I recently completed the SANS SEC401 Security Essentials Bootcamp course via an online on-demand webcast. If taken in person, this course runs 9 AM to 7 PM for six days…hence the “bootcamp” label. With the on-demand format, you have the added privilege of viewing the lecture content at your own pace over a four month period.
If I can summarize the course in one word it would be, “AWESOME.” The writer and instructor of the course is Dr. Eric Cole, a fellow of the SANS Institute. His enthusiasm is contagious and he made approximately 50 hours of lecture content fly by in what felt like a mere 49 hours. That is no simple feat considering the content. Each day is dedicated to a particular topic: Day 1: Networking Concepts, Day 2: Defense In-Depth, Day 3: Internet Security Technologies, Day 4: Secure Communications, Day 5: Windows Security, Day 6: Unix/Linux Security. Oh, and there is a corresponding book for each day…
I read every word and went the extra measure of creating an index for all 6 volumes, which SANS intentionally neglects to include to encourage “Learning.” I followed the advise posted by this fellow SANS trainee so I won’t bother going into detail. My index looks eerily similar to his and I found his blog posting very useful. In total it is 28 pages long.
What I especially loved about this course is that Dr. Cole added so much real world context to the material. The course differs from the “textbook” model of teaching, and as far as I’m concerned, this should be a requirement for all security courses. Textbook and real world are often misaligned. The content addressed these challenges head on. On the other hand, examples were provided of when textbook recommendations have been ignored and at what cost. For example, he talked about a scenario where an adversary breached a very large network. One of the well meaning administrators sent a message over email in reference to cleaning up the breach. Oops…they never had a chance because the adversary read the email and inflicted as much damage as possible by Monday. This highlights the importance of out of band communication in the event of an incident.
There was also tons of hands on labs and practical content. I spent the time doing every lab and had the opportunity to play with tools like tcpdump and even messed around with stego crypto. It was kind of fun hiding a secret message to my wife within a jpg picture of our kids. Hands on training is a simple, but powerful learning technique and SANS makes good use of this as part of their curriculum.
Compared to the CISSP content, which I consumed 6+ months ago by means of a self-study program, I found there to be some overlap. More often than not, the SANS training looked at hands-on topics more granularly, but areas of theory were covered in more detail within the CISSP courseware. For example, the Bell-Lapadula model was briefly mentioned in SEC401, but explained in further detail by the CISSP. Overall, I am happy in the order that I pursued these credentials, but they could have been tackled in reverse order just the same!
This class truly was a bootcamp and for that reason I did appreciate the ability to go through the material at my own pace. In some regards, though, I think doing so is prolonging the pain, er, I mean, extending the fun. There is something to be said for battening down the hatches and going off-grid for 6 long days versus trying to steal 6 long days from your normal schedule. Some other courses which are more lab intensive and collaborative, would not be as good if taken in this format.
SANS offers endless training opportunities and there is a case to be made for all IT employees to take some of their training. For example, they have an entire course that focuses on Windows Security. There’s another that focuses on Unix Security. Secure Web Development? They got that. Let’s not forget Network Security… The list goes on and on. These courses are not just for security analysts. They are for IT professionals who want to accomplish their job in a secure manner and I highly recommend them to all IT administrators. Perhaps one person from each department could attend one SANS course per year? Wishful thinking perhaps, but it would be a great investment and in line with our core values here at DoIT.
I will be taking the associated GIAC GSEC exam within the next week for the sake of putting a rubber stamp on this experience. However, it’s really all about the journey, not the destination!
Some food for thought from the course:
1) Prevention is ideal. Detection is a must.
2) What is the risk? Is it the highest priority risk? Is it the most cost effective way to mitigate the risk?
3) TCP/IP and TCPDUMP Cheat Sheet
4) SANS Windows Tools and Scripts Download
5) Baseline your systems while they are healthy by, at a minimum, documenting running processes, listening ports, existing users (especially admin and root level access UID 0) and admin group membership.
Rating: Excellent – I’d pay my own way … okay, not really, but that’s how much I liked it.
Thanks for reading and don’t forget to subscribe!
Nice job. I’ll be taking this course in the next few weeks too. Looking forward to it even more now.
Oh, that’s great, Jason! Make sure you sit through all of the lecture because that is the best part. Also, there are MP3 versions of the lecture you can download and listen to on your phone for reinforcement. Stop by and I will show you a few things I found useful.
