Penetration Testing mailing list archives
Re: Pentest exams
From: "Kevin L. Shaw, CISSP, GCIH" <kshaw () eeenterprisesinc com>
Date: Fri, 09 Oct 2009 10:15:14 -0400
I did not have time with personal and work issues to finish the Offensive Security labs; now I don't have the $200 for another month to make sure I've got things down prior to taking their Challenge. 3K is an impossible nut right now; which makes things a little rougher in a cert-centric hiring environment.
Robert Portvliet wrote:
Taking the course from EC-Council allows you to circumvent the 2 years of experience requirement. A big advantage to taking the SANS courses as opposed to just challenging the exam is that the exams are open book, so you're going to kind of want access to the SANS course materials. I'd love to take Security 560, but 3k is a heck of nut to crack right now... On Tue, Oct 6, 2009 at 12:09 PM, Eric Kollmann <xnih13 () gmail com> wrote:I can't speak specifically about either of the ones you originally asked about, but comparing the CEH (EC-Council) vs the GCIH (SANS), from a learning perspective, the SANS course was hands down better on what I learned at the end of it. I learned stuff in the EC-Council course, but not nearly to the extent I did from the SANS one. As for the question if SANS courses are worth the cost, depends on what you want to do in the long run. At least with the GIAC tests, if you just want the cert, you can challenge it and don't have to take the course. To get the VCP, from VMware, you have to actually take their class. I believe that was the same thing with EC-Council and the CEH, though that may have changed in the past 2 or 3 years since I did that course. The VCP cost me as much as the GCIH, which I did take the course on. The GPEN I just challenged. Anyway, according to this article a recent IT Trends Survey has GIAC holding 3 of the top 10 most demanded certs out there: http://www.govinfosecurity.com/articles.php?art_id=1807&pg=1 This one has 5 of the 10 being the most valued: http://www.govinfosecurity.com/articles.php?art_id=1782&pg=1 Ultimately the certs just get you through the door. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Pentest exams Stephen Mullins (Oct 05)
- Re: Pentest exams Curt Shaffer (Oct 05)
- Re: Pentest exams Stephen Mullins (Oct 05)
- Re: Pentest exams Tony Turner (Oct 06)
- Message not available
- Re: Pentest exams Eric Kollmann (Oct 06)
- Re: Pentest exams Paul Deasy (Oct 06)
- Re: Pentest exams Robert Portvliet (Oct 09)
- Re: Pentest exams Pedro Drimel (Oct 13)
- Re: Pentest exams Kevin L. Shaw, CISSP, GCIH (Oct 13)
- Re: Pentest exams Stephen Mullins (Oct 05)
- Re: Pentest exams Curt Shaffer (Oct 05)