.

Sans GCIH - To do or Not

<<

crossover

Newbie
Newbie

Posts: 21

Joined: Thu Apr 01, 2010 1:39 pm

Post Thu Oct 14, 2010 7:00 pm

Sans GCIH - To do or Not

Hello Everyone,

I have been saving couple of bucks this year to spend on training.  So decided i should look into Incident handling( which i have no experience ).  Browsed sans course curriculum website, seems similar to a pen testing course. So I'm not sure that whether i should go for this course specially when I'm spending around 4k myself. Members over you have previously done this course could advise me " what exactly i would get out of the course" I'm really interested in incident handling.

Are there any better courses courses for incident handling  ???( I'm looking to get good knowledge don't care about the value of certification )

Should I be look into sans 408 ?? or ECIH

Please advice
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Thu Oct 14, 2010 7:58 pm

Re: Sans GCIH - To do or Not

Hi,
Is this your first security cert? What is your background like?
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

crossover

Newbie
Newbie

Posts: 21

Joined: Thu Apr 01, 2010 1:39 pm

Post Thu Oct 14, 2010 8:19 pm

Re: Sans GCIH - To do or Not

Hello Dark Knight thanks for replying.


No this is not my 1st security cert and i have previously taken courses with sans.

well I'm have been working in security operations/auditing for a while.
Last edited by crossover on Thu Oct 14, 2010 8:24 pm, edited 1 time in total.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Oct 16, 2010 1:42 pm

Re: Sans GCIH - To do or Not

This course includes a lot of hacking concepts because you need to know how common attacks (at an extreme minimum) are performed in order to properly respond to them. The course is definitely taught from a defensive / reactive perspective, which I believe is what you're looking for. On the other hand, the GPEN focuses on the offensive aspects of penetration testing / ethical hacking.
The day you stop learning is the day you start becoming obsolete.
<<

crossover

Newbie
Newbie

Posts: 21

Joined: Thu Apr 01, 2010 1:39 pm

Post Sat Oct 16, 2010 8:48 pm

Re: Sans GCIH - To do or Not

Thanks for the info dymanik. I'm definitely don't want overlap as i would be planning for OSCP or similar kind of course in future as well i have ECSA/LPT.

I would believe GCIH is about how to counter the incidents using various tools & tricks along with methodologies ??
<<

COm_BOY

User avatar

Full Member
Full Member

Posts: 129

Joined: Tue Feb 03, 2009 10:40 am

Post Sat Oct 16, 2010 9:50 pm

Re: Sans GCIH - To do or Not

At this point I have started thinking that enrolling for courses like that is a wastage of money , maybe I am wrong . These days we have blogs , and every one starts a blog in someway to let you know several stuff , there are free online tutorials to help you get into action , there are free resources ( even from companies like google ), there are cheap used books on amazon . One can take help from those if he is skilled enough on google and learn a lot of things . As far as crossover query is concerned I would say 4K is too much , maybe I am wrong depending on that factor how much other people earn .


Check out the following links out

hxxp://www.sei.cmu.edu/certification/security/csih/
hxxp://www.eccouncil.org/certification/ ... ndler.aspx
It has become appallingly obvious that our technology has exceeded our humanity.
<<

What90

Full Member
Full Member

Posts: 120

Joined: Sat Jun 09, 2007 2:23 am

Location: Syndey, Australia

Post Sat Oct 16, 2010 10:15 pm

Re: Sans GCIH - To do or Not

Hello crossover,

I really like the SANS IH course as it’s a great introduction to the incident handler process and from what you’re saying, I’d think this is a good starting point.

More advanced or very focus IH courses are from US CERT http://www.cert.org/ or one I’d love to take is Richard Bejtlich's course http://www.blackhat.com/html/bh-ad-10/t ... ng_ts.html

COm_BOY –

If you have the time, energy, resources and luck to find everything you need and then can make sense of it online, then go for it. There’s a lot of very poor information out there on the web, so paying for training that has been peer reviewed and raved about mean you get an excellent education in a very short time space. Money outlays from courses can be a problem, but as long as it’s invested wisely, it pays for itself in the long run and over the course of your career.

I really enjoyed the back track course, but even with the 60 day labs, I was under a lot of time pressure. Given the option of having six days in a class room with like-minded people over sitting at home for a month with a million real world distractions, I’d opted for the classroom. :-)
<<

crossover

Newbie
Newbie

Posts: 21

Joined: Thu Apr 01, 2010 1:39 pm

Post Sat Oct 16, 2010 11:30 pm

Re: Sans GCIH - To do or Not

I would say from my experience. I have taken courses for EC council  and other security certs but nothing came close to sans quality inspite being expensive i always was happy with quality and the style of teaching (though they will never come down on prices )

I have checked Cert.org courses they don't seem technical as GCIH. ECIH ( i wasn't satisfied with ecsa/lpt course  which i took in past )

Return to GCIH - GIAC Certified Incident Handler

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software