+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 50
  1. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #1

    Default GIAC Certified Penetration Tester (GPEN)

    I've just gotten access to the On-Demand portion of the training which i'll start on sunday. So i'm just making a thread to post my experience and thoughts on the course. I'll start from how to apply for facilitator to the week course november 23-28 and then writing and hopefully passing the exam before feburary 23rd 2010.

    Stay tuned seems like alot of info.
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #2
    You apply for the SANS workstudy program under the training/workstudy section of the website. It asks about your goals for doing the program, where you are in your career currently and where you want your career to go.

    Reasons for doing the workstudy are on the website so i won't go into them besides that it's $700 for a course including certification that normally costs $3500. You have to fill out an application for each event you'd like to facilitate at and in my case SANS got back to me within 10 days.

    Acceptance into the course is through email. You must fax back the acceptance letter by a certain date and then follow the other instructions for signing up to facilitate.

    You are expected to review all the information prior to the course as you are working to provide a better program not only for yourself but the other students as well. I won't go into detail what's all included in the training but by the quick overview there is plenty of hands on and a huge amount of information.
    Last edited by GAngel; 10-23-2009 at 06:26 PM.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #3
    I couldn't wait to go through some of the material so I'm listening to one of the lessons by ed skoudis and in it he talks about Encrypting File System (EFS).

    He says its really aweful. "It's shockingly bad and you could make a really strong argument its worse than nothing."

    Why because the crypto key is protected (in most environments) with just the users password for the OS.
    You can dump the password hash and crack it or pass the hash.

    Another problem is if you drag a file into the EFS drive it encrypts it and leaves a clear text copy in the original file system spot. It doesn't properly wipe.
    Last edited by GAngel; 10-23-2009 at 11:46 PM.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #4
    The material is fascinating, and Ed's just freaking awesome in general. I'm going to hit up his webcasts as soon as I get a chance.

    This one is definitely on my to-do list. I can't believe there's currently < 700 (and I work with three of them).

    I'd love to do the GSE eventually; there's only 16 of those!

    Too bad the GSEC's a prereq for that. I emailed and asked if I could substitute something else for that and they said no. That seems like kind of a waste to me since it's basically just a Security+ on steroids. Oh well...
    Reply With Quote Quote  

  6. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,170
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #5
    Quote Originally Posted by dynamik View Post
    Too bad the GSEC's a prereq for that. I emailed and asked if I could substitute something else for that and they said no. That seems like kind of a waste to me since it's basically just a Security+ on steroids. Oh well...
    Have you seen the stack of course material required for the GSEC? The information in just the first manual alone puts the GSEC's difficulty way ahead of the Security+. I'd love to sit in a GSEC workshop, but the instructor is required to present the material at such a break-neck speed that I'd probably not end up retaining much of the information.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #6
    Quote Originally Posted by JDMurray View Post
    Have you seen the stack of course material required for the GSEC?
    Yep, it's within 5ft of me at the moment. I've paged through about half of it. MCSE:S took care of the Microsoft stuff, and pretty much everything else has been review...
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #7
    Quote Originally Posted by dynamik View Post
    The material is fascinating, and Ed's just freaking awesome in general. I'm going to hit up his webcasts as soon as I get a chance.

    This one is definitely on my to-do list. I can't believe there's currently < 700 (and I work with three of them).

    I'd love to do the GSE eventually; there's only 16 of those!

    Too bad the GSEC's a prereq for that. I emailed and asked if I could substitute something else for that and they said no. That seems like kind of a waste to me since it's basically just a Security+ on steroids. Oh well...
    If i had a year off and 20k it would be at the top of my list.
    Reply With Quote Quote  

  9. k-r4d l33t 1nf0s3c g33k unsupported's Avatar
    Join Date
    Jan 2009
    Location
    407
    Posts
    191

    Certifications
    CISSP, GCIH, GCIA, C|EH, Security+, Network+, MCP
    #8
    Quote Originally Posted by dynamik View Post
    Too bad the GSEC's a prereq for that. I emailed and asked if I could substitute something else for that and they said no. That seems like kind of a waste to me since it's basically just a Security+ on steroids. Oh well...
    GSEC is not a requirement for GSE anymore! I am on the GIAC Advisory board and they just announced the changes. The prerequisites are changed to allow the substitution of other upper level SANS course for the gold requirement and it also allows the removal of the GSEC. Check it out at, GIAC Security Expert (GSE). This is what it boils down to:

    GSE Pre-requisites (updated 10-12-2009):

    GSE pre-requisite baseline is: GSEC, GCIH, GCIA with two gold.