Where do you find the MP3 versions?
If you are registered for the course, the MP3 files are available in your SANS.org account portal, under the self study section.
İstanbul ve tüm ilçelerinde 7/24 su kaçağı bulma ve aynı gün 2 yıl garantili tamir servisi. Artık kırmaya ve su tesisatlarına zarar vermeye son. İstanbul tesisatçı olarak en yakın tesisat firmayız.
Sıhhi ve ısıtma tesisatı, su doğalgaz kalorifer yangın tesisatları tamir montaj servisi. Özdeğer tesisat olarak tüm İstanbul geneline hizmet sunuyoruz.
Kış Bahçesi web sitemize girerek kış bahçesi sistemlerini inceleyebilirsiniz. İhtiyacınız olan tüm gereksinimleri tek kalemde bitiriyor ve size keyfini sürmek kalıyor. En iyi Kış bahçesi modelleri
This is great. Your course is valuable as the technology in this space continues to evolve.
https://www.brandsentrik.com/
20 yıllık deneyimle tesisat tamiri. İstanbul’un her yerine sabit fiyat. Hemen arayın! Tesisat sorunlarına 30 dakikada servis, garantili tespit ve onarım. İstanbul uzman tesisatçı firmamız 7/24 saat açık.
Hi Matthew, I was just wondering if you completed the practical exams provided? If so, are the questions similar to what will be in the real test?
Yes, the practice tests and the actual exam were almost identical. The questions were different, but the style and difficulty were exactly the same. In fact, I scored higher on the real exam than I did on the practice exams.
Hi Matthew, do you have SEC401 book in pdf format ? can you email me ?
The pdf version of the books are not given to students, probably to prevent sharing…
Hi Matthew, I recently joined the security team and I am wondering if its best to start with SEC401 or dive straight into CISSP?
I have loads of 15 years work experience in all support fields e.g group policies, AV, Active Directory.
Regards
Hi Jack. I personally did the CISSP first, and SEC401 next. It worked out well for me, but I don’t think the order is overly important. If you are in a more tactical, hands-on role, 401 is definitely the way to go. However, CISSP is very broad and gives you the big picture. IMHO, CISSP lends itself to a self-study program more-so than 401. So if your company is sending you to a class or paying for an online course, use it for SEC401 and study on your own for the CISSP. Ted Demopoulos of SANS recently released and updated the study guide for the CISSP. You might want to check it out: http://securitycerts.org/review/cissp-study.htm
He es posible crear un blog edu aquí yo tengo este mi edu site
Hello Matt,
I took the SEC401 course and I have my exam in 20 days and I haven’t made the index at all. Your blog is very helpful. Is it possible for you to email me your index? I would really appreciate it! Thanks much!
Alyssa
Hi Alyssa! I’m sorry, but I can’t share the index with you for a couple of reasons. 1 – The books have probably been revised since I took the course so the page numbers would not be accurate. 2 – In my index I included notes from the actual text books, so sharing it may constitute a copyright violation. My apologies, but no worries, you can still create one in time. You have 20 days and 6 books. That gives you 3 days per book to create an index. Since you are pressed for time, don’t worry about indexing every word, just the high level topics and topics that you struggle with. Let me know when you pass!
Great review!
Dr Eric Cole’s enthusiasm and energy are off the chart – he is a great guy to work with too.
Yes, he gets everybody excited about security, which is not easy to do. The Security industry is very fortunate to have him…and you too by the way!
cosas guarras y picantes para follar
Thanks For sharing helpful information its real very valuable information to me thanks
Is it possible to retake the test without retaking the course?
I regrettably found that indexing was not the right path for me. Need a do-over.
Absolutely. GIAC’s retake policy is here: http://www.giac.org/exams/retakes-and-extensions The retake costs $659 if you buy it within 30 days of your exam deadline. If you wait longer than that, you will have to challenge the exam outright, which costs $1150 I believe.
this is so very helpful, thank you!
I am sitting the course in a month’s time, my CISSP is very old (although active) and I’m not a hands on at all any more. What could I read to prepare myself?
thanks
J.
