December 26, 2007 at 4:37 am #1907
I am a an security professional in the financial institution space and am interested in the CPTS. In my work I am involved in risk assessments and also alot of penetration testing including web app vulnerability scanning. I looking to take the course by Mile2 to get more structured exposer to alot of the tools especially the main ones like NMAP,Nesses, password crackers etc. . I have heard some differnt things such as the CPTS focus a lot on the manual exploit techniques such as creating your own scripts inPERL or soemthing like that. In my position most of our projects don’t allow a ton of time to work on these more time consuming manual procedures and we have to rely mostly on scanning tools and analysis the output. Does the CPTS fit this type of purpose well? Does the course even go into analysis of the otput at all? Or is it primarily jsut show you how to install ,configure and run multiple tools?
I have also looked at the SANS GIAC couses like the Certified networkand system auditor course or the GCIH. GCIH has alot of info but I haven’t heard too much on the GSNA.
December 26, 2007 at 11:42 am #15127AnonymousParticipant
did you look at the objectives?
December 27, 2007 at 2:42 am #15128
Yes, and to be honest it is marketing material from Miles2 I am trying to get actual insight from people who have taken these courses.
December 27, 2007 at 3:09 am #15129AnonymousParticipant
the OBJECTIVES shouldnt be marketing hype they are the objectives. the rest, well maybe.
if you have the budget, you’re better off with a SANS course over CEH or CPTS especially since it looks like you are doing more compliance scanning than real penetration testing the GCIH is a good place to start.
‘The world does not need any more “ethical hackers”. What is needed is more people who know the six steps for properly handling an incident’ – Ed Skoudis
December 27, 2007 at 6:10 am #15130
Thnaks for the info Chris and I not sure where the scanning that we do falls as far as being compliance scanning or real pen testing. All I know is my firm sells this service as pen testing though it is generally related to a larger project scope such as annual compliance etc. Also, a good protion of it is application vulnerability testing but in any case I am going to take the GCIH course. I forgot to mention that for me taking the exam and getting the actual certification is secondary to the course and the knowledge learned from the course and it’s material. So for example I doubt I would ever really care to take the CPTS exam though I would probably take SANS CERT test just ecause they are well respected.
February 5, 2008 at 3:21 pm #15131ligallamaParticipant
hi to all,
Am interesting on penetration test specialist,
but I cant afford the training costs.and its real my desire to know this interesting course i ever seen.
I did cisco CCNA,CCDA,CCNP and pix firewall advanced four year back
and i didnt practice to my office becouse they dont have much complex networking.
but they focus to pen tester.And i feel like I can fit to this rather than finding someone else from outside the company.
so anybody who will be able to support me with all tools,technics and related materials,I will appriciate.
Am waiting for any body.
with best regards
February 5, 2008 at 8:16 pm #15132bigwhiffParticipant
I would strongly recommend the GCIH exam and class structure over the CEH. With limited study you can complete the CEH after the GCIH class you couldn’t pass the GCIH after a CEH. At least not with limited effort.
You must be logged in to reply to this topic.