Re: SANSFire 2011

[Seth Misenar <seth.misenar () gmail com>]

Based on your background and stated goals I would recommend that you start with 401 (and the GSEC cert).  Given your 
goal of landing a security job, I would then recommend studying for and sitting the CISSP exam.  With your 401 
training, I don't think studying on your own for the CISSP would be much of a stretch.  Between 401 and studying for 
the CISSP a whole lot of gaps in security knowledge you might have will get filled.  Also this approach will give you 
sufficient exposure to determine if there is a particular speciality within security that is particularly attractive to 
you.

I would also recommend that you look into the SANS work study program for future conferences, which offers greatly 
reduced tuition in exchange for your helping to keep the conference and class running smoothly (light clerical work and 
some manual labor).  In addition to the benefit of reduced tuition, you also, especially at larger conferences, get to 
network with a lot of other volunteers, which could prove extremely valuable at this stage in your security career.

I am completely biased (co-author), but I would recommend that you use the Syngress CISSP Study Guide by Eric Conrad, 
Seth Misenar, and Josh Feldman for your self-study

Hope this helps.

Regards
Seth Misenar GSE #28

On Jul 5, 2011, at 9:16 AM, Aaron <subdriven () gmail com> wrote:

> David,
> I guess you can say it is weird that I am a part of this list but have
> no official training. My background is in running small businesses as
> an IT generalist (for lack of a better term). I've always been
> fascinated with security and think I have a knack for it. My wife and
> I are currently trying to move west; be it Seattle area, Portland, OR
> area, or Denver. What I've (embarrassingly) found in all of the
> interviews I've been on is A) I don't have the experience and B) I
> don't have the requisite knowledge companies are looking for in a
> candidate. Thus far in my career, I've either taught myself everything
> I've needed to know whether reading and applying, or picking the
> brains of those more knowledgeable than I (hence this list). My
> knowledge of systems, infrastructure, TCP/IP, networking, etc has all
> been very informal, rudimentary, and full of holes. Again, learning
> what I needed to, to accomplish the job/task at hand then moving on.
> During the interview process I cannot answer some questions or can
> only answer them at a very basic level. (And yes, there is a good
> chance I'm being hard on myself, but I don't think I'm too far off the
> mark.)
>
> Regardless of how well I portray this in interviews, companies are not
> willing to hire someone on speculation. At least not with the job
> market the way it is. Therefore, I've decided on two approaches. First
> I'm going for training and certs on my own dime. Second, I'm looking
> for entry level positions related to security or positions I think
> will benefit me and help me move up to a security position.
>
> I hope that has cleared some of this up. So, knowing the background,
> you can see why I was looking at the lower level courses in which to
> start. I think I have a decent technical background and with some
> basic certs like Security+ or Networking+ I think I can back-fill
> whatever information I'm missing.
>
> I appreciate your reply about the auditing class. I will need to make
> a decision very soon as the conference is only a few weeks away.
>
> Aaron
>
>
> On Mon, Jul 4, 2011 at 6:21 PM, David Hoelzer
> <dhoelzer () enclaveforensics com> wrote:
> > It's a good course.  I know Fred well and he's a good instructor.
> >
> > It seems weird that someone on this list would have no security training at all.  If you don't mind my asking, what 
> > kind of background do you have?  I ask because if you're from more of an operational background and are looking to 
> > apply security to things and develop good practice, I'd send you straight over to AUD 507 (don't let the audit piece 
> > fool you...  there's audit stuff, but it's really what sorts of operational practices and controls should be in 
> > place that auditors ought to look for).
> >
> > On the other hand, if you have a decent technical background but nothing on the security side and aren't worried 
> > about development of secure practices, I'd send you toward SEC 401.  It's a whirlwind tour of just about everything 
> > to do with security.  Prepare to be exhausted. ;)
> >
> > Best regards
> >
> >
> > On Jul 3, 2011, at 3:02 PM, Aaron wrote:
> >
> > > All,
> > >
> > > I am looking at attending SANSFire 2011 in DC this month and taking
> > > Security 301: Intro to Information Security with Fred Kerby. Does
> > > anyone have anything good (or bad) to say about this course? Having no
> > > formal training in security, I think it would be a great way to get my
> > > feet wet and get some experience under my belt. Do you think it's
> > > worth the $3500 price tag?
> > >
> > > Thank you
> > >
> > > Aaron
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom () mail pauldotcom com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> >
> >
> > ---------------------------------------------------------
> > David Hoelzer
> > Director of Research, Enclave Forensics
> > dhoelzer () enclaveforensics com
> >
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com