PaulDotCom mailing list archives
Re: SANSFire 2011
From: John Strand <strandjs () gmail com>
Date: Tue, 5 Jul 2011 12:00:58 -0600
And... I'll buy the beer on the 5th day. On Tue, Jul 5, 2011 at 11:43 AM, Kevin Shaw <kevin.lee.shaw () gmail com>wrote:
Aaron: You'll enjoy Virginia Beach. I say that not just because I live near there! The conference size is not huge, but not extra small either; and offers plenty of opportunity for learning outside of the course you may take Kevin On Tue, Jul 5, 2011 at 12:58 PM, Aaron <subdriven () gmail com> wrote:Gentlemen, Thanks for your responses. I actually have your book, Seth! I've not started it yet, but it is on my CISSP study list. Thank you all for the advice on the Work Study program. I've applied for the Virginia Beach conference which is in a few months. I agree that $800 vs $5000 is a hard argument to beat especially when paying for it out of my own, shallow pocket. :) Aaron On Tue, Jul 5, 2011 at 11:15 AM, mike p <mikeaperez1 () gmail com> wrote:Aaron, I've never taken Sec301. I have taken both Sec401 and 504 and I can say that if you feel (as I did) that one needed a foundation before jumpingin,401 seemed to have more technical/hands on focus vs. Sec301. Havingsaidthat, I've always had a blast at SANS, so I doubt you could go 'wrong'withSEC301, just that SEC401 seems like a better fit for what you describe.I'dgo for 401. Having said that, please be sure to apply to the Work Study program: http://www.sans.org/security-training/volunteer.php It's SANS training (plus a lot of hard but rewarding work) at adiscount.The other benefit is it gives you a few months of online access to the materials for the $850 (or so depending on course). It is definitely amustif you are paying for SANS on your own dime. HTH, Mike On Tue, Jul 5, 2011 at 10:35 AM, Ty Purcell <TPurcell () ffin com> wrote:Aaron, Based on the below, then I second the recommendation of 401 w/bootcamp,and then take the GSEC certification. That is also one of the certsthat Isee as desired in some job listings. In my opinion, I wouldn't worryaboutthe Security+ certification. Ty -----Original Message----- From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of Aaron Sent: Tuesday, July 05, 2011 9:17 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] SANSFire 2011 David, I guess you can say it is weird that I am a part of this list but have no official training. My background is in running small businesses as an IT generalist (for lack of a better term). I've always been fascinated with security and think I have a knack for it. My wife and I are currently trying to move west; be it Seattle area, Portland, OR area, or Denver. What I've (embarrassingly) found in all of the interviews I've been on is A) I don't have the experience and B) I don't have the requisite knowledge companies are looking for in a candidate. Thus far in my career, I've either taught myself everything I've needed to know whether reading and applying, or picking the brains of those more knowledgeable than I (hence this list). My knowledge of systems, infrastructure, TCP/IP, networking, etc has all been very informal, rudimentary, and full of holes. Again, learning what I needed to, to accomplish the job/task at hand then moving on. During the interview process I cannot answer some questions or can only answer them at a very basic level. (And yes, there is a good chance I'm being hard on myself, but I don't think I'm too far off the mark.) Regardless of how well I portray this in interviews, companies are not willing to hire someone on speculation. At least not with the job market the way it is. Therefore, I've decided on two approaches. First I'm going for training and certs on my own dime. Second, I'm looking for entry level positions related to security or positions I think will benefit me and help me move up to a security position. I hope that has cleared some of this up. So, knowing the background, you can see why I was looking at the lower level courses in which to start. I think I have a decent technical background and with some basic certs like Security+ or Networking+ I think I can back-fill whatever information I'm missing. I appreciate your reply about the auditing class. I will need to make a decision very soon as the conference is only a few weeks away. Aaron On Mon, Jul 4, 2011 at 6:21 PM, David Hoelzer <dhoelzer () enclaveforensics com> wrote:It's a good course. I know Fred well and he's a good instructor. It seems weird that someone on this list would have no securitytrainingat all. If you don't mind my asking, what kind of background do youhave?I ask because if you're from more of an operational background andarelooking to apply security to things and develop good practice, I'dsend youstraight over to AUD 507 (don't let the audit piece fool you...there'saudit stuff, but it's really what sorts of operational practices and controls should be in place that auditors ought to look for). On the other hand, if you have a decent technical background butnothingon the security side and aren't worried about development of secure practices, I'd send you toward SEC 401. It's a whirlwind tour ofjust abouteverything to do with security. Prepare to be exhausted. ;) Best regards On Jul 3, 2011, at 3:02 PM, Aaron wrote:All, I am looking at attending SANSFire 2011 in DC this month and taking Security 301: Intro to Information Security with Fred Kerby. Does anyone have anything good (or bad) to say about this course? Havingnoformal training in security, I think it would be a great way to getmyfeet wet and get some experience under my belt. Do you think it's worth the $3500 price tag? Thank you Aaron _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com--------------------------------------------------------- David Hoelzer Director of Research, Enclave Forensics dhoelzer () enclaveforensics com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- John Strand Office: (605) 550-0742 Cell: (303) 710-1171
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: SANSFire 2011, (continued)
- Re: SANSFire 2011 iamnowonmai (Jul 04)
- Re: SANSFire 2011 Aaron (Jul 04)
- Re: SANSFire 2011 Joel Esler (Jul 04)
- Re: SANSFire 2011 John Strand (Jul 05)
- Re: SANSFire 2011 Aaron (Jul 04)
- Re: SANSFire 2011 iamnowonmai (Jul 04)
- Re: SANSFire 2011 David Hoelzer (Jul 05)
- Re: SANSFire 2011 Aaron (Jul 05)
- Re: SANSFire 2011 Ty Purcell (Jul 05)
- Re: SANSFire 2011 mike p (Jul 05)
- Re: SANSFire 2011 Aaron (Jul 05)
- Re: SANSFire 2011 Kevin Shaw (Jul 05)
- Re: SANSFire 2011 John Strand (Jul 05)
- Re: SANSFire 2011 Matthew Reed (Jul 05)
- Re: SANSFire 2011 Aaron (Jul 05)
- Re: SANSFire 2011 Seth Misenar (Jul 05)