GCIA certification challenge

lemanslemans Registered Users Posts: 2 ■□□□□□□□□□
Hello gents,

Thanks for all the tips and wisdom in the SANS GIAC section of the forum, really appreciate it!

Here I am in the middle of the SEC 503 books with less than half a month to challenge the GCIA exam. I am a bit caged by my employer and have a limited time to take the exam.
Reading through the forum posts I am now quite uncertain and not so confident as was before.

What drives me mad is what type of questions to expect on the test.
Are they all packet-analysis related and are they all on the topics, mentioned in the GCIA webpage.
I heard there are some questions on forensics, some involving Mac Os and related tools, proxy-oriented and so on.

While having a general idea, I am afraid I am not familiar with every tool out there and unsure how to prepare for the exam.

Are the books and general knowledge of tcpdump and Snort sufficient for the exam preparation or should I consider some additional training and materials before challenging the GCIA?
What should I focus on?



  • Options
    docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    Did you try a practice exam yet?
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • Options
    lemanslemans Registered Users Posts: 2 ■□□□□□□□□□

    not yet at this point. Due to bureaucracy still waiting for the payment to be completed.
  • Options
    LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    The books required for GCIA certifications are
    Practical Packet Analysis (Chris Sanders)
    Network Intrustion Detection (Stephen Northcutt)
    Inside Network Perimeter Security (Stephen Northcutt)

    Books Recommended by Stephen Northcutt (See the reviews)
    The Practice of Network Security Monitoring: Understanding Incident Detection and Response

    Latest Snort Manual: SNORT Users Manual 2.9.5

    GCIA will require you to be good for hex **** analysis, all the way to each packets headers. This concepts never changes no matter how old is the book. You would also require to understands the latest NSM technologies and snort manual. With a little hardwork, you should be able to pull over the passing marks
Sign In or Register to comment.