Penetration Testing mailing list archives
Re: Pentest exams
From: Paul Deasy <paul.deasy () gmail com>
Date: Tue, 6 Oct 2009 20:42:30 +0100
Does anyone have any thoughts on the MILE2 courses, <http://www.mile2.com/>, compared to the SANS or Offensive Security courses? I took the CPTS course in 2007, <http://www.mile2.com/Certified_Pen_Testing_Specialist_CPTS.html>, and found it very good. Instructors were excellent, the 5-day course was a major ramp up in the learning curve. At the time of sitting the exam, I didn't have enough prior experience with the low level protocol inspection and this was my downfall. I'm looking to get back into getting certification in this area, upskilling to more up-to-date techniques and technologies. What would be the best course to take as a refresher? TIA 2009/10/6 Eric Kollmann <xnih13 () gmail com>:
I can't speak specifically about either of the ones you originally asked about, but comparing the CEH (EC-Council) vs the GCIH (SANS), from a learning perspective, the SANS course was hands down better on what I learned at the end of it. I learned stuff in the EC-Council course, but not nearly to the extent I did from the SANS one. As for the question if SANS courses are worth the cost, depends on what you want to do in the long run. At least with the GIAC tests, if you just want the cert, you can challenge it and don't have to take the course. To get the VCP, from VMware, you have to actually take their class. I believe that was the same thing with EC-Council and the CEH, though that may have changed in the past 2 or 3 years since I did that course. The VCP cost me as much as the GCIH, which I did take the course on. The GPEN I just challenged. Anyway, according to this article a recent IT Trends Survey has GIAC holding 3 of the top 10 most demanded certs out there: http://www.govinfosecurity.com/articles.php?art_id=1807&pg=1 This one has 5 of the 10 being the most valued: http://www.govinfosecurity.com/articles.php?art_id=1782&pg=1 Ultimately the certs just get you through the door. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-- ================================== Paul Deasy MSc. Skype: p.deezee ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Pentest exams Stephen Mullins (Oct 05)
- Re: Pentest exams Curt Shaffer (Oct 05)
- Re: Pentest exams Stephen Mullins (Oct 05)
- Re: Pentest exams Tony Turner (Oct 06)
- Message not available
- Re: Pentest exams Eric Kollmann (Oct 06)
- Re: Pentest exams Paul Deasy (Oct 06)
- Re: Pentest exams Robert Portvliet (Oct 09)
- Re: Pentest exams Pedro Drimel (Oct 13)
- Re: Pentest exams Kevin L. Shaw, CISSP, GCIH (Oct 13)
- Re: Pentest exams Stephen Mullins (Oct 05)
- Re: Pentest exams Curt Shaffer (Oct 05)