Question for anyone who recently took the GCIA

I have a question for anyone who's recently taken the GCIA. My buddy was GCIA certified and bought the books so he can renew it but he's now in a different role where he doesn't need the cert. Since he doesn't have a use for the books he let me them so that I can challenge the exam.

I've finished reading over the books twice and making my indexes and wanted some practice questions without paying SANS $120 or buying my exam voucher just yet. I couldn't find any review questions online so I found a braindump (Only using it as review; I am not relying on it) and many of the questions have content not covered in any of the books. My buddy bought the books around March last year and the books have a 2015 copyright on the first page. Although the books are recent, I'm sure its possible that some information may have been added, but I can't be sure if its a shitty braindump or if the books are already outdated.

For example, the braindump mentions tools like Dsniff, Nikto, Sniffer, NetStumbler, Cain & Abel, Galleta and AiroPeek. I'm familiar with some of these from messing around with Kali and watching Pentest videos, but these tools aren't mentioned in the books anywhere...

So my question is, based on the material that I have, could my books be outdated or is this braindump just giving me a false scare? I know that talking about braindumps are frowned upon but I want to make sure that my books aren't too outdated before spending $1k on the exam and finding out the expensive way.

Here's a picture of one of the books and packet header handouts and USB for reference

Find more posts tagged with

Comments

iBrokeIT

Are you really asking us about the validity of an illegal brain ****?

Suck it up and pay for the cert voucher and practices tests.

cyberguypr

HA! I just read your exact same post on Reddit.You have the official material and sound terrified. Are you sure you are willing to learn this stuff? Please know your audience. This place is packed with people who do not **** and study hard. If you want to do the right thing and study, welcome. If you rather stick to ****, please turn around and leave.

E Double U

If your **** are up to date you will be ok.

j.petrov

E Double U wrote: »

If your **** are up to date you will be ok.

LOL. There is no easy way through the GCIA. Pony up.

E Double U

j.petrov wrote: »

LOL. There is no easy way through the GCIA. Pony up.

Let him be the judge of that LOL.

Robicus

The brain **** seems wonky based on what you described. I'd ditch it and feel confident in the books. The books are all you need. I believe that the course was last modified in 2015. So those books seem pretty relevant.

infosec_guyy

iBrokeIT wrote: »

Are you really asking us about the validity of an illegal brain ****?

Suck it up and pay for the cert voucher and practices tests.

cyberguypr wrote: »

HA! I just read your exact same post on Reddit.You have the official material and sound terrified. Are you sure you are willing to learn this stuff? Please know your audience. This place is packed with people who do not **** and study hard. If you want to do the right thing and study, welcome. If you rather stick to ****, please turn around and leave.

Since you've seen my post on reddit, you probably saw my response there, but I'll post it here as well.

Obviously buying the exams from SANS would be the best option but if I spend $120 on a practice exam and find there's material on the practice exam that isn't covered in the book, I can't be sure that I'll still take the test, mostly because I don't know where all of my gaps in knowledge are.

Considering it's an open book test, I feel confident taking it now because I've already reviewed the material, taken notes, and done all of the exercises in the workbook using Approach #2. My confidence in passing the exam relies on the fact that my books are still current and there's nothing on the exam that I haven't seen in those books. However my confidence would of course waiver if someone told me that there's some information that will be on the exam that I haven't read before. Not to mention, someone can tell you to 'know' something for a test but there's no telling how well you need to know it for the exam.

For example, I can tell you that you need to know snort for this exam, but then how far should your knowledge on snort go? Do you need to know how to manually write rules or just install it? Do I need to know what shared object rules are? What command line switches should I be confident or familiar with? Those are questions that can only be answered by reading through the books

From what I've seen online, there aren't many people that I've seen that challenge the exam without either going to the SANS training or getting the books because SANS isn't keen on sharing exactly what you should know for the exam, and understandably so since they are charging 4.5k for training.

Robicus wrote: »

The brain **** seems wonky based on what you described. I'd ditch it and feel confident in the books. The books are all you need. I believe that the course was last modified in 2015. So those books seem pretty relevant.

