And... I'll buy the beer on the 5th day. On Tue, Jul 5, 2011 at 11:43 AM, Kevin Shaw <[email protected]>wrote:
> Aaron: > > You'll enjoy Virginia Beach. I say that not just because I live near > there! The conference size is not huge, but not extra small either; and > offers plenty of opportunity for learning outside of the course you may take > > Kevin > > > On Tue, Jul 5, 2011 at 12:58 PM, Aaron <[email protected]> wrote: > >> Gentlemen, >> >> Thanks for your responses. I actually have your book, Seth! I've not >> started it yet, but it is on my CISSP study list. >> >> Thank you all for the advice on the Work Study program. I've applied >> for the Virginia Beach conference which is in a few months. I agree >> that $800 vs $5000 is a hard argument to beat especially when paying >> for it out of my own, shallow pocket. :) >> >> Aaron >> >> On Tue, Jul 5, 2011 at 11:15 AM, mike p <[email protected]> wrote: >> > Aaron, >> > >> > I've never taken Sec301. I have taken both Sec401 and 504 and I can say >> > that if you feel (as I did) that one needed a foundation before jumping >> in, >> > 401 seemed to have more technical/hands on focus vs. Sec301. Having >> said >> > that, I've always had a blast at SANS, so I doubt you could go 'wrong' >> with >> > SEC301, just that SEC401 seems like a better fit for what you describe. >> I'd >> > go for 401. >> > >> > Having said that, please be sure to apply to the Work Study program: >> > >> > http://www.sans.org/security-training/volunteer.php >> > >> > It's SANS training (plus a lot of hard but rewarding work) at a >> discount. >> > The other benefit is it gives you a few months of online access to the >> > materials for the $850 (or so depending on course). It is definitely a >> must >> > if you are paying for SANS on your own dime. >> > >> > HTH, >> > Mike >> > >> > On Tue, Jul 5, 2011 at 10:35 AM, Ty Purcell <[email protected]> wrote: >> >> >> >> Aaron, >> >> >> >> Based on the below, then I second the recommendation of 401 w/ >> bootcamp, >> >> and then take the GSEC certification. That is also one of the certs >> that I >> >> see as desired in some job listings. In my opinion, I wouldn't worry >> about >> >> the Security+ certification. >> >> >> >> >> >> Ty >> >> >> >> -----Original Message----- >> >> From: [email protected] >> >> [mailto:[email protected]] On Behalf Of Aaron >> >> Sent: Tuesday, July 05, 2011 9:17 AM >> >> To: PaulDotCom Security Weekly Mailing List >> >> Subject: Re: [Pauldotcom] SANSFire 2011 >> >> >> >> David, >> >> I guess you can say it is weird that I am a part of this list but have >> >> no official training. My background is in running small businesses as >> >> an IT generalist (for lack of a better term). I've always been >> >> fascinated with security and think I have a knack for it. My wife and >> >> I are currently trying to move west; be it Seattle area, Portland, OR >> >> area, or Denver. What I've (embarrassingly) found in all of the >> >> interviews I've been on is A) I don't have the experience and B) I >> >> don't have the requisite knowledge companies are looking for in a >> >> candidate. Thus far in my career, I've either taught myself everything >> >> I've needed to know whether reading and applying, or picking the >> >> brains of those more knowledgeable than I (hence this list). My >> >> knowledge of systems, infrastructure, TCP/IP, networking, etc has all >> >> been very informal, rudimentary, and full of holes. Again, learning >> >> what I needed to, to accomplish the job/task at hand then moving on. >> >> During the interview process I cannot answer some questions or can >> >> only answer them at a very basic level. (And yes, there is a good >> >> chance I'm being hard on myself, but I don't think I'm too far off the >> >> mark.) >> >> >> >> Regardless of how well I portray this in interviews, companies are not >> >> willing to hire someone on speculation. At least not with the job >> >> market the way it is. Therefore, I've decided on two approaches. First >> >> I'm going for training and certs on my own dime. Second, I'm looking >> >> for entry level positions related to security or positions I think >> >> will benefit me and help me move up to a security position. >> >> >> >> I hope that has cleared some of this up. So, knowing the background, >> >> you can see why I was looking at the lower level courses in which to >> >> start. I think I have a decent technical background and with some >> >> basic certs like Security+ or Networking+ I think I can back-fill >> >> whatever information I'm missing. >> >> >> >> I appreciate your reply about the auditing class. I will need to make >> >> a decision very soon as the conference is only a few weeks away. >> >> >> >> Aaron >> >> >> >> >> >> On Mon, Jul 4, 2011 at 6:21 PM, David Hoelzer >> >> <[email protected]> wrote: >> >> > It's a good course. I know Fred well and he's a good instructor. >> >> > >> >> > It seems weird that someone on this list would have no security >> training >> >> > at all. If you don't mind my asking, what kind of background do you >> have? >> >> > I ask because if you're from more of an operational background and >> are >> >> > looking to apply security to things and develop good practice, I'd >> send you >> >> > straight over to AUD 507 (don't let the audit piece fool you... >> there's >> >> > audit stuff, but it's really what sorts of operational practices and >> >> > controls should be in place that auditors ought to look for). >> >> > >> >> > On the other hand, if you have a decent technical background but >> nothing >> >> > on the security side and aren't worried about development of secure >> >> > practices, I'd send you toward SEC 401. It's a whirlwind tour of >> just about >> >> > everything to do with security. Prepare to be exhausted. ;) >> >> > >> >> > Best regards >> >> > >> >> > >> >> > On Jul 3, 2011, at 3:02 PM, Aaron wrote: >> >> > >> >> >> All, >> >> >> >> >> >> I am looking at attending SANSFire 2011 in DC this month and taking >> >> >> Security 301: Intro to Information Security with Fred Kerby. Does >> >> >> anyone have anything good (or bad) to say about this course? Having >> no >> >> >> formal training in security, I think it would be a great way to get >> my >> >> >> feet wet and get some experience under my belt. Do you think it's >> >> >> worth the $3500 price tag? >> >> >> >> >> >> Thank you >> >> >> >> >> >> Aaron >> >> >> _______________________________________________ >> >> >> Pauldotcom mailing list >> >> >> [email protected] >> >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> >> Main Web Site: http://pauldotcom.com >> >> > >> >> > >> >> > --------------------------------------------------------- >> >> > David Hoelzer >> >> > Director of Research, Enclave Forensics >> >> > [email protected] >> >> > >> >> > >> >> > >> >> > _______________________________________________ >> >> > Pauldotcom mailing list >> >> > [email protected] >> >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> > Main Web Site: http://pauldotcom.com >> >> > >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected] >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected] >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> > >> > >> > _______________________________________________ >> > Pauldotcom mailing list >> > [email protected] >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- John Strand Office: (605) 550-0742 Cell: (303) 710-1171
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
