Sans GCIH – To do or Not

Viewing 7 reply threads
  • Author
    • #5687

      Hello Everyone,

      I have been saving couple of bucks this year to spend on training.  So decided i should look into Incident handling( which i have no experience ).  Browsed sans course curriculum website, seems similar to a pen testing course. So I’m not sure that whether i should go for this course specially when I’m spending around 4k myself. Members over you have previously done this course could advise me ” what exactly i would get out of the course” I’m really interested in incident handling.

      Are there any better courses courses for incident handling  ???( I’m looking to get good knowledge don’t care about the value of certification )

      Should I be look into sans 408 ?? or ECIH

      Please advice

    • #35787

      Is this your first security cert? What is your background like?

    • #35788

      Hello Dark Knight thanks for replying.

      No this is not my 1st security cert and i have previously taken courses with sans.

      well I’m have been working in security operations/auditing for a while.

    • #35789

      This course includes a lot of hacking concepts because you need to know how common attacks (at an extreme minimum) are performed in order to properly respond to them. The course is definitely taught from a defensive / reactive perspective, which I believe is what you’re looking for. On the other hand, the GPEN focuses on the offensive aspects of penetration testing / ethical hacking.

    • #35790

      Thanks for the info dymanik. I’m definitely don’t want overlap as i would be planning for OSCP or similar kind of course in future as well i have ECSA/LPT.

      I would believe GCIH is about how to counter the incidents using various tools & tricks along with methodologies ??

    • #35791

      At this point I have started thinking that enrolling for courses like that is a wastage of money , maybe I am wrong . These days we have blogs , and every one starts a blog in someway to let you know several stuff , there are free online tutorials to help you get into action , there are free resources ( even from companies like google ), there are cheap used books on amazon . One can take help from those if he is skilled enough on google and learn a lot of things . As far as crossover query is concerned I would say 4K is too much , maybe I am wrong depending on that factor how much other people earn .

      Check out the following links out


    • #35792

      Hello crossover,

      I really like the SANS IH course as it’s a great introduction to the incident handler process and from what you’re saying, I’d think this is a good starting point.

      More advanced or very focus IH courses are from US CERT or one I’d love to take is Richard Bejtlich’s course

      COm_BOY –

      If you have the time, energy, resources and luck to find everything you need and then can make sense of it online, then go for it. There’s a lot of very poor information out there on the web, so paying for training that has been peer reviewed and raved about mean you get an excellent education in a very short time space. Money outlays from courses can be a problem, but as long as it’s invested wisely, it pays for itself in the long run and over the course of your career.

      I really enjoyed the back track course, but even with the 60 day labs, I was under a lot of time pressure. Given the option of having six days in a class room with like-minded people over sitting at home for a month with a million real world distractions, I’d opted for the classroom. 🙂

    • #35793

      I would say from my experience. I have taken courses for EC council  and other security certs but nothing came close to sans quality inspite being expensive i always was happy with quality and the style of teaching (though they will never come down on prices )

      I have checked courses they don’t seem technical as GCIH. ECIH ( i wasn’t satisfied with ecsa/lpt course  which i took in past )

Viewing 7 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?