So I just passed GSEC....

And I find myself mystified as to why the SANS name, and this certification, seem to get so much respect.

Now, I'm going to say some not so nice things about SANS and the GSEC. Let me preface that by saying that I'm an IT professional with pretty close to two decades of experience. This certification is not targetted at me. The only reason I pursued it was because work required it, and they paid for it.

As I read through the sans course books, I learned absolutely nothing new. Everything they presented I either knew from just general playing around and reading Wikipedia articles and Slashdot comments. I was told it was a high level overview of security, but that was just a little too high level.

I read through all the course material once, just to familiarize myself with where the material was located should I need to actually look a question up. During the actual exam, I looked up maybe 5 questions, the majority of them I answered just off of gut instinct (and I scored 92%).

If you're new, this is probably a good place to start, but you need to understand that this is a primer. It's security 101. You *will* need to keep learning to actually grow. I'd recommend the course to newbies if the pricetag wasn't so high, so the only way I can comfortably recommend it is if you get someone else to pay for it.

If you're like me, an experienced professional, and you're considering taking GSEC.... unless you've just got a ton of free time and cash laying around, skip it, unless you're in the same situation I was (ie, employer requires it, and they pay for it)

Find more posts tagged with

Comments

Paul Boz

Duh. It's called "security essentials" for a reason. You should have known that going in. If you took a more advanced course you would have different feelings. I also did not learn anything new via the GSEC but I understood that going in.

You didn't say anything "not nice" about SANS or the GSEC, you simply stated the intent of the course.

Forsaken_GA

Paul Boz wrote: »

Duh. It's called "security essentials" for a reason. You should have known that going in. If you took a more advanced course you would have different feelings. I also did not learn anything new via the GSEC but I understood that going in.

You didn't say anything "not nice" about SANS or the GSEC, you simply stated the intent of the course.

I did know that going in! It's one of the reasons I was annoyed this requirement was foisted on me, I knew it was a waste of my time.

But for some reason, the SANS name seems to invoke a sense of reverence among infosec folks, and alot of the folks I know who work in IT, but don't touch infosec seem to be impressed by the GSEC (apparently, the more a certification costs, the more prestigious it is).

I am highly unimpressed, and the only way I'll be taking any other GIAC certs is if I'm forced into it.

TrainingDaze

I understand, I had a similar experience when I test drove a 1965 BMW this past weekend and I am also very unimpressed.

The car had no CD player, no navigation system, no bluetooth! I just don't get where BMW earned this reputation of being a luxury automaker with modern features when the car I test drove didn't even come with factory heated seats....

Forsaken_GA

TrainingDaze wrote: »

I understand, I had a similar experience when I test drove a 1965 BMW this past weekend and I am also very unimpressed.

The car had no CD player, no navigation system, no bluetooth! I just don't get where BMW earned this reputation of being a luxury automaker with modern features when the car I test drove didn't even come with factory heated seats....

That would work if the training material I have wasn't dated 2010

JDMurray

Will you be posting a similar review of the Security+ exam?

Forsaken_GA

JDMurray wrote: »

Will you be posting a similar review of the Security+ exam?

Sure, maybe after I lose enough brain cells to actually take it.

Sheesh, and I thought network guys were a bunch of snobs

You're the mod, feel free to delete the post if you feel my content is inappropriate.

Forsaken_GA

More to the point, this is not the same as running down to your local barnes and noble, picking up a Sec+ book, and then paying Comptia what, a couple hundred bucks?

If I remember right, the out of pocket cost is around 3 grand. I know the invoice for me with our discount was 2200ish. So there's a bit of a price difference. It's my opinion that this is a bad investment in career development, I'd have much rather those training dollars had been spent on something that would have actually been beneficial.

Now, I happen to think that's good information that someone who's considering the GSEC should have. If y'all disagree, that's fine, but I can live without the snark.

JDMurray

Forsaken_GA wrote: »

You're the mod, feel free to delete the post if you feel my content is inappropriate.

No need to do that. I actually think your review is very useful for people who are wondering if they should spend the time and money to attempt the GSEC. I'm always glad to receive the opinions of people who have experience with the actual cert exams--assuming the opinions come from the horse's mouth and not the other end.

docrice

The GSEC to me was also a bit of a letdown, but probably because of its overall reputation and how often folks refer to it by name. It's like the CCNA - an introduction to the field (like how the GSEC is a little more than Sec+, the CCNA is a little more than the Net+). I think once you're past year five in your security career, the GSEC shouldn't be difficult in general.

Once you get past your CCNA and start working in the real-world, you realize how your CCNA studies only skimmed the surface and that there's a lot more down the road to pick up.

ibcritn

During my own research with GIAC certs its seems GSEC has the most demand.
I don't think GSEC would do much for skills, but I am really enjoying SANS 504/560.

ipchain

Congrats on the pass. I would not pay out of pocket for the GSEC personally and the only reason I will be doing it is because my employer will pay for it. I can't say for the same other courses such as GCIA, GCIH, GCFW, GPEN, etc...these should be worth every penny!

dynamik

Forsaken_GA wrote: »

I am highly unimpressed, and the only way I'll be taking any other GIAC certs is if I'm forced into it.

