I have not taken my CISSP yet, so I can't really make a true comparison. However, I will say that the GSEC covers A LOT of information. I'm not sure if you've actually taken any of the SANS courses, MaXe, or just challenged exams, but the GSEC material was twice as voluminous as the GCIH or GCUX material! This does not make it more difficult per se, but it does mean that you have to know more about more topics. Also, from what I've read (remember I haven't taken the CISSP yet), you have to know greater technical detail than what the CISSP tests you on. From reading some of the study material for the CISSP, I believe this to be true.
I heard from a friend / colleague, that CISSP was a mile wide, and a foot deep. (While OSCE was a foot wide, but a mile deep.) I think in this case, GSEC is perhaps half a mile wide, and 5 foot deep. But thanks for at least informing me that it appears GSEC requires greater technical detail.
The beauty of the GIAC exams is that they tell you pretty much everything that is going to be on the exam on their website. Its up to you, though, to determine what you need to know under each topic. If you feel pretty comfortable with a majority of the topics covered, you should do fine with some study on the remaining topics.
I can relate to that, since I did a GWAPT practice test I had received from a friend, and without any study I scored 80%. (I flagged questions too, which I didn't do during GPEN, but I wasn't satisfied with some of the questions during GWAPT.) I think GSEC would require a very good all-around "Jack of all Trades" knowledge, in order to be passed.
What I did during GPEN, was to take a practice test, where I scored 77% and then I realized I had to study, but the results also showed which topics I failed somewhat and hard on
That is very nice, since you know exactly which topics in your toolbox, whether it's theoretical or technical, that should be improved. (So yeah, after studying for a week I took the exam and scored 87%, which I find acceptable
)
I found the material on cryptography and securing Windows to be the most challenging, but that's just me...I'm sure if you asked someone else, they'd claim completely different topics.
If you have specific questions that won't cause me to break my NDA, feel free to PM me.
I believe that must be quite challenging, especially for a certification where you have to know almost all the topics, many techniques, methods, etc.
GCIH seemed interesting as well, I might go for that in the future, and it looks like it's gained popularity as well
OSCP - Offensive Security Certified Professional : Class Scheduled 6/8 - Linux n00b
