SANS Bootcamp or in other words the most fun you will ever have while being fire-hosed with information. This past week was my first experience with SANS in their SEC401 bootcamp which basically resulted in me laughing every day. This included the: The frustrated “omg, I don’t get this”, the awkward “wait, was that a joke?” and the original “ROFL”. Thanks, CollegeHumor for knowing exactly what I felt.
Bryan Simon, the instructor, started off Monday 9am with the line, ” We live in a state of persistent compromise.” The next 10 hours were spent on networking concepts and tools. Anyone know the difference between a switch and a hub? Though he didn’t mention it by name, the SABSA model was also covered. To learn more about this framework, look at my previous writeup. Bryan consciously put in jokes and demos that could help dilute the overwhelming information dump. I really liked his style of teaching as he kept everyone engaged no matter what level/background the student was from! Do you know the story behind the name Debian? Deb + Ian were a husband and wife duo at the time they came up with the OS.
For those who have not taken the course, it takes up 50+ hours that span over six days to cover a variety of topics such as Networking Concepts, Defense in-Depth, Internet Security Technologies, Secure Communications, Windows Security and Unix/Linux Security. Now say that quickly 6 times! My favorite part of the week was the Netwars Tournament on Days 4 & 5. Teaming up with classmates and just hacking away on scenarios based on real events while listening to I Will Survive gave a complete different kind of rush and an opportunity to implement some of the concepts learned in class. Aditionally, there were also talks almost every night by the instructors on topics ranging from Blue Team Tactics to the Dark Web to Powershell. Eric Conrad, SANS Senior Instructor, talk on Introducing DeepBlueCLI; A Powershell Module for Hunt Teaming Vira Windows Event Logs can be found here. Matt Edmondson’s super interesting talk on State of the Dark Web can be found here.
I will post more if and as they become available.
With the bootcamp over, I plan to continue to digest the information over the next few weeks before I take the exam by the end of the year. If you have any suggestions, advice on how to best clear the GSEC certificate, do let me know!
On another note, it was only after I obtained my Masters, that I realized the industry hasn’t yet evolved enough to appropriately value the degree. From job postings to chatter in various conferences, the information security community has a whole is very much geared towards certs in that epic debate of certs v. degrees. So here is my first attempt to obtaining one.