    GSEC pre-requisite is unique because of dual windows and unix coverage.
    Substitution options:

    1. GCWN & GCUX combined can act as a substitute for GSEC
    2. Higher level certifications can act as substitutes for gold papers examples: GCFA, GCFW, GCUX, GCWN, GCED, GPEN, GWAPT, GAWN, GREM

    GSE pre-requisite list (including substitution options):

    (A) GSEC, GCIH, GCIA with two gold
    (B) GSEC, GCIH, GCIA with one gold and one substitute
    (C) GSEC, GCIH, GCIA with no gold and two substitutes
    (D) GCWN, GCUX, GCIH, GCIA with one gold
    (E) GCWN, GCUX, GCIH, GCIA with no gold and one substitute

    I've been toying with the GSE, but I'm too busy with school. I hope this helps.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #9
    Quote Originally Posted by unsupported View Post
    GSEC is not a requirement for GSE anymore! I am on the GIAC Advisory board and they just announced the changes. The prerequisites are changed to allow the substitution of other upper level SANS course for the gold requirement and it also allows the removal of the GSEC. Check it out at, GIAC Security Expert (GSE). This is what it boils down to:

    GSE Pre-requisites (updated 10-12-2009):

    GSE pre-requisite baseline is: GSEC, GCIH, GCIA with two gold.

    GSEC pre-requisite is unique because of dual windows and unix coverage.
    Substitution options:

    1. GCWN & GCUX combined can act as a substitute for GSEC
    2. Higher level certifications can act as substitutes for gold papers examples: GCFA, GCFW, GCUX, GCWN, GCED, GPEN, GWAPT, GAWN, GREM

    GSE pre-requisite list (including substitution options):

    (A) GSEC, GCIH, GCIA with two gold
    (B) GSEC, GCIH, GCIA with one gold and one substitute
    (C) GSEC, GCIH, GCIA with no gold and two substitutes
    (D) GCWN, GCUX, GCIH, GCIA with one gold
    (E) GCWN, GCUX, GCIH, GCIA with no gold and one substitute

    I've been toying with the GSE, but I'm too busy with school. I hope this helps.
    I was actually looking over the updates with dynamic and quite frankly it may as well be unless someone wants to do it at twice the cost to get GCWN & GCUX you must hold GSEC. The only things the other exams really do is substitute gold papers which once again would come at a huge cost dis-advantage as opposed to doing the papers.

    The economical way to do it for someone who is paying for it themself is option A.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #10
    It was funny, I actually emailed them on the 12th and bitched about GSEC being a requirement

    Yea, I'm not going to take advantage of the substitution since it's twice as much money for those two. However, it is nice to be able to substitute the GPEN and GCFW for the two gold papers (when I theoretically get them in the future).
    Reply With Quote Quote  

  12. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #11
    I was hoping that the GCFW would sub for the GSEC but that not being the case I don't really see the GSE in my future. I'm not interested enough in Windows and Unix security to spend $3500 on the courses and I feel doubly that way about the GSEC. I know that the GCFW counts as a gold paper but I'm intending on writing a paper for the GCFW anyway. Ho hum.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #12
    So do GSEC, GCFW + Paper, GCIH, and GCIA. You can challenge the GSEC for $900.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #13
    Quote Originally Posted by dynamik View Post
    So do GSEC, GCFW + Paper, GCIH, and GCIA. You can challenge the GSEC for $900.
    $900 for a security++ exam

    Just got an email from SANS they have a new cyber guardian program that looks fantastic.
    About the Program

    SANS' Cyber Guardian program is designed for the elite teams of technical security professionals who are part of the armed forces, Department of Defense, or other government agencies whose role includes securing systems, reconnaissance, counterterrorism and counter hacks. These teams will be the cyber security special forces where each individual's role makes the team successful.

    What a CISSP should really be i'd wager not a one off test:
    Program Prerequisites
    • A minimum of 5 years of experience in information security
    • Outstanding performance reviews from commanders/managers
    • Recommendations from commanders/managers and peers
    • Completion of the GIAC Security Essentials Certification (GSEC) exam with a score of 80 or above or hold a CISSP certification
    Exams you write are GSEC,GCIA,GCFA and GPEN + GSE
    Reply With Quote Quote  

  15. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,455

    Certifications
    GCIH, CCNA, MCTS
    #14
    Quote Originally Posted by GAngel View Post
    $900 for a security++ exam

    Just got an email from SANS they have a new cyber guardian program that looks fantastic.
    About the Program

    SANS' Cyber Guardian program is designed for the elite teams of technical security professionals who are part of the armed forces, Department of Defense, or other government agencies whose role includes securing systems, reconnaissance, counterterrorism and counter hacks. These teams will be the cyber security special forces where each individual's role makes the team successful.

