GCIH Passed - This is my terrible (or maybe not so terrible?) approach
cynicbeard
Member Posts: 15 ■□□□□□□□□□
in GIAC
Passed the GCIH exam yesterday! Figured I would post to give a little insight and sound off my thoughts.
After souring web and reading a ton of post on TE, I felt that the GCIH would be the best starting point for me on my SANS cert path. I wanted to take an exam where I was knowledgeable in all domains based on my work experience, so the GCIH seemed to be a good fit.
I challenged the exam. SANS training looks awesome, but I am a consultant, which means the bill is on me. I decided that I would roll the dice and see how things went.
Originally, I scheduled the exam for the end of July after getting my attempt approved on Monday of this week. After taking the practice tests and scoring in the 80's without cracking a book, I decided to jump the gun and change the date (to yesterday). Not to mention my hectic schedule always changes, so scheduling it far out was a stretch for me anyway.
This is what I took away:
After souring web and reading a ton of post on TE, I felt that the GCIH would be the best starting point for me on my SANS cert path. I wanted to take an exam where I was knowledgeable in all domains based on my work experience, so the GCIH seemed to be a good fit.
I challenged the exam. SANS training looks awesome, but I am a consultant, which means the bill is on me. I decided that I would roll the dice and see how things went.
Originally, I scheduled the exam for the end of July after getting my attempt approved on Monday of this week. After taking the practice tests and scoring in the 80's without cracking a book, I decided to jump the gun and change the date (to yesterday). Not to mention my hectic schedule always changes, so scheduling it far out was a stretch for me anyway.
This is what I took away:
- The actual exam IS HARDER than the practice tests. Here is why... the exam questions are scenario driven and more experience based ("What are you looking at...", "How would your respond...", "What is the next step...") etc. I am not going to lie... it was tough.
- I was comfortable with the challenge based on my experience. I think many people invest time in the index, because the content is very fresh to them? I don't know, but I didnt have an index for the exam. I know my test taking habits, and I burn up time and second-guess everything if an exam is open book. However, I brought three things with me just in case:
- The Blue Team Handbook: IR Edition (IR Lifecycle)
- Red Team Field Manual (To supplement the SANS **** sheets)
- ALL Tool Related SANS **** sheets and the IR **** sheets from Lenny Zelster.
- The fact that the exam was facilitated in the way that it was... very impressive. The content was realistic and I felt that it was a true-test of one's understanding of IR and the accompanying technical skills. I truly see the value in SANS and why they are so respected after this experience.
Comments
-
E Double U Member Posts: 2,238 ■■■■■■■■■■Congrats!
I completed SEC504 weeks ago so I hope to join you soon in the GCIH ranks.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
renacido Member Posts: 387 ■■■■□□□□□□cynicbeard wrote: »$1,099
So ridiculous.
Aaaaaaaaaaand THIS is why my sec analysts most likely get C|EH + E|CSA vs GPEN + GCIH + GCIA
Congrats on passing! If my company pays for it I'll give it a rip. But as I'm NOT a consultant and don't need the GIAC badge for marketing purposes, I'm not paying for it myself. -
cynicbeard Member Posts: 15 ■□□□□□□□□□E Double U wrote: »Congrats!
I completed SEC504 weeks ago so I hope to join you soon in the GCIH ranks.
Good luck! -
cynicbeard Member Posts: 15 ■□□□□□□□□□Aaaaaaaaaaand THIS is why my sec analysts most likely get C|EH + E|CSA vs GPEN + GCIH + GCIA
Congrats on passing! If my company pays for it I'll give it a rip. But as I'm NOT a consultant and don't need the GIAC badge for marketing purposes, I'm not paying for it myself.
Yeah it's a bit obnoxious. However super addicting. I am now prepping for GPEN. Again... I challenged it. The training is just too steep for me and this exam I am pretty confident regarding the material. After this is done I am going to pay for Netwars Continuous and possibly 660. -
Mike-Mike Member Posts: 1,860cynicbeard wrote: »$1,099
So ridiculous.
when I read this my eyes got as big as that animal in UnixGuy's avatarCurrently Working On
CWTS, then WireShark -
ansel1261 Member Posts: 24 ■■□□□□□□□□Congrats, Impressive - I was thinking of challenging the GCIH (I think it would have been tough). I ended up changing jobs and my current employer is willing to pay for SANS training. I took the SANS GCIH course On-Demand with a focus on preparing for the exam. Hopefully the class and materials will help me pass the exam.
-
TechGromit Member Posts: 2,156 ■■■■■■■■■□cynicbeard wrote: »I challenged the exam.
Forgive my ignorance. What does this mean?Still searching for the corner in a round room. -
JoJoCal19 Mod Posts: 2,835 Mod@TechGromit to challenge means to attempt a GIAC cert without taking the corresponding SANS training.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework