Third Party GIAC certifications training

CyberfiSecurityCyberfiSecurity Posts: 184Member
Does anyone know if a third pay allow to produce GIAC certification training materials? It looks like all the certifications by GIAC/SANS are closed source.
[SIGPIC][/SIGPIC]
Vice President | Citigroup, Inc.
President/CEO | Agility Fidelis, Inc.

Comments

  • docricedocrice Posts: 1,706Member ■■■■■■■■■■
    SANS courseware is proprietary, so there's no third-party publishing training material exactly matching the individual SANS courses and corresponding GIAC exams. In my opinion, with SANS what you're really paying for is the packaging of field experience, current approaches / tactics, tools, and other information that may freely exist by searching Google and talking to other professionals. The material also tends to be frequently updated so it's relevant and the instructors and course authors are actual practitioners in the industry, not just full-time professors. So a lot of material contained in the courses aren't secret sauce, per say, but it's how all of it is put together into a cohesive way that drives home real-world application and the content density is sufficient enough to walk away after a week's worth of training in exhaustion.

    The benefit of the courses themselves are a combination of the lecture slides, labs, and typically a capture-the-flag style challenge on the last day where you put what you learned to the test. If you take one of the live instruction classes, then you get to work in a team with other people on that last-day challenge which mimics real-world scenarios. This is an important part of the learning experience.

    However, some people do challenge the GIAC exams directly without taking the SANS courses (although going this route means the exam costs more), but it can be done and we've compiled a list of external sources that you can read up on which probably has enough information that you could essentially get a bulk of the instruction in a low-cost way. Check the sticky at the top of this forum.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • BillHooBillHoo Posts: 207Member ■■■□□□□□□□
    At least in this forum, there is no one who will admit to doing a GIAC Challenge.

    I set up this poll a few months ago with no one admitting to having passed or failed a GIAC Challenge exam.

    http://www.techexams.net/forums/sans-institute-giac-certifications/97228-giac-challenge-exams-pass-fail.html#post819804

    I think people are willing to pay thousands more for a flavor of the SANS training to ensure they have coverage of all the study areas.

    It's been said on this forum, "Are you willing to trust a $30 book to pass a Thousand dollar test?"

    I'm sure there are people with the experience and knowledge to pass a challenge. But no one willing to fork over a grand to test themselves for sure.

    That said. When I sat for the GSLC and knowing it was open book, I brought a copy of Darril's SEcurity+: Get Certified, Get Ahead as a backup reference for some of the Crypto stuff that confounded me. I referred to it maybe once during the exam.

    If I had to challenge the GSLC I would probably:

    - Buy a practice test from someone who didn't use theirs to guage your knowledge.

    Then

    - Go the the SANS site and find the exam I want to challenge and pull items from the description to form a study plan
    - Download the course objectives from the SANS site
    - Go line by line through the course objectives search out books that will help you study those fundamentals
    - The SANS course covered current news events that were pertinent to WHEN the latest exam questions were created (sometime January through March?). Do a search in the news for any security relevant news items published in all the trade journals during that time. NOTE: Some of the questions covered historic security breaches going back to the 70s? THE COURSE AND EXAM ARE UPDATED EACH YEAR, SO STAY CURRENT
    - Some of the exam questions are based on quotes from somewhat famous military people (Tip: Not a famous General. A Captain in the Army I never heard of before the course) Study military history.
    - Study business management, Project Management, and IT Project Management and hope you use the same management principles that the test creator followed. Seven Habits of Highly Successful People, What Color is Your Parachute?, Who Moved My Cheese? etc.

    If you start with no experience and knowledge and your lucky, you may have hit enough points to get a 70 score.

    Due to the proprietary nature of the course/exam and the frequent updates to it based on changing technology and trends, any single book claiming to prep for (in my case the GSLC) the exam will have a lot of material not covered.
  • SephStormSephStorm Posts: 1,732Member
    My intent is to challenge the GCIH before the month is out, however I will be using my albeit older materials.
  • Khaos1911Khaos1911 Posts: 366Member
    I plan to challenge GCIA and GCIH before the year is up. I just got into my GCIA studies now and will probably schedule the exam attempt for early September.
Sign In or Register to comment.