It's too bad if you let the GSEC influence you so much. It's the only 400-level course that will earn you a certification. The 500-level courses go into considerably more depth (i.e. decoding packets from hex), and you'd probably find them more interesting.

Personally, I challenged the exam with no materials and finished in around an hour with a score in the high-90s. I know other people who went through the course, had the materials, spent the entire four hours, and barely passed. The latter is closer to the target audience for this exam IMHO. I only took it because it's a GSE prereq.

Forsaken_GA

dynamik wrote: »

It's too bad if you let the GSEC influence you so much. It's the only 400-level course that will earn you a certification. The 500-level courses go into considerably more depth (i.e. decoding packets from hex), and you'd probably find them more interesting.

Personally, I challenged the exam with no materials and finished in around an hour with a score in the high-90s. I know other people who went through the course, had the materials, spent the entire four hours, and barely passed. The latter is closer to the target audience for this exam IMHO. I only took it because it's a GSE prereq.

Honestly, when it comes down to it, I'm just not that interested in InfoSec. The only reason I took it is because I work for a security company, but I'm in operations, so I don't have anything to do directly with the managed security solutions we provide, I just support the guys that do. Apparently there was some culture lashback and the security oriented folks felt they couldn't deal well with operations folks because we didn't have any security training. Management decided to require all operations employees to pass GSEC in an attempt to help us all speak a common dialogue.

They've been talking about requiring us network guys to take the firewall cert, but so far we've been successful in resisting.

ayesecurity

Please where can I get practice questions for the GSEC exam?

Thank you.

kriscamaro68

ayesecurity wrote: »

Please where can I get practice questions for the GSEC exam?

Thank you.

This is pretty much the only resource out there for practice questions: Exam Practice Test

SephStorm

Forsaken_GA wrote: »

It's my opinion that this is a bad investment in career development, I'd have much rather those training dollars had been spent on something that would have actually been beneficial.

I would disagree because:

1. GSEC qualifies for IT lvl 2 for DoD 8570 and is better prep than the other possibilities at that level, covering not just security, but networking concepts and Operating Systems. For entry level personnel performing these duties, its perfect.

2. GIAC certs are generally more rare than CompTia or other providers of entry level certs, and is still recognised, so it may have a greater employment value in distinguishing value. An employer may have 200 applications with Security+, but only 50 with GSEC. Based on what i've read, GSEC requires a more intimate knowledge level, at least in the material, though this may not transfer to the exam. Therefore, as an employer, I would hire the GSEC because they may have more practical knowledge, rather than theoretical knowledge.

3. If I was an employer and a GSEC individual came in for an interview, I would ask how they studied and who paid for the material/exam. If you paid 3 grand out of pocket GSEC, you get some respect in my book. I've seen this. I've been an conversations where people assumed the military paid for my certs. I tell them, no, I took leave and paid out of pocket, and that eyebrow goes up. When you take time away from family, and or personal time, to develop yourself personally rather than relying on the employer, they like and respect that. not only may you save them money, but you have shown a measure of dedication to your career, and your employer's time and money.

just my thoughts.

Forsaken_GA

SephStorm wrote: »

I would disagree because:

1. GSEC qualifies for IT lvl 2 for DoD 8570 and is better prep than the other possibilities at that level, covering not just security, but networking concepts and Operating Systems. For entry level personnel performing these duties, its perfect.

Well, I did say that if you're at the beginning of your career, and you can get someone else to pay for it, it may be worthwhile, but that's about it.

2. GIAC certs are generally more rare than CompTia or other providers of entry level certs, and is still recognised, so it may have a greater employment value in distinguishing value. An employer may have 200 applications with Security+, but only 50 with GSEC. Based on what i've read, GSEC requires a more intimate knowledge level, at least in the material, though this may not transfer to the exam. Therefore, as an employer, I would hire the GSEC because they may have more practical knowledge, rather than theoretical knowledge.

Yes, this is the myth that basically has my panties in a wad over it. This perception is simply not true. The training material requires nowhere near an intimate level as you may think. As I said above, I could have passed this exam solely based on my own curiosity and the casual perusal of slashdot comments and wikipedia articles. Dr. Eric's podcasts were infuriating enough that I contemplated finding a kitten, and kicking it. A cute one. I simply do not believe the cert is worth the price of admission.

Now, that's not to say that if I find myself seeking employment anytime soon, I'll avoid playing up the above sentiment. I have no problem with personal gain via others ignorance!

ITforyears

But I just passed the GSEC and even though I have 20 years of IT experience; it was not a cinch.

My reason why I received a low passing grade....

1) I am a government employee so did not receive the course materials.

2) Not really versed on linux command lines and tools

3) Wireless hacktool information (e.g. bluesnarfing)

4) and forgetting some basic IT knowledge. I knew IPv4 down pat but IPv6 provided some challenges.

I did not do any of the labs but I am not going to use that as a reason for not scoring better.

Never take a cert exam for granted.

Earned thus far.

A+, N+, Sec+, CCNA, CASP, GSEC, MCSA - BS & MS in IT.