Studying for GCIH

I've come across some 2011 SANS GCIH materials and was curious to know how relevant they are to the course/exam today and that if running through them would be worth my while or if I should take the course. How much have the manuals they hand out now changed?

Thank you.

Find more posts tagged with

Comments

cyberguypr

The classes are updated up to 3 times per year. Although the basics are the same, they do like to keep the material fresh and therefore there are always nuances that will most likely show up in the exam. I'm not sure where you got your old material but another thing worth mentioning is that the license for SANS material expressly prohibits copying, distributing, selling, and whatnot the books, CDs, etc. Just something to keep in mind.

SephStorm

Just thinking out loud, haven't textbook manufacturers tried the same thing? Didn't that get struck down?

No one denies that MFR's should have the ability to sell their materials and that they should be able to prevent the unauthorized reproduction of that material, but the resale of copyrighted content is a cornerstone of our modern economic marketplace. I personally, while I still have all of my materials, feel that I should be able to recoup some of the significant cost of these materials by reselling them.

Everyone complains about the lack of cybersecurity pros, but the best training is prohibitively expensive.

Khaos1911

And let's just be honest here, people. All that policy/NDA bs aside, you can find all these study materials on ebay and elsewhere, pay a fee, and then when you study up and finally go and take the test, you'll sign the NDA agreement anyway. All most people really care about is getting that cert to keep or advance into a job. Yes, it would be nice if we all took these exams and studied all these long hours just to stay up to the latest on different subject matters, but most people are trying to advance their career/salary. I personally think it's absurd that my employer had to pay 5K for GIAC books when they are being peddled online for a couple hundred bucks. So me and some other dude can take the same test after studying the same books and he saved $4500 bucks? The game is rigged.

overthetop

Khaos1911 wrote: »

And let's just be honest here, people. All that policy/NDA bs aside, you can find all these study materials on ebay and elsewhere, pay a fee, and then when you study up and finally go and take the test, you'll sign the NDA agreement anyway. All most people really care about is getting that cert to keep or advance into a job. Yes, it would be nice if we all took these exams and studied all these long hours just to stay up to the latest on different subject matters, but most people are trying to advance their career/salary. I personally think it's absurd that my employer had to pay 5K for GIAC books when they are being peddled online for a couple hundred bucks. So me and some other dude can take the same test after studying the same books and he saved $4500 bucks? The game is rigged.

To be honest with you I agree with you. What are you paying 5k+ for? For the instructor to read the EXACT slides that are in the book and the labs and capture the flag? That's what I paid for? Is the exam A.a big lab or B.multiple choice. B is correct. So to me its semi-pointless to do a training. (not saying I wont do another to get out of work). All the labs you can do with the VMWARE Workstation 30day trial or put that Cisco Lab equipment to good use. Yes, in the past few months the objectives (GCIH) did change a little. How hard is it to download a tool, buy a book, or google the tool? I wouldn't use outdated books over a year old. I did training less than a year ago and it changed, slightly. Forgive me, but I've seen people basically indirectly/directly tell you what was on the exam until the Moderator reads it and deletes/changes it. This is online, you think it doesn't happen in real life?.. If you have recent books and Index the f$%& out of it, I am sure you can pass.

P.S Nobody is going to ask for your receipt for OnDemand or 5-6 day training to see how you passed or the resources used and I took the training. Not sure where you are in your job or career but where I am "a lot" of people have taken SANS training and have obtained certs. So saying you have G_ _ _ isn't getting you any pats on the back or beers. If you work Tier 1 help desk reimaging computer and transferring files all day you might get that pat on the back and beers because not to many people will have it (no offense)

madralf

Hi all, I am new user so please be forgiving for me

I want to clarify sth because it is ambiguous for me:
- what do I get after purchase SANS 504 course? only 6 books or maybe sth more? LABs? DVDs? mp3s? movies? sth else?
- "GIAC certification attempt" $1.099 is a voucher/exam price? is it total cost of exam attempt? it is valid 4 months after purchase, isn't it?

Thank you very much for your answer!

Kind regards, Rafal

JRZella

Ok, so other than chastising me for going through books left by a former employee and completely going off topic, from what little info cyberguypr gave, I'm taking it that the books I'm going off of are "sort of" accurate side from some minor details and updates/advances in technology?

Is it safe to say that? Or will that question be misconstrued and a completely different topic started...

SaSkiller

I want to clarify sth because it is ambiguous for me:
- what do I get after purchase SANS 504 course? only 6 books or maybe sth more? LABs? DVDs? mp3s? movies? sth else?
- "GIAC certification attempt" $1.099 is a voucher/exam price? is it total cost of exam attempt? it is valid 4 months after purchase, isn't it?

It depends on what training delivery method you request. Virtual or self study generally comes with books, a DVD and MP3's. If you do virtual, you should get recordings of the video content.

If you buy a cert attempt with your training, you get it at a steep discount. Something like 500 or 600 USD. You are able to get that price for a few months after your purchase. If you don't buy it with the training, you can "challenge" the exam, for full price.

I'm taking it that the books I'm going off of are "sort of" accurate side from some minor details and updates/advances in technology?

I took my GCIH exam a few years after buying my training with no significant issues.

Back to discussion on cost, I find it outrageous. I spend several thousands on the course. Employer only reimburses for the cost of the exam, can't get it reimbursed by the va, no tax benefit, and I won't see any career benefit for years. Why shouldn't I be able to sell it to someone and recoup some of my cost?

LionelTeo

I have passed my GCIA on 2012 mostly using year 2000+ books from Amazon but printed out the latest version of SNORT manual which help me to score quite a few during my GCIA exam. The underlying concept for every topic is always the same, and SANS probably will add a minor module every 4 years which wouldnt hurt the exam passing score. Neverthless, for my GCIA I had flunk in IPV6 and latest NSM Technology.

However, I will not recommend you to try to use the material u had, its against the law and most probably pearson examiner would check the books. I had mine question on why am I using CISSP Study book for GISP exam before. I would suggest you to use Counter Hack Reloaded written by Ed Skoudis instead, there is various topics that is similarly covered for GCIH and it would be much better for you to pass the exam legally. You can always fill up the missing gaps with notes from internet via google or try various books to cover it. A few **** sheet can help a lot, in particular nmap, nc and incident handler **** sheet.

To answer to your question, you can break down cyber security concepts in two areas, the first would be the underlying concepts that never change, some example would be pcap analysis, methodology for attacks, incident handling and probably laws wont change in a very long time, but new attacks always surface every few years, but still revolves around the same concepts, so you shouldn't fear as long as you grasp the underlying concept of each topic.

Also, you are given two practice test when you register for the challenge exam, therefore, you can always evaluate your materials between each practice exam and eventually build a really good open book materials before going for the actual exam. This exam is actually very easy, if you are worried, you can always take on CEH first before coming back to GCIH as both exams have various topic overlaps, CEH scoring can help you and evaluate where you are in terms of taking GCIH.