Well, that's the CISSP exam out of the way... On to CEH?

I attended the SANS 504 Hacker Techniques, Exploits & Incident Handling here in Sydney last week, the first time I have attended a SANS/GIAC course and must say I was very impressed by both the course content and the skill of the presenter Bryce Galbraith, who was assisted by Chris Mohan.

I found the course to be a terriffic eye-opener and introduction to the ethical hacking/penetration test side of the industry with a focus on the countermeasures that can be implemented and incident investigation. The 'capture the flag' on the final day was also alot of fun and really helped tie together some of the techniques and thinking we had learned during the first 5 days.

I'm looking forward to playing with the tools and getting a better understanding of the techniques over the christmas break and hope to sit the GIAC GCIH exam in January (but for now the focus remains on the looming CISM exam that is quickly approaching!)

If you are considering doing a SANS course, I'd have to recommend it. While there is a lot to learn in a small amount of time, the hands-on nature and expertiese of the presenter make it well worthwhile (and far superior to the 'instructor reading the textbook to you' style training I have suffered in the past).