Has anyone taken GMON exam yet?

DtrescaDtresca Registered Users Posts: 2 ■□□□□□□□□□
I'm scheduled to take the exam on the 29th. I was curious if anyone had any feedback on the exam yet. Was 3 hours enough time? Any tips on indexing? Any advice is much appreciated!

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I thought this cert was starting in December. At least that what GIAC's website says. In regards to the index I stand by my 4 column model as seen here: http://www.techexams.net/forums/sans-institute-giac-certifications/98047-passed-gcih.html. Others here like to have a separate indexof tools. Some like to use color tabs for the books.
  • DtrescaDtresca Registered Users Posts: 2 ■□□□□□□□□□
    I was in one of the first classes, so we are taking it in October. Thank you for passing along your method! I'll check it out.
  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    I would be interested in hearing a review on the course & cert
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • LWB250LWB250 Member Posts: 59 ■■■□□□□□□□
    I was in one of the first classes and am in the beta test group for the test. I'm taking mine on Tuesday (27th) and will report back on the experience. I haven't had a chance to take the practice tests yet but will be doing that this weekend in preparation. I've spent that last week reviewing material and creating an index from the books.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    Would love to hear feedback on this as well. I took the course in September and I am waiting for others to take the exam to hear some feedback on how it goes and how to prepare. There isn't exactly a lot of study materials out there yet that I know of..
  • LWB250LWB250 Member Posts: 59 ■■■□□□□□□□
    I took the beta exam and passed it. Because it was the beta no scores are released, so we had no way of knowing where we ended up relative to the cut score, which I believe is a 74.

    I would say that if you took the SANS course and used the information from it to make your index you should be good. This also assumes you have some practical knowledge on the material as well.

    The test goes live December 26th, which is when our certs become official.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    Hey all, bringing this thread back to an active status since I got notification on the 26th as mentioned by the poster above that the exam was now live and I have until April to take it.

    Anyone who has taken it or is preparing to take it and can provide any tips or advice it would be greatly appreciated.. I took the course in September and honestly I can say while it was informative, the knowledge I gained doesn't relate to anything I do in day to day work.. It was great to have the opportunity to take the course but in reality it will have no ROI on my career, since it isn't what I do daily, and it's such a new exam no one has heard of it.

    Anyways, enough of that rant.. What study materials are people using? Right now all I've heard is to use the books that were provided during the course, which essentially are 5-6 big tombs of slide shows and short text and also to use :

    The practice of Network Security Monitoring
    The Tao of Network Security Monitoring

    Both by Richard Bejtlich. One of these books is over 800 pages long 0_0

    Any advice as I said is greatly appreciated, looking to get this one over with and move on to something that is more applicable to my career and has a better ROI.
  • LWB250LWB250 Member Posts: 59 ■■■□□□□□□□
    I built an index using the books provided in the SANS course along with some related information from my work experience. Based on what I know now from taking the exam, I could have drilled into more detail in some areas, but for the most part the index served me well.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    That was my thoughts too, build an index using the course material however I was issued 5-6 very sizeable books during the course. Did you carry an entire bag full of books into the exam and pages marked etc? Also would you mind sharing any login on how you actually labeled the books and what not? I wish this exam was like others I've heard of that have 1-2 books, more developed study material etc.

    Right now all I have is this stack of books which are mostly slides and text along with the Tao of Network Security monitoring - 800+ pages...
  • LWB250LWB250 Member Posts: 59 ■■■□□□□□□□
    I literally went through every one of the books and built an index based on the content and material I thought was relevant. The index had the terms and referenced book and page numbers.

    And yes, I drug every one of the books into the test room with me along with my index. Fortunately, no one else was testing at the time so I tossed them on the floor in order so I could grab them easily and kept my index on the table.

    I did not use the Tao of Network Monitoring book, only the SANS books I got in the class. I did print out some of the SANS "**** sheets" for things like Linux commands and other relevant information.
  • SplunkingAroundSplunkingAround Registered Users Posts: 4 ■□□□□□□□□□
    Could you email me your index you wrote up? I took the course in July and the on Demand course has expired.

    Thank you

    A
  • LWB250LWB250 Member Posts: 59 ■■■□□□□□□□
    Could you email me your index you wrote up? I took the course in July and the on Demand course has expired.

    Thank you

    A

    As much as I would like to help you, it would be unethical as well as highly inappropriate for me to share the materials I spent literally days to prepare. It's rather presumptuous to be asking someone for copies of their work for your personal gain, I believe.

    if you took the On Demand course, you should have the books. I have done a number of the On Demand courses, and for each I received a full set of books as well as the USB stick with the labs and additional resources.

