SANS Revamping GIAC Security Exams, Dropping Practicals
3/16/2005 -- The SANS Institute announced this week that it is revamping its Global Information Assurance Certification (GIAC) program, dropping the written practical assignments that were once the cornerstone of its titles. In what it calls "sweeping changes" to its testing process, the organization will instead focus on instituting new assessment and learning modules around its online exams, as well as focusing those exams around new scenario-based testing modules, instead of the current multiple-choice questions.
"Our goal is to meet the immediate need to have more modular, adaptable, courseware and certificates/certifications to stay abreast of the current threat," said Stephen Northcutt, director of The SANS Institute. "This is based on the needs for more test-based certifications while eliminating barriers that block 80 percent of past candidates from completing the process."
Northcutt told CertCities.com that the GIAC certifications have the lowest pass-rate in the industry, mainly because the written practicals -- in-depth written assignments around a particular technical topic -- require about 200 hours to complete. Northcutt also commented that the practical format worked well when the program first launched with a handful of titles, but has become "unmanageable" with the current crop of 18 certifications.
The new format will also allow the program to update the content tested much more frequently, he said: "[This will] give us opportunity to drop our cycle time as thing change," citing an example of updating an IDS testing module within days of a new threat being released.
Northcutt said he doesn't think dropping the practicals will hurt the program's reputation, considering the difficulty of the program's online, open-book exams even prior to the upcoming revamp. "To say [the exams are easy because they are open-book] is a knee-jerk statement," he commented. "We're talking about a 6 1/2- to 7-inch-thick book."
The new GIAC certifications will indicate they are exam-only, "so that there will be less chance of confusion between exam only and the original, practical-oriented certifications." While the changes are "effective immediately," those currently working on practicals will have those graded if they are submitted by April 15 (or earlier, if deadline assigned is before that date).
According to Northcutt, there's no plans to change the pricing of the base GIAC certification exams at this time. He said that he couldn't comment on what, if any, costs the new assessment and module training programs the organization is considering may have, and that he'll decide pricing issues within the next 90 days.
He also told CertCities.com that the program may consider continuing keeping some practicals as an "extra level" of certification for those who are interested.
Northcutt said that he understands some program participants may be disappointed about the loss of the practicals; however, he said that most of the feedback he's gotten so far has been overwhelming positive: "I told an audience about this ... and there were cheers." When asked why, he replied, "The 200 hours, of course."
SANS has announced the changes on the GIAC Web site, here. More information on the new program will be posted shortly, Northcutt said.  -Becky Nagel
|
There are 17  user Comments for “SANS Revamping GIAC Security Exams, Dropping Practicals”
|
|
Page 1 of 2
|
| 3/16/05: Clement Dupuis from Quebec, Canada says: |
I think it is sad to see the practical being dropped simply because it is being dropped for the wrong reasons. The practical was what would give any value to an exam that is totally unsupervised, taken over the web from the comfort of your home, where you do not even know for sure that the person taking the exam is who they pretend to be. I sincerely believe that this will make the SANS exam about as valuable as the BrainBench exams available online. It is sad to see the practical go. Does this means that the Reading Room will be next to be dropped as well? Clement |
| 3/17/05: M. Satish kini from Bangalore, India says: |
This is a Sad day for GIAC Certified professionals, and a happy day for those who have just started on the Certification, In my opinion, SANS would have made the certifications in any order - either exams first and then practicals, or vice versa Only time will tell how dropping of practicals will affect the GIAC Community. |
| 3/17/05: Some Security Professional from Brazil says: |
That's really a terrible decision. Internet based exams with no ways of personality validation. GIAC is now a certification and not THE certification as it was. I wrote here as a GIAC(old-style) certified. |
| 3/17/05: Shocked from USA says: |
I for one am shocked and dismayed at the news of the practical assignment termination. I suggest that the decision be reconsidered and ideally rescinded entirely or modified. Reason to rescind - The practical assignment is extremely valuable because it sets the GIAC certification apart from most all other certifications. It forces one to come up with the goods and actually produce. Produce not only by implementing a technical solution, but also but presenting it in an articulate written format. This unique combination of requirements seems to satisfy a need that is widely acclaimed to be lacking. I have seen references from academic journals, public school discussions, and business discussions that all bemoan a lack of people in general, and certainly technical people, that both have a skill and can communicate effectively. Another reason to rescind is that it clearly appears to be a lowering of the bar, a dumbing down of the certification. I think it is absolutely absurd that skilled professionals cannot "carve out" the time and resources necessary. One learns in life not to take on what they cannot finish, not to present justifications or excuses why they cannot. This is a sad commentary on the situation. I recall reading less than a year ago, that some north eastern Ivy League university was in fact raising the bar and fighting another widely acclaimed trend - that of grade inflation. The school was setting a "quota" that only a certain percentage of the student body would get GPA's of 4.0. They were fighting the trend to dumb down. Reason to modify - Many people have already traded significant amounts of money and a tremendous amount of resources, for a chance to certify via the practical assignment and tests. Seems to me, this is at a minimum a gentleman's contract, that someone fulfills their part and SANS fulfills its part. Whatever type of contract or agreement it was, SANS is clearly breaking it. The modification I would suggest is that any one who was assigned a practical start and finish date, be allowed to continue with such. Imagine yourself in front of a future potential employer with them asking me if you have the "real" GIAC certification or the "other" certification. |
| 3/17/05: Missing the practical assignment says: |
I thoroughly enjoyed doing the practical for my first GIAC certification, and was looking forward to completing the practical assignment for my second. I am personally very disappointed with this decision. Maybe extending the time frame to complete the practical would solve the "lack of time" issue. |
| 3/18/05: Jim McCarty from Columbus, OH says: |
I am planning to persue a security certification. I know precieve the GIAC certification as been of much less value now. It is now "just another certification." |
| 3/18/05: sir gawain from earth says: |
I felt so proud having completed my practical - and planned to start a second GIAC as soon as I would have found time - enjoying the expected work, because you do learn so much hands on skills completing it; this was the real benefit, to be rewarded for your months of hard efforts with a good cert. But soon we will see the usual cert inflation start - only 2 GIACS, not 7? This looks like plain old MCSE money draining, and the consequences for the cert might be the same, alas. The security professional in general seems to have no good certification choices anymore, and please do not mention the over-rated and shallow CISSP. Pardon my rants. |
| 3/18/05: A Labianca-Campbell from Boston MA says: |
There are two points of view to this: A. That the certification means much less because there is no practical paper. To this I say that if the practical was so important it probably would be a good idea to not have a list of all practicals on the SANS site and to have those practicals be downloadable to anyone who wanted to read them. If you wanted to cheat you could cheat simply by taking 15-20 of them, add flair and your own writing style and create your own. B. That change is inevitable and in order to meet the mission of a security training provider you have to make the goals attainable to the majority of the security professionals who need the knowledge. Contrary to the hardcore technical student's belief, life is open book. I'd argue that each security professional probably uses written and online resources every day to assist with any task that isn't routine. Experience in the job gives you the knowledge for the tasks you're responsible for and anything else you're looking in a book for anyway. Training's purpose is to expose you to things you don't know. Once exposed, you know how to find the solutions because you know at least that there are solutions. The certification should be a guide to an employer that a prospective employee has at the very least been exposed to the knowledge he or she needs to have. Experience is the sign of a master.. not the certification. So the argument of what certs are better than others is pretty moot. You can't judge skill by certification alone. |
| 3/21/05: Iggy from Singapore says: |
"He also told CertCities.com that the program may consider continuing keeping some practicals as an "extra level" of certification for those who are interested." You had better consider fast if you want my money. I was going to enroll for GCFW next month, and without a practical assignment, this cert now is an open-book exam over the Internet? Of course people are cheering but I am not going to spend my money on a dumbed-down cert. As a matter-of-fact, since I think this is a pure money grab by SANS, I will go out of my way to spend my money elsewhere on another cert. 200 hours? It's like a PhD? Yep, that's the point entirely!!! Wake up, SANS!!! Why don't you give an exam-only cert plus give an exam-practical assignment cert like in the past, use different price levels, and see who goes for what? You already have the old mechanism in place, so there is no startup costs. I would gladly pay extra money to get the real GIAC cert; I won't pay a cent for the dumbed-down exam-only cert. |
| 3/21/05: A Labianca-Campbell from Boston MA says: |
In reply to Iggy from Singapore, if anyone believes that any certification tree is similar to the amount of work required to attain a PhD then they are sorely mistaken. Two hundred hours is not the equivalent of 5 years of full-time effort. |
First Page Next Page Last Page
|
|
|
|
