Security Cert advice




Posts: 1

Joined: Sat Sep 18, 2010 8:20 am

Post Sat Sep 18, 2010 9:08 am

Security Cert advice

I'm looking some advice on picking up a couple certs. I've got some 13-14 years IT experience, 11 in an enterprise environment, doing everything from hardware repair to forensic memory analysis. The last 4 years I've been doing primarily security (IDS/network analysis, incident response,policy), infrastructure (Cisco voice and data), and web development administration (IIS, Apache, Tomcat). I've never bothered with certs before, but now as I'm looking for a different position I feel that absence may be closing some doors for me despite my experience. So I'm looking at a couple things - firstly a cert that's worth at least something that I can throw on my resume and that won't take more than a month to prepare for and minimal expense, secondly a higher level cert that I can afford time and money wise to pick up but that is well respected and will actually teach me some things in the process. The two I've sort of settled on are the GIAC GSEC and the OSCP.

I've taken the assessment exam for the GSEC and scored high on that (mid to high 40's out of 50, don't remember the exact number). All but one of the wrong answers were either brain-farts or one of those "Oh, that's what they were getting at" type questions. I feel pretty prepared for that test from just past experience, but I'm trying to find some kind of course work out there to look through to see what all might be on the exam beyond what I saw on the assessment test as well as how they phrase certain topics. Anyone know of anything out there for that test that isn't outdated or of any reall expense (< $200)? Is that cert of sufficient value to accomplish what I am looking for? I'm not really interested in playing the ISC2's games with the CISSP or I'd sit for that.

I have no issues seeing the value in the OSCP and I like the fact that it won't cost be $3-4k to get through it.

I'm looking to move to a dedicated security role in either an enterprise defense type position or with a managed security services firm/pentest team. I need to have both avenues open as employment options are somewhat limited in my area.


User avatar

Sr. Member
Sr. Member

Posts: 379

Joined: Tue Dec 30, 2008 1:53 pm

Post Sat Sep 18, 2010 9:17 am

Re: Security Cert advice

The nice thing about the GSEC is it is a DoD 8570 recognized certification, so it will open doors in gov't contracting and direct hire federal jobs. It is definitely do-able through self-study. The GSEC is more technical in nature than the CISSP, but there is a good bit of overlap in subject matter. When you sign up for the certification, you will get two practice exams from GIAC. These exams are very much what you will see on the actual exam, so take them as you would the real exam and you'll get a good idea of how you will do. Also, keep in mind that GIAC exams are open book, so if you take good notes in your studies, you can refer to them during the exam.

I can't really tell you much about the OSCP from personal experience, so I will let some of the others from this community take up the slack...

eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+

Return to General Certification

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software