Sheiko37 wrote: » I've searched the forum but hoping to have some tailored input from the experienced users here. I have 5 years in information security, that's all been with one company on one team doing what can be best described as vulnerability analysis. The role is only semi-technical, we have to know what we're looking at with the data we receive but there's no server access, we don't do any of the "hands on" work. To add to this I have no bachelors degree in computing, so my practical experience is lacking. The strongest domains for me in the CISSP were security operations and risk management, which is also what I most enjoy. I'm much more concerned with the content of my next certification rather than industry recognition. I'm looking at ISACA certifications but I think that's getting ahead of myself. The CEH I hear horrible opinions on, plus the costs and compulsory course are off-putting. GIAC is daunting, there's about 20 different infosec certifications. The eJPT looks good, actually has a practical component, but I've only heard of eLearnSecurity today and can't really find much information on this certification.
SaSkiller wrote: » InfoTech, GIAC is SANS, well effectively it is. In any case the answer is all over the forums. It depends on what OP's goals are. What does OP want to do? If you want to be a pentester, there are a million certs to get you there, and no there is nothing wrong with the modern CEH A lot of the **** talking is a result of old exams and the company is shitty, but the fact of the mater is the material is relevant and useful as you move forward. Look at jobs that you may want in the future, the good ones will tell you what certs employers are looking for for that position. GIAC exams are mostly straightforward. The material is there, you have to study it and understand it.
InfoTech92 wrote: » Aren't there multiple SANS certs?
