From: infolookup@gmail.com
Date: Wed Dec 19 2007 - 07:54:11 EST
Thank you all again for your great feed back I will start small with the sec+ work on setting up a testing lab( I know this question was ask before I will look it up) and once I start to practice I will look into some of the certs and courses every one mentioned.
Sent via BlackBerry from T-Mobile
-----Original Message-----
From: "Erin Carroll" <amoeba@amoebazone.com>
Date: Tue, 18 Dec 2007 22:23:49
To:<cwright@bdosyd.com.au>, <pen-test@securityfocus.com>
Subject: RE: Re: GCIA, GSEC, GCIH, CISSP, CEH ???
I rarely chime in on the certification threads but I'm going to have to
agree with Craig here for the most part. The SANS tests are thorough and
relatively current. However, as another poster pointed out, they used to be
much harder to obtain as in the murky past there was a requirement for the
certs for passing the test *and* publishing a whitepaper for peer review.
Nowadays that's a platinum level cert.
However, the majority of the more well-known certifications aren't exactly
shabby either, it just depends on what you want to get out of your time.
Each have their strengths in terms of subject matter taught or concepts
explored. Focus on the courses/certs that place greater importance in the
"hands-on show me what you've learned" aspect. I haven't had the chance to
try the OSSTMM tests from isecom but I've heard some good things about the
work Pete et al are doing. When it comes down to it, find something that
lights your fire and pursue it. The best training course or certificate in
the universe isn't going to help you if the material bores you out of your
mind and you don't constantly use what you've learned :)
> -----Original Message-----
> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of
> cwright@bdosyd.com.au
> Sent: Tuesday, December 18, 2007 8:31 PM
> To: pen-test@securityfocus.com
> Subject: Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ???
>
> Hi,
> My vote goes with SANS/GIAC. Take the GSE GIAC Platinum level
> tests and then you really are being tested.
>
> Having 20 something GIAC certs and most of the major other
> ones, I think I am rather unique in being able to compare
> these from experiance.
>
> In this, my money goes to the SANS GIAC ones.
>
> Regards,
> Dr Craig S Wright (GSE-Compliance)
>
> --------------------------------------------------------------
> ----------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> --------------------------------------------------------------
> ----------
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:17 EDT