Finally, passed GIAC - GCIA exam! Special thanks to Khaos1911, dover, and laughing_man for the emotional support.
There are certainly more detailed threads on GCIA passing/failing, but I wanted to leave a few parting thoughts and this exam.
- Index, index, index. It will win the day. My index was between 7-10 pages per book. They were detailed, organized, and manageable. My approach (and what worked the best), I did not want to reach for my books. During the test I had to reach to my SANS books ~3 times.
- Time management. The first exam ran out of time and lost points to unanswered questions. This time I finished the exam in 3hrs. Advice: Be quick, be precise. If you don't know the questions, make the educated guess and move on.
- Real test is harder than the pratice exams. The pratice exam gives you several benefits: time management, format on the questions, and the topics of the question. The summary at the end of the test is an excellent resource on your problem areas.
- Helpful material outside of the Sans books:
- "Network Intrusion Detection" Third Edition Northcutt and Novak
- "Intrusion Signatures and Analysis" Northcutt, Cooper, Fearnow, Frederick
