I took the Security Essentials class last summer, how useful you find it
would depend greatly on your experience. I have had many years of
experience as a systems admin, engineer, etc. I found the class a
complete waste of time. However, if you don't have loads of experience,
and are trying to break ground with HR filters etc, then it may do you well.
When test time came, a few weeks after class, I was even more annoyed.
I don't see the value in seeing if I can memorize, or look up the
parameters that you pass to NMAP. If the questions were more oriented
towards, "Under what circumstances would you use NMAP, and what kind of
output would you expect to get?", then I would see the value. Hopefully
we all know about man or /?, mailing lists, etc.
Kevin
Jos Purvis wrote:
Byarlay, Wayne A. wrote:
Greetings Triluggers, Midwest lurker here,
Are any of you familiar with the SANS organization, and their various
certifications? If so, what is your opinion?
Disclaimer: I've been involved with the SANS organization for a long
time (author, certification grader, attendee, although not instructor).
That out of the way, I like the SANS certifications. If you're looking
at security work, SANS are good technical certifications to have, and
they're starting to show up on more and more job listings alongside
longstanding certs like the CISSP. Having just been through the whole
job search process in security, I can tell you that the CISSP is still
a more valuable cert (especially in terms of money), but the SANS
certs will often get you through the "HR firewall" just as well, and
more employers are recognizing them these days as a plus.
The SANS courses tend to reflect more technical than theoretical
content, although they have a wealth of new certs now and have
realigned the GSEC curriculum to align perfectly with the CISSP
domains (meaning that taking the GSEC curriculum will typically
prepare you decently well for taking the CISSP as well). The CISSP
tends to be described as an inch deep and a mile wide, whereas the
SANS individual curricula tend to be just the opposite--perhaps a foot
wide and a mile deep, as it were. The certification process is easier
than it used to be, as they're trying to encourage growth, but it's
nowhere near a cakewalk, so plan to spend some time working on it
after taking the course.
If you have specific questions about the certification process, what's
involved, the history of the certs, or more of my personal opinions on
the subject (so I don't bore everyone), I'd be happy to share them
with any interested offline--just drop me an email.
Cheers,
Jos
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