Thanks, I suspected that was the issue. I just wanted to make sure that my books weren’t out of date.

blackedout

I passed the GCIA less than a month ago and the best thing about it is there is no way you could study a braindump and then pass the exam, its a beast of a test. The books that you have from SANS are the correct books, you need to make a detailed index and know the material, if you have to spend time looking up every question you will most certainly run out of time. Also the test is $1150 unless you went to a training source, you willing to bet that much money on a braindump I would put 0 faith in that. The practice exams you get when you register are all you need.

infosec_guyy

blackedout wrote: »

I passed the GCIA less than a month ago and the best thing about it is there is no way you could study a braindump and then pass the exam, its a beast of a test. The books that you have from SANS are the correct books, you need to make a detailed index and know the material, if you have to spend time looking up every question you will most certainly run out of time. Also the test is $1150 unless you went to a training source, you willing to bet that much money on a braindump I would put 0 faith in that. The practice exams you get when you register are all you need.

I have no intention on relying on a braindump to pass the exam, its way too expensive for me to put faith in what someone else says is on the exam. I wanted to use it for practice questions before spending money on the exam voucher. I work an entry level infosec job and my employer isn't paying me back, so I want to be sure I practice as much as possible since I'm spending my own money on this.

I was hoping I'd see some packet **** and questions that ask you to read the headers. I wouldn't expect that the same packet **** seen on the braindump would show up on the real exam (not sure how anyone would even remember all the hex to put on the braindump). After checking out the braindump and seeing unfamiliar material, that's when it occurred to me that my books may be out of date, which it seems that they aren't. I've since just captured some traffic on my home network using the Packettrix VM and have practiced reading raw tcpdump output so I guess that's the best I can do for now until I buy the exam voucher.

LionelTeo

Please read the Courseware License Agreement located at the start of every GCIA Course Book. It clearly states that the coursebook are non-transferable, doing so both you and your friend will be violating the use of the book, and GIAC reserves the rights the take the necessary action against you and your friend according to the licenese agreement stated in the coursebook. Not following the courseware license agreement, you would also likely be violating the GIAC code of ethics even if you had passed the exam; which may make your certification invalid. I strongly suggest you to take considerations what you are writing, and reflect on your current actions and stopped doing it.

infosec_guyy

LionelTeo wrote: »

Please read the Courseware License Agreement located at the start of every GCIA Course Book. It clearly states that the coursebook are non-transferable, doing so both you and your friend will be violating the use of the book, and GIAC reserves the rights the take the necessary action against you and your friend according to the licenese agreement stated in the coursebook. Not following the courseware license agreement, you would also likely be violating the GIAC code of ethics even if you had passed the exam; which may make your certification invalid. I strongly suggest you to take considerations what you are writing, and reflect on your current actions and stopped doing it.

Thanks for the information, i wasn't aware of that. Is the bolded part true even if he never took the exam to recertify? Essentially he bought the books, realized he didn't need them as he wasn't going to recertify, and then let me borrow them.

cyberguypr

Although temporary in essence, still sounds like a transfer to me.

infosec_guyy

cyberguypr wrote: »

Although temporary in essence, still sounds like a transfer to me.

Yea that appears to be the case. I re-read through the first page of the book and giving someone or letting someone borrow the courseware without SANS consent is against the CLA.

I can't justify the risk considering the exam is so expensive. It sucks to find this out after I spent all this time learning the material but I'll see if I can still list what I learned on my resume to get a better job.

cyberguypr

Have you considered a better, safer, cheaper way: https://www.sans.org/work-study/ ?

$900 for course, books, OnDemand access, and exam.

infosec_guyy

cyberguypr wrote: »

Have you considered a better, safer, cheaper way: https://www.sans.org/work-study/ ?

$900 for course, books, OnDemand access, and exam.

Yea I've heard about it but also read that its competitive to get into. I'll do more research into it since that seems to be the only "legit" way at this point. Thanks for the heads up.

beads

If you've ever taken an in person GIAC exam, or at least we used to, warn students that transferring materials is against the EULA in general. Its easy to gloss over and have seen my share of abuse but your still violating the spirit if not the letter of the agreement from a legal view.

Its been awhile since I have seen this question posted on the Tech Exams board but there are no after market GIAC books unlike say the CISSP which has become rife with such materials. Keep in mind that the overall purpose of the GIAC exams is to lead to there Master's degree not just a renewable certification.

Careful for what you wish. The exams are updated at least twice a year.

- b/eads