Home page logo

basics logo Security Basics mailing list archives

RE: The Value of GIAC/GSEC Certification
From: "Craig Wright" <cwright () bdosyd com au>
Date: Sat, 24 Mar 2007 11:50:12 +1100

I have completed GIAC certs in both sides of the divide - ie pre and post the changes to certification.

They never removed the practical. They changed all existing certs to automatically be Gold, as these have both a test 
and prac. They also changed the order - ie from prac than test to test than prac. I was in the process of taking one of 
the certs when this changed. At this point a choice was given and I did the old way - paper first.

So the prac never disapeared - they just added levels - ie silver and gold. The test is to see what level of cert is 
held. A Silver is just the test and the number of certified people has incresed significantly if this is all one checks.

The Gold certs are still rare and the ones that are valuable.

However, many people do not know the difference and thus they do not look at the silver and gold as having distinct 

So Silver GIAC is purely exam based. Gold GIAC is no differnt other than the order of the testing.



From: listbounce () securityfocus com on behalf of Don Parker
Sent: Sat 24/03/2007 9:20 AM
To: security-basics () securityfocus com
Subject: RE: The Value of GIAC/GSEC Certification

Indeed the practical portion was done away with and then brought back after
a lot of bitching was done. You may want to read the column on Securityfocus
I wrote about it actually :-)


That column pretty much sums up my feeling on GIAC now.



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Tony UcedaVélez
Sent: Tuesday, March 20, 2007 10:25 AM
To: 'Johnston Mark (UK)'; andrews () rbacomm com;
security-basics () securityfocus com
Subject: RE: The Value of GIAC/GSEC Certification

Agree with everything Mark noted, however, I believe they did away with the
practical as of roughly 2 years ago.  It may be only relevant to only some
of the GIAC certifications, but I distinctly remember seeing that the
practical was retired for various GIAC certs.

If this still holds true, its regrettable b/c the practical was indeed a
huge aspect in truly learning about a security disciplined compared to the
traditional multiple choice Q&A that you get with the exam portion and other
security examinations.

Overall, I highly recommend the cert along with partaking in an actual boot
camp prior to the cert.  Like Mark said, great way to intermingle with some
of the top security professionals today.


Tony UcedaVélez, CISM, CISA, GIAC
VerSprite, LLC
(office) 678.938.3434
(email) tonyuv[at]versprite[dot]com
(web)   www.versprite.com

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Johnston Mark (UK)
Sent: Thursday, March 15, 2007 5:06 AM
To: andrews () rbacomm com; security-basics () securityfocus com
Subject: RE: The Value of GIAC/GSEC Certification

Hey there,

The biggest distinguishing factor between the 2 certifications is that for
the GIAC certs, you need to complete a practical. This is where I believe
the value comes in, as to be able to pass you must have the practical
knowledge. Take for example the GCFW ... when I did it you needed to design
a secure network, and display the configurations for the particular
components that you used. Then you had to show an attack on a previously
designed network.

If you participate in the courses, you'll also get to meet some of the top
guys in the security industry ... like Eric Cole, Stephen Northcutt Chris


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of andrews () rbacomm com
Sent: 14 March 2007 13:36
To: security-basics () securityfocus com
Subject: The Value of GIAC/GSEC Certification

Does the GIAC/GSEC certification have value for someone with the CISSP

I am planning on getting my CISSP this year, but I may have a chance to go
for the GSEC a bit earlier.  Would that add any value, or is it a waste of
time if I can attain the CISSP?


This electronic message contains information from O2 which may be privileged
or confidential. The information is intended to be for the use of the
individual(s) or entity named above. If you are not the intended recipient
be aware that any disclosure, copying distribution or use of the contents of
this information is prohibited. If you have received this electronic message
in error, please notify us by telephone or email (to the numbers or address
below) immediately.
O2 (UK) Limited 260 Bath Road, Slough, Berkshire SL1 4DX Registered in
England and Wales: 1743099. VAT number: GB 778 6037 85

Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

The information contained in this email and any attachments is confidential. If you are not the intended recipient, you 
must not use or disclose the information. If you have received this email in error, please inform us promptly by reply 
email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. 

Any views expressed in this message are those of the individual sender. You may not rely on this message as advice 
unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by 
a Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, 
interception, corruption or unauthorised access.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]