Free and low-cost study source=SANS Information Security Reading Room. Pick a topic and there are several papers that received honors status on the GSEC certification. http://rr.sans.org You CAN challenge SANS certifications for a fairly low cost ($425). http://www.giac.org/cert_programs.php -- Brent Deterding -----Original Message----- From: peleus [mailto:peleusat_private] Sent: Thursday, January 03, 2002 12:16 PM To: securityjobsat_private Subject: Re: Article: 10 Hottest Certifications for 2002 The one advantage of the (ISC)2 certs over the GIAC certs are the availability of free and low cost study sources. It is possible to get a book, study on your own, and challenge the test. I will admit that this has certain drawbacks and you run the risk of having memorization without understanding. However, in some instances it is worthwhile such as the GSEC where if you are not new to the field, a $2k course isn't much help. I know GIAC is working towards allowing you to challenge all of the exams sans SANS (pardon the pun). However, I haven't seen a whole lot of free material or books available. Even SANS online study guides are still $1k. Does anyone know of any resources outside of SANS for studying for the GIAC? I would really like to pursue the GSE but I doubt I can convince my company to pay $20K and several weeks off from work for me to pursue all of the certs through SANS. thanks, -Peleus On Wed, 2 Jan 2002 Bill_Roydsat_private wrote: > > > > SANS GIAC is more and more being governed by the holders of the > certificate (the governing boards are the honors holders) so it is > becoming less of an anti-CISSP group. > Here there is some complementarity, since most GIAC certificates are > for depth in relatively small areas. There are 2 overview Certifications, > GSEC (General Security) , useful as an overview, and the new GISO > (Information Security Officer) , more of higher level cert. If CISSP is > the 10,000 foot view, GIAC is in the trenches. > One thing that GIAC does that (ISC)2 should do is ask for a practical > paper as well as multiple choice. > I feel that questions that refer to color of Rainbow series books are > really memory work, not understanding. > Trivia is not knowledge. Analysis requires it. > > Bill Royds > System Administrator, CHIN > ph: (819) 994-1200 X 239 > > > > > > rferrellat_private > 01/02/02 05:55 AM > > > To: securityjobsat_private > cc: (bcc: Bill Royds/HullOttawa/PCH/CA) > Subject: Re: Article: 10 Hottest Certifications for 2002 > > > > Finally, the certification was originally designed > > for and by federal gov't types...govvies. Many of > > the questions when I took the exam in '99 were > > heavily weighted toward the Rainbow Series, > > particularly the Orange and Red books. The CPEs > > are heavily weighted toward govvies, as well...I > > don't know many commercial consulting firms that > > can have their employees running off to > > conferences and doing other things that they can't > > bill to, all to get these CPE points. > > Oh, I don't know...I'm a 'govvie' and I'm just a couple > of hours short of recertification for CISSP without > attending a single conference. > > I will admit, though, that all certifications in the InfoSec > field that I've investigated (not just CISSP) are pretty > darned self-serving. They tend to be highly competitive > with one another, and to me that just hurts us in the > overall picture. Certs should ideally be complementary or > reinforcing, not mutually exclusive. I'd be a lot more > inclined to pursue GIAC (I'm a big fan of SANS) if they > weren't so frankly anti-CISSP. I'm sure GIAC folks find the > reverse to be true. Instead of competing against one another, > it would be nice to see some cooperation and a concerted attempt > for each to fill in the gaps left by the other. > > Cheers, > > RGF > > Robert G. Ferrell, CISSP > http://rferrell.home.texas.net/rgflit.html > rferrellat_private > > > > >
This archive was generated by hypermail 2b30 : Fri Jan 04 2002 - 10:53:52 PST