A few years ago I took the SANS GIAC Security Essentials Course
on-line. Included in it was an attempt at the GSEC certification
itself, something which I finished up
. The GSEC certification is SANS' entry level certification, but it isn't an industry entry level certification, if that makes sense. I have found that information provided in the coursework for that certification has proven valuable in my day-to-day job working with servers and server security. This is definitely a course I recommend for anyone who is serious about hands-on security, not a management focus on security, like the CISSP. For those who aren't able to attend a class, there still exists the online option through SANS' OnDemand
program. The GSEC coursework is found under SEC 401: SANS Security Essentials
But what if you're not interested in a hardcore security course but you did want to become more knowledgeable on the subject? You may want to take a look at SANS' SEC351 offering, Computer and Network Security Awareness
. It, too, is available on-line
. The course is inexpensive and includes a free attempt at the SANS Stay Sharp Program - Computer and Network Security Awareness certificate (SSP-CNSA). This is a course you can go through in a few days without too much trouble and most certainly learn something from. When I took it as a member of the GIAC Awareness Council, I learned a couple of things myself. I will advise that the certificate attempt isn't required. And before you attempt it, review your notes from the course itself. Not all of the questions in the attempt were easy.
By the way, this course is good for any end user who wants to becomes more security aware. If you have someone in your family who doesn't understand phishing attacks, basic social engineering mechanisms, and the importance of keeping systems up-to-date with antivirus definitions and security patches, this course helps teach why. It is as applicable to the home user as the business user, possibly even more so.