    What a CISSP should really be i'd wager not a one off test:
    Program Prerequisites
    • A minimum of 5 years of experience in information security
    • Outstanding performance reviews from commanders/managers
    • Recommendations from commanders/managers and peers
    • Completion of the GIAC Security Essentials Certification (GSEC) exam with a score of 80 or above or hold a CISSP certification
    Exams you write are GSEC,GCIA,GCFA and GPEN + GSE
    SANS Cyber Guardian Program
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #15
    Quote Originally Posted by GAngel View Post
    $900 for a security++ exam
    We share that sentiment, believe me...
    Reply With Quote Quote  

  17. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,170
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #16
    And having "GSEC" on your resume doesn't do much for you, unless you are a DoD contractor or are teaching the GSEC class.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #17
    I finally started getting into the ondemand material. Only 2 weeks left until the class. On the last 2 parts of section one which I'll finish tonight. Been nothing but a refresher so far which is good expect section two to be more hands on. Very good advice for the industry far more than I expected.
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #18
    I downloaded freebsd and fedora 11 last night and spent it doing the linux brush up section in the course. (this part alone is probably worth the money for the course) I'll probably have to do it 5-10 more times to really get back into things but i'm enjoying it. I'm just over 30% of the way through the on demand and it's been nothing but quality so far.

    Only 10 days till the class now so accelerating the learning curve a bit. Hope to be at 70% by the end of the weekend.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #19
    Another little tidbit I picked up is that nmap,nessus,snort all are programmed in a language called lua
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #20
    I thought Lua was used to script those, not that they were programmed in them.

    And I believe Nessus uses NASL, not Lua. Lua is also supported by Wireshark.
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #21
    Quote Originally Posted by dynamik View Post
    I thought Lua was used to script those, not that they were programmed in them.

    And I believe Nessus uses NASL, not Lua. Lua is also supported by Wireshark.
    woops wrong word script is correct. You can create scripts to run in all three using lua. Yes to wireshark. My brain is a total mess between taking that god aweful buckley's and being at this for the last 5 hrs.
    Reply With Quote Quote  

  23. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,170
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #22
    Lua is a freely-available scripting language that first found wide use in the computer gaming world, where it got noticed by the Hack-ish community as a good alternative to PythonScript, or inventing your own ad hoc scripting language. Commercial companies have also adopted Lua as a way to a way to configure and extend their products (Adobe Lightroom is suppose to be around 40% Lua). There are a couple of good books about Lua too.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #23
    I've finally had a chance to update this. It's been a whirlwind week.

    It was GPEN with bootcamp so it went from 9-7 on most days. We covered everything from writing the report to using rainbow tables.
    The course was thought by Rick Smith one of the GSE's and he's a smart cookie. He took the time to answer everyone's questions throughout the course. The capture the flag on the last day is challenging. Do-able if you have the time to sit and think about it but we all ran out of time in our groups though one team got extremely close.

    There was a mix of security pro's there from all across eastern canada so lots of good networking went on.

    As for being a facilitator the main duties were helping set up the lap, cabling, network. Getting everyone checked in and all there stuff assigned to them on day one. Collecting the evaluations and tallying them daily and generally answering questions and making sure everyone was ok. Very good trade off for what I learned.

    I did learn you can buy the sans coursebooks usually available at one of the big conferences. We had a couple of extra books and it was being sold to us if we wanted to give it to others we knew if they wanted to challenge the exam.

    Once i get the email to take the exam I'll schedule it for about 2 weeks time and in the meantime I'm going over all of it again.
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #24
    Quote Originally Posted by GAngel View Post
    I did learn you can buy the sans coursebooks usually available at one of the big conferences. We had a couple of extra books and it was being sold to us if we wanted to give it to others we knew if they wanted to challenge the exam.
    Really? You can only buy them at the conferences? How much are they? I might run out to the New Orleans one (if I don't get selected for work-study) and pick some up.
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    669

    Certifications
    Most Recent: CISSP & CCDA
    #25
    Quote Originally Posted by dynamik View Post
    Really? You can only buy them at the conferences? How much are they? I might run out to the New Orleans one (if I don't get selected for work-study) and pick some up.
    Messaged as I don't know if that's official policy only what we got told.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks