Passed GCIH today.

ByronicbluezByronicbluez Member Posts: 17 ■■■□□□□□□□
I took the course a while back. My voucher expired today so I went for it. Been busy lately playing Divinity Original Sin and focusing on trying to get Linux+.
I managed to pass with one night of cramming,minimal indexing, and ignoring the practice tests. Score wise I could have done better, but a pass is a pass. I guess it is true you reap what you sow. In my defense I did get some bad career news this morning.

Few pointers:
The test was probably about 60% concept. Whereas GSEC was a lot of looking things up for me, most of my questions today where conceptual. They were along the lines of "what would you do" and "what does this tell you." Most of what I looked up was from the outline I made. Only a few questions came from the tool list I indexed.

Areas I had problems with:
Policy, cross site scripting, and SQL injection.

Next on the list:
Linux + part two (trying to get it done so I can start WGU)

Hope my company approves SEC 502 at the end of September.

Feel free to ask me questions.


  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
  • SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□

    GCED seems like a strange choice, why are you looking at it? It looks like you are building a good base, I assume ICND1 IINS then 502?
  • pizzahutpizzahut Member Posts: 11 ■□□□□□□□□□
    Care to share on what are the study materials that you have used for GCIH?
  • ByronicbluezByronicbluez Member Posts: 17 ■■■□□□□□□□
    Well I wanted GCIH because it brings me to IAT level 3. But I like the Blue team SANS route. I figured I have 401, 504 I might as well go through and get 501, 502, and 503. Eventually I would like to get a few forensics classes as well as the GPEN. But those aren't that high on my priority list at the moment. My goal is finish my IT degree at WGU and get CISSP by 2016.

    In terms of studying, I mainly looked at the class materials, but honestly I answered most of the questions based on work experience / prior training. The first book of 504 is really the only book that is worth looking at specifically for the test. They asked a lot on policy and the incident handling method.

    If you don't have the 504 study materials, brush up a lot on SQL injection, format strings, and cross site scripting. Be sure to know a lot about netcat.

    The rest of the test is basic CEH type questions. If you know the basics of rootkits, worms, etc it should be fine.

    One thing that caught me off guard was how different GCIH was from GSEC. I really should have done the practice tests to get a grasp on the format. GCIH stresses more on concepts than tools for the job. I honestly only looked at my tool list maybe one or twice. If you do index, copy all the slides from the books and know where each section is in your index. Remember to really focus on the first book (incident handling process.) I would in fact try to have a solid grasp/memorize everything from the first book so you can breeze through those questions. That gives you a lot more time to spend on the harder technical questions.
  • pizzahutpizzahut Member Posts: 11 ■□□□□□□□□□
    Are we entitle to the 5 books of study material after registering for GCIH exam?
  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    The books come with the course. If you are challenging the test you don't get them.
Sign In or Register to comment.