Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training

[Christopher Misra <crispy () NIC UMASS EDU>]

> I have taken and passed this certification and to be honest.  It is a joke.
>  The Level two Incident Handling and Hacker Tools is very out of date and
> I was not impressed by the instructor's, Eric Cole, knowledge on newer hacker
> tools.

I have also taken and passed this certification. I agree on Eric's knowledge,
the
hacking tools section was weak and out of date for the most part.

> The course focusses mainly on the hacker tool part and it was amusing to
> watch the instructor try to get things to work in front of the class but
> just couldn't half the time.  To me it was a big waste of time and money
> I went for the incident response stuff and I got a lesson in being a script
> kiddie.
>
> As far as the testing itself goes, also a joke, I did not even study for
> the exam or read their "suggested readings on the web" and I still passed
> the tests, not with 100% mind you, but studying would have obviously done
> it.

Again, agreed...

> If you feel like wasting a couple grand to hear about being a script kiddie
> and why you shouldn't trust L0pht/@Stake then this is the course for you.
>  If you want to spend some money and actually learn something useful, look
> elsewhere.

Although the hacking tools portion is very weak, the incident response with Stephen
Northcutt is pretty good. Although not a complete waste of money, if you are looking
for incident response, just take his course seperately and skip the rest. Learning
about hacking tools in two days in a class of 100+ is not a good use of time.

Just a (slightly) different opinion...

                                - Chris
--
Christopher Misra                                    Network Analyst
OIT/Network Systems and Services                        LGRC A153
University of Massachusetts                         Amherst, MA  01003
E-mail: cmisra () nic umass edu