrote: »
    I really don't have the money for a class, so it's going to be self-study.

    Neither do I. Do you have a time frame in mind?
  • AmcoAmco Member Posts: 73 ■■□□□□□□□□
    Nothing within the next 3 months, I have to knock out cwna, cwsp and ccna.
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    No the Security Bible is not enough.

    Blueprint for the exam:
    http://www.giac.org/certbulletin/gsec.php

    For Wireless:
    http://www.amazon.com/Certified-Wireless-Network-Administrator-Official/dp/0470438908/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285645331&sr=8-1
    http://www.javvin.com/wlan-wifi-guide.html

    For TCP/IP:
    http://www.javvin.com/tcpipguide.html

    For Linux and Unix:
    http://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285644141&sr=8-1
    http://www.javvin.com/linux-guide.html
    http://www.javvin.com/unix-guide.html

    For Windows:
    http://www.amazon.com/MCSE-Self-Paced-Training-70-294-Second/dp/0735622868/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285644304&sr=8-1
    http://www.amazon.com/MCSA-MCSE-Self-Paced-Training-70-290/dp/0735622892/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285644337&sr=8-1

    For Networking and Security overview with Cryptography:
    http://www.amazon.com/CompTIA-Network-Study-Guide-N10-004/dp/0470427477/ref=sr_1_3?s=gateway&ie=UTF8&qid=1285645046&sr=8-3
    http://www.amazon.com/CompTIA-Security-Deluxe-Study-Guide/dp/0470372966/ref=sr_1_4?s=gateway&ie=UTF8&qid=1285645072&sr=8-4

    Steganography:
    http://www.amazon.com/Hiding-Plain-Sight-Steganography-ebook/dp/B000PY4KFC/ref=sr_1_3?ie=UTF8&m=AG56TWVU5XWC2&s=digital-text&qid=1285645218&sr=8-3-spell

    For Operation Security:
    http://www.amazon.com/Complete-Guide-Security-Privacy-Metrics/dp/0849354021/ref=sr_1_9?s=gateway&ie=UTF8&qid=1285644680&sr=8-9

    Can be used to get base level knowledge of what is on the exam, a lot of what is on the CISSP is covered by the GSEC but in depth:
    http://www.amazon.com/CISSP-All---One-Guide-Fifth/dp/0071602178/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285644902&sr=8-1

    For packet analysis:
    http://www.amazon.com/Wireshark-Network-Analysis-Official-Certified/dp/1893939995/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285644983&sr=8-1
    http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593271492/ref=sr_1_2?s=gateway&ie=UTF8&qid=1285644983&sr=8-2

    A outdated book that should provide an idea of what to study:
    http://www.amazon.com/SANS-GIAC-Certification-Security-Essentials/dp/0789727749/ref=sr_1_2?s=gateway&ie=UTF8&qid=1285644748&sr=8-2

    A near useless book:
    http://www.amazon.com/GSEC-Prep-Guide-Mastering-Essentials/dp/0764539329/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285644748&sr=8-1

    Yes I have read through most of these books not all. Some are also suggested readings that have been provided to me. Do not forget you can bring notes with you so create a good study guide and buy the Javvin Quick reference guides.

    This should get you started!
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    I see. Pretty big list. Sounds like the GSEC is a lot more inclusive than I thought.
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    Dr Eric Cole was my instructor for the GSEC and as he put it, the GSEC is the Security+ on steroids and how to enact many things the CISSP talks about (Not a direct quote but the gist is there). When you take the course it lasts 6 days and up to 12 hours a day with 6 books.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • rwmidlrwmidl Member Posts: 807 ■■■■■■□□□□
    Chris:/* wrote: »
    Dr Eric Cole was my instructor for the GSEC and as he put it, the GSEC is the Security+ on steroids and how to enact many things the CISSP talks about (Not a direct quote but the gist is there). When you take the course it lasts 6 days and up to 12 hours a day with 6 books.