    LWB
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Work just signed off on my attending the GMON course in Philadelphia at the end of Feb!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • GemokSPXGemokSPX Registered Users Posts: 3 ■□□□□□□□□□
    Hey Guys,

    My Director just approved my training for SEC511 course in March and this will be my first ever training from SANS (so kinda excited!!). Do you guys have any tips before going to this course? Just wanna fill-up some gaps before going to the actual even itself, at the very least to know some of the tools or methodology used during the course.

    Just some info of myself:

    2 year in Wintel Sysadmin
    3 years of SOC analyst (Arcsight, Nitro and QRadar)
    Currently in SIEM and APT content developer
  • SplunkingAroundSplunkingAround Registered Users Posts: 4 ■□□□□□□□□□
    Would you help me format the indexc? Ive never taken a SANS cert before, and Im looking for advice on how to study for it...
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    3/5 books indexed now. Going to finish up the last two and then take a practice, schedule test, refine index, do final practice day before the exam and then go get this thing over with!
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Bring it home!
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Good luck! How long does it take you to index a book? I mentioned in my GCIA thread, next time I'm indexing as soon as I get done with a class.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • kiki162kiki162 Member Posts: 635 ■■■■■□□□□□
    @GemoSPX - If you are going to Orlando, I'll be in your class in March for SEC511.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    Hey all, Took the exam this morning and passed with a 77%. As far as how long it takes to index a book, it really depends, some days I was able to get through a single book in a day, other times I spent a few days going over a book due to work etc. getting in the way. First SANS exam for me, and while I don't do packet analysis or network monitoring in my current position I have to say I feel like I learned quite a bit to expand my knowledge.
  • LWB250LWB250 Member Posts: 59 ■■■□□□□□□□
    zxbane wrote: »
    Hey all, Took the exam this morning and passed with a 77%. As far as how long it takes to index a book, it really depends, some days I was able to get through a single book in a day, other times I spent a few days going over a book due to work etc. getting in the way. First SANS exam for me, and while I don't do packet analysis or network monitoring in my current position I have to say I feel like I learned quite a bit to expand my knowledge.

    I don't do packet analysis on a regular basis and only a minimal amount of network monitoring, as our network is ridiculously flat and as much as I would like to put some Snort boxes on it what I would get would be overwhelming and pretty much useless anyway... so don't worry about that.

    My eldest son is starting out on A+ with the expectation of moving into security, and he recently had an acquaintance tell him that the score on the A+ made a difference. I explained to him that unless something had changed significantly, as long as he made the cut score he got the certification.

    While I can see some people wanting to get into the groups who scored above a certain amount, as far as I'm concerned the score is irrelevant as long as I passed. My GMON passing score wasn't that great and it was my first GIAC test as well, but regardless of that I passed and now I'm recognized as having the skills.

    Just as we have yet to tell my youngest who is just about to finish their undergraduate degree, the grades really don't matter as much as getting the credit hours....

    Congratulations!
  • elorionelorion Registered Users Posts: 3 ■□□□□□□□□□
    Just took the GMON exam and passed. I found it a decent challenge, but not in the same park as GCIA. As expected it was more geared towards architecture than getting in the weeds technically speaking. Create a solid index and read the books (highlight testable "stuff") and you should be golden.
  • hr1stovhr1stov Member Posts: 14 ■□□□□□□□□□
    How was the actual 511 course? I notice they added the bootcamp hours. What were those based around?
  • GT82GT82 Member Posts: 8 ■□□□□□□□□□
    I am about to sit this exam too. I did SEC511 back in July - so it's all a little fuzzy, but coming back to me as I review the books and listen to the audio files.

    It's my first GIAC exam, so I am a little nervous. Can anyone identify if all the content is covered in the 6 workbooks. (I assume they haven't been updated/changed since July). From the previous responses it looks like that's pretty much all that people brought with them (+an index)
  • alias454alias454 Member Posts: 648 ■■■■□□□□□□
    So if someone didn't want to fork out the cash for the class what materials would be the best to use for studying this?
    “I do not seek answers, but rather to understand the question.”
  • GT82GT82 Member Posts: 8 ■□□□□□□□□□
    I've always wondered this too. I did the GMON course, but if I wanted to do others. I saw there's a "self study" option on sans.org, which I think gives you books and audio, but with the associated cost you might as well do the class.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    http://www.amazon.com/Practice-Network-Security-Monitoring-Understanding/dp/1593275099/ref=sr_1_1?s=books&ie=UTF8&qid=1457124441&sr=1-1&keywords=richard+bejtlich <---This should help with the Network portion of the GMON exam especially since we utilized SecurityOnion in class. As for the EndPoint side of the house, I'll have to look around to see if there is a book that fits.

    The bootcamp hours were added due to student requests for more hands on. They revolve around NetWars and performing certain tasks in order to get the answers to questions. A lot of linux command line stuff along with some other tools.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
Sign In or Register to comment.