Sadly, the author of the book I used, Shon Harris, passed away. So the material has not been updated since 2012. Another other popular option is ISC(2)’s book. I hope you knock it out of the park! http://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119042712/ref=sr_1_1?s=books&ie=UTF8&qid=1450815123&sr=1-1&keywords=cissp
Hi Matt, I’m a 23 year old looking to get my foot in the door for IA and I was directed to the path of 8570 courses. I have very little experience in IA and security but I was wondering which sections you might suggest for someone who is brand new to this world and trying to learn. I see you suggest CISSP for a more broader overview and the SEC401 for more specialized? The whole process can be very confusing for someone just starting out and trying to decipher the courses and acronyms, so I would appreciate any guidance you might have for me.
Best, Laura
Hi Laura! If you are looking for a more technical course, GSEC would be the better way to go. Both the CISSP and GSEC are broad, though. GSEC goes deeper into the topics it covers, whereas CISSP helps you learn key terminology and concepts. Your background and goals would make a difference here. CISSP is more widely known and will help you land those job interviews. But I am a big fan of GSEC, which will really help you be effective in the real world. There are other options you may want to consider as well, such as the GISF or Security+ since you are just starting out.
I am prepping to take my certification test after having completed the On Demand course. My brain must be really strange because the only thing I remember about the course is how to blow up peeps in a microwave with aluminum foil. Not feeling real confident right now.
Ha! That lesson stands out in my mind as well. I always feel the same way after taking a SANS course. Then, after doing some prep, the practice test makes me feel a lot better. Do your index and you will be fine. The course content always feels harder to me than the exam.
Matthew,
Thanks for the read, an index is a great idea. I will have to hold a mindset for indexes as I move forward. I am just starting out into the infosec world and just started graduate school for cybersecurity technology.
Looking at the material do you think it is worth it to take SEC401 or should someone like myself start at SEC301. Although I am new to the material, my understanding of what is presented in SEC301 seems to be EXTREMELY basic even for someone just starting their way into the field. Is 301 necessary or should I forget about it and start with 401. Additionally, are the GIAC certs something I should wait for an employer to pay for or if I can somehow manage by should I take something like the 401 before employed i.e. is the GSEC something that will also improve my hireability?
Hi Chris. If you have a background in IT and you are going to have some graduate level courses in progress or under your belt, you can probably go straight to 401. GIAC certs are relatively expensive so if you can wait for an employer to pay for it, you are better off. The CISSP you can pretty much achieve via self-study and holds a lot of weight with HR departments, although GIAC is has way more practical value and the tide is starting to turn in their direction. So if money is a factor, you may be better off going for the CISSP on your own, and then when you start interviewing make sure they will include one SANS course a year as part of your hiring agreement.
Hey Matthew,
Hopefully you see this and respond but I figured I’d give this a shot anyways. I plan on taking the GSEC bootcamp course at the end of the month and I believe that I will be taking the exam immediately after the course finishes. Is that a wise decision in your opinion? Hopefully I won’t be too burnt out after a long week of training but I want to get the certification test done as soon as possible while the information is fresh in my head. For background, I currently work in a SOC for a defense contractor so I do have some experience with the subject. I also have my Security+ but I am well aware that is childsplay compared to the GSEC. Anyways, I appreciate the help and response!
Hi Tom! Quite honestly I think that is a bit ambitious. I would give yourself at least 2 weeks to prepare. If you are looking to score 90% or higher and become part of the GIAC Advisory board (which I highly recommend), I would push it out a full month. Let me know what you decide and how you make out. You are going to love the course!
Hi Matthew,
i am planing to take compTIA secutity + exam next month, and i am interesting for GSEC certification, but i am a little bit confusing a about the best way to do this certification (doing a 5 days course or self-study), and about the cost of this certification.
Security + is a nice foundation to build upon so congratulations in advance! IMHO the GSEC cert (or SANS certs in general) is not a good candidate for self study. To challenge the exam you are in for over $1k and the official “textbook” is only available if you take SEC401. Your best bet is to take the course via the SANS work study program, or try to find employment with a company that will pay for the course. The prices are listed on SANS’ website.
Hi, after 20+ with telecommunication industry, I am planning to transition my career to cybersecurity. Mostly, my current experience has to do Transport technologies (e.g., DWDM, OTN, SONET, etc.), bit of IP networking, and scripting languages. Do you think taking the GSEC certifcation will be a good starting point, will it good foundation to get entry level job. Or do you have another recommendation on what class/certification should i pursue first.
Hi Ash: Good question. It is an ambitious starting point if you don’t have general IT experience, in addition to Transport technologies. I would consider some of the Comptia certs as a first step, and then progress into GSEC IMHO. The Comptia cert probably won’t get you an interview, but it will lay the foundation for GSEC or another security cert.
Hi Matthew,
I am looking at doing the SEC401 class through work and am wondering what would be the best way to do so, in your opinion: online study or taking the 6 day bootcamp style.
Thanks in advance,
If they will pay for the in person class, do it! There’s nothing better than being face to face with the terrific SANS instructors and a room full of peers trying to learn the same things you are in 6 intense days of instruction. But if your job will only pay for the online version, don’t be too disappointed. That’s how I took this class and doing so online has some advantages too, like being able to move through the material at your own pace.
I’m interested in the SEC 401, but won’t be available until November. Any bootcamp coming up in my area around this time? I live in Kentucky.
Hi Martin: SANS publishes their schedule well in advance at https://www.sans.org/find-training/
thanks this is great
https://bestpetsvacuum.com/
L’ininterrotta storia di successo di imitazioni orologi Rolex iniziò nel 1908, l’anno in cui Rolex fu fondata a Londra dall’importante imprenditore tedesco Hans Wilsdorf.
WOW! this article it really great i like it
Hey, i found a great site with so many games
Just click this >>> DetikToto <<<
detiktoto has many games and lots of benefits, play now so you can feel the excitement and the benefits.
Hundreds of jitutoto777 games with leaked RTP so it really helps us to win the game and get big profits. Play and get your benefits now.
Auto Glass
THis is a complex subject but I am sure we can do it
Nice blog
DUI Checkpoints
gu899 แพลตฟอร์ม GU899 ถูกออกแบบมาให้ใช้งานง่าย ไม่ว่าจะเป็นผู้เล่นใหม่หรือผู้เล่นที่มีประสบการณ์ การเข้าเล่นเกม การฝาก-ถอนเงิน หรือการรับโปรโมชั่นต่างๆ ก็สามารถทำได้อย่างสะดวกและรวดเร็ว
betflik Betflik เป็นหนึ่งในแพลตฟอร์มความบันเทิงออนไลน์ที่ได้รับความนิยมอย่างแพร่หลายในปัจจุบัน ด้วยการรวมเกมคาสิโน สล็อตออนไลน์ และเกมเดิมพันหลากหลายประเภทเข้าไว้ในที่เดียว Betflik ได้รับการยอมรับจากผู้เล่นทั่วโลกว่าเป็นเว็บไซต์ที่มีความน่าเชื่อถือ ปลอดภัย และมีความสนุกสนานที่ไม่มีที่สิ้นสุด
At Rejuvenation Clinic, we offer Emsculpt treatments that provide a revolutionary approach to body sculpting. Our competitive pricing ensures you receive exceptional value for this cutting-edge procedure, designed to strengthen muscles and reduce fat without surgery. Get Emsculpt Treatment Cost
申博太阳城推荐|
申博太阳城电子游戏官网|
新葡京技巧|
新葡京官方代理|
新葡京官方赌场|
新葡京赌场会员卡|
新葡京赌博开户|
新葡京博彩网址|
线上新葡京官网|
新葡京集团ptt|
新葡京在线电子游戏|
拉斯维加斯百家乐游戏|
澳门拉斯维加斯百家乐官网|
Enjoy mouth-watering grilled specialties at our grill restaurant in Krk, featuring a selection of meats and vegetables. Seafood Restaurant Krk
Оригинальные редуктора на КАМАЗ купить по оптовой цене.
Техническое обслуживание автомобиля (ТО) информационный авто блог
Collect special bonuses by participating in seasonal events and holiday promotions. Login
Baddiehubtimes is a platform that offers an exclusive collection of curated content, including photos, videos, and articles tailored to individuals interested in lifestyle, beauty, and social trends. baddie
Trendufeed is a content platform dedicated to delivering the latest trending news, updates, and viral stories. It consolidates information from various fields, making it accessible and convenient for users who want to stay informed. Current Affairs
Baddiehubtimes is a platform that offers an exclusive collection of curated content, including photos, videos, and articles tailored to individuals interested in lifestyle, beauty, and social trends. baddie hub
Trendufeed is a content platform dedicated to delivering the latest trending news, updates, and viral stories. It consolidates information from various fields, making it accessible and convenient for users who want to stay informed. Latest Trends
Earn Titles and Achievements: Visit the achievements section to unlock badges and special rewards. Jeu de pastèque
CAMAR4444: Daftar Situs Judi Slot Gacor 2024 Deposit Qris Tercepat
başakşehir su kaçağı tespiti ile kırmadan su kaçağı tespiti çok kolay!
I’m really happy I found this website! It’s so informative and motivating. Thanks for the post and all the effort you put in.
Top Architects In Chandigarh Tricity
This blog is so nice to me. I will keep on coming here again and again. kingmaker slot ทางเข้า
We offer top-notch services in Content Marketing, Web Development, Search Engine Optimization (SEO), PPC Management, and Social Media Marketing. If you’re ready to take your business to the next level, please contact us Muhammad Naqash today! SEO specialist
Rediscover the early 2000s with trendy Y2K jewelry. Bold, nostalgic, and stylish pieces to complete your retro look! Y2k jewelry
Camar4444 Good information and articel for all
I really love your work it’s very beneficial to many people’s. เกมส์ pg slot สมัคร
Slot Dana Very beautiful information, please join to prove it
Thank you for challenging me to think critically and explore new ideas.
bacarat
The official online lottery site has a long career as an official online lottery game provider and has earned a lot of trust from its loyal players, so that this site has become one of the pioneers of trusted online lottery sites to this day. If you want to know the game, please just visit this website. https://www.asiancajunrestaurant.com/
Getting the jackpot in the Jakarta Togel game is not easy, but with the right strategy, your chances of winning can increase according to the full explanation on this website. https://sedaji8.com/
Legion Gold is one of the games that is attracting attention in the growing world of online betting, becoming a favorite choice for many players, this game offers a playing experience that is not only entertaining but also full of challenges. Come on, visit the game now. https://8110t.com/
Practical steps to easily win in online lottery games, please visit this website and see the explanation so you can play carefully. https://ouyicn.vc/
lottery site with cheap, fast and top deposits in 2024, please visit this website to register if you want to play it. https://flotationphilly.com/
berastogel is a popular online lottery bookie site in Asia, with the most complete official lottery market and very accurate predictions of output numbers, if you want to see the game, please just visit this website, register immediately and find daily bonuses up to hundreds of millions of rupiah every day.
The best and most suitable Pools lottery market is the first step. If you want to experience victory easily, please visit this site to see the complete explanation. https://143.198.203.26/
the latest easy gacor slot link jp x500 and non-stop scatter, this site also provides several online slot games that are very viral and widely played among the community, especially in Indonesia, immediately visit this website to see the game. https://naiadentertainment.com
Strategy for Playing with the Eye of the Panda Bonus Feature so you can easily win big in this most popular slot game, immediately visit this website to see the game. https://kipdesignfirm.com/
The most popular and trusted online slot game in Indonesia with various strategies and good ways to play has been released correctly, now you only need to read and understand it to easily get a big win, please just visit this website. https://tulicovirtual.co/
a collection of the best films that I recommend for you to watch, with various types of films that you can certainly find on this site. https://reviewfilm.id/
Revealing the Secret of Accurate Numbers for Playing Bonanza Togel, you must understand that this game offers freedom in choosing numbers, please visit this site to see further explanation. https://lottosodlive.com/
The legal case of Harvey Moeis, husband of actress Sandra Dewi, is one of the biggest corruption scandals in Indonesia. With a sentence of 6.5 years in prison for Harvey for his involvement in corruption and money laundering, this case has attracted public attention and had a significant impact on Sandra Dewi. There is a lot of other interesting information that you can find on this website. Come visit it now and find all the information you need. https://keppoo.id/
The natural charm of the beautiful Tureloto beach, North Sumatra, Indonesia is known for its charming natural beauty. This beach is an attractive tourist destination for nature lovers and those seeking tranquility from the hustle and bustle of the city. Please visit this site to see more information. https://sumutland.id/
We have presented the most popular online games today for those of you who like to play online betting games, please visit this website to see the games. https://97072kk.com/
Exploring the Amazing Mountains and Beaches of West Java, a province in the western part of Java Island, Indonesia, is known for its natural beauty from high mountains to charming beaches. If you want to see further information, please visit this website. https://jabarland.id/
the best strategy when playing online betting games so that you can easily win super big prizes and bonuses, now we have presented several collections of official and trusted online betting games, please just visit this website to see the game. https://rc-crystal.com/