    Agree with the above. My feeling is the GSEC is/was Sec+ on steroids. If you have some experience and take the class, the books they provide are enough to pass the exam (with a good index).
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    That is key,

    The indexation of your material so you can quickly find data to analytically answer questions is probably the most important thing. Just because you have the reference does not mean you know how to apply the information.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Interesting input guys. So would you consider this a basic infosec cert ie something an entry level infosec person should look to obtain or more of an advanced one.
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    Definitely not, it is an intermediate to professional level certification. I would recommend A+, Net+, Sec+, Linux+ and even some Windows certifications at least first. Remember the material you are studying in the official books comes to around 3000 pages. Now there are a lot of diagrams and pictures but it is all good information.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Chris:/* wrote: »
    Definitely not, it is an intermediate to professional level certification. I would recommend A+, Net+, Sec+, Linux+ and even some Windows certifications at least first. Remember the material you are studying in the official books comes to around 3000 pages. Now there are a lot of diagrams and pictures but it is all good information.

    By the EOY (and around the time I will start studying for this) I should have S+ and LPIC-1 in addition to the certs I have listed. I probably won't have any MS certs but I do have all of the lab manuals and student guides for MCSE along with the Windows PKI guide. I think adding a few more things (especially the stenography, cryptography, packet capture and wireless) it should be enough. The one thing I don't know is versions. 2003 or 2008? XP or 7? Debian or Red Hat? What I am thinking is that it is more of a general exam in that regard.
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    For the most part it is vendor neutral, so do not worry about that. Also pick up the Javvin guides and you should be good to go. Best of luck.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • AmcoAmco Member Posts: 73 ■■□□□□□□□□
    Good looking out icon_thumright.gif
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Chris:/* wrote: »
    For the most part it is vendor neutral, so do not worry about that. Also pick up the Javvin guides and you should be good to go. Best of luck.

    Vendor neutral or version neutral?
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    For the most part, it's vendor neutral, although there are some technologies that it will make certain brand examples out of (like on virtualization they'll refer to VMware a lot).

    Here's my two cents on the GSEC vs. the Security+... I spent about a week prepping for the Sec+ and I passed with a 890 / 900. I took the GSEC course after that and even with the open-book exam format, I still had to spend a solid month prepping for the exam and I didn't get anywhere near a perfect score. Indexing your material helps, but the GSEC exam doesn't give you enough time to look up answers for every question. You either know it or don't. And you probably don't want to have to spend the time to look up more than a couple dozen answers in the books because the exam will start getting long and you'll get tired.

    If the Sec+ was an inch deep, the GSEC is easily three inches deeper with the same broad coverage of topics (if not more).
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    Like docrice explained it basically version neutral unless it is explaining certain technologies like VMware and Windows. It does not go into Cisco vs Juniper or Red Hat vs Suse.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Chris:/* wrote: »
    Like docrice explained it basically version neutral unless it is explaining certain technologies like VMware and Windows. It does not go into Cisco vs Juniper or Red Hat vs Suse.

    I don't know if this breaks NDA (I will call SANS if it does) but does it talk about server 2003 or 2008? That's what I meant by version neutral.
  • Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    What I can say is it is not a configuration exam it is an applied security exam. Sorry I cannot be more helpful than that with that question.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I think it's appropriate to say that SANS revises the course / exam focus depending on what's relevant today. That means the material could in theory relate to both Server 2003 and 2008. Maybe it might reference XP or 2000 depending on what they're trying to teach you. In other words, I don't think the GSEC looks at the latest-and-greatest versions of technologies for the sake of only looking at the newest stuff on the market. If a lot of today's security issues revolve around Server 2003 because it's still used by many, many businesses, then I'm sure it'll get a mention.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Chris:/* wrote: »
    What I can say is it is not a configuration exam it is an applied security exam. Sorry I cannot be more helpful than that with that question.

    That's good. I think I get what you are saying.
Sign In or Register to comment.