Passed GCFE

in GIAC
As the title says, I passed GCFE Saturday with 89%. I took the class 2 months ago in DC (review here). Came back and spent some time reviewing the OnDemand course. I also hit the labs again to practice browser forensics and some of the tools. I took one of the practice tests and got a 79% without using the index. Not bad considering the sheer amount on minutiae covered. I then spent 2 weeks building the index, which ended up being 13 pages mostly detailing where every registry key for every artifact covered in the course is located. With so many similar keys is super easy to get them confused. The second practice exam using the index got me a 92%. I stuck to my "term, book, page, description" format as seen here: http://www.techexams.net/forums/sans-institute-giac-certifications/98047-passed-gcih.html.
The obligatory question is "what's next?" My boss was extremely generous and purchased and EnCase annual training passport for me so the immediate plan now is to hit the EnCase OnDemand training in order to prepare for the EnCe certification. I'm thinking to kill this by February/March. Once this is out of the way I need to decide which SANS course I'll be hitting in 2016. Right now I am debating between FOR 508, 578 Threat Intel, or 511 Continuous Monitoring. Most likely I will end up having my employer pay for one and do a second one out of pocket through Work Study here in Chicago.
The obligatory question is "what's next?" My boss was extremely generous and purchased and EnCase annual training passport for me so the immediate plan now is to hit the EnCase OnDemand training in order to prepare for the EnCe certification. I'm thinking to kill this by February/March. Once this is out of the way I need to decide which SANS course I'll be hitting in 2016. Right now I am debating between FOR 508, 578 Threat Intel, or 511 Continuous Monitoring. Most likely I will end up having my employer pay for one and do a second one out of pocket through Work Study here in Chicago.
Comments
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Congratulations.
MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP
2018 Goals - [ ] GSE Lab [ ] OSCP Enrollment
Late 2018-Early 2019 Goals: [ ] RHCSA [ ] RHCE
My role is not 100% forensics, but when I forensicate it must be done the right way and it must be done quick. The class definitely helped optimize my process. One of the greatest aspects of the course is that it show you a boatload of Windows artifacts, how to process them manually, how to process them with tools, as well as the nuances from Windows XP through 10. The same applies for the most popular browsers, going from the oldest to the latest versions.