Passed GCFE
I took the GCFE exam a couple days ago and passed with an 84. The exam was much more difficult than I expected. I felt like this exam, more than the others, required a solid core foundation of the material. It is always helpful to have a good index but the index wasn't as much of a factor for this test. The test was 115 questions and 3 hours long and I used the entire time. I took the SANS FOR408 class in Philadelphia in early March. Then I read the books cover to cover and made my index and some notes, took the 2 practice tests (scored 78 and 87) and took the test. I probably should have spent more time studying and working with the tools but I wanted to get this out of the way.
Comments
-
636-555-3226 Member Posts: 975 ■■■■■□□□□□Congrats man. Mind writing up some thoughts on the material? Useful in daily life? If someone was on the fence with taking this test, what kind of good skills would they take out of it? Recommend it to someone with a base level of knowledge or a good foundation already in place?
-
quogue66 Member Posts: 193 ■■■■□□□□□□The material is definitely relevant and useful for real world forensics. They teach you a lot of great tools and best practices for forensic analysis. They tell you where to look in the registry, what you can and can not find, browser forensics, event logs and even discuss what may be recovered if deleted. I took two forensics classes in college (2011 and 2014) and that was a good enough foundation for the class. If you're specifically asking about the exam and what type of skill set is required to pass without the class I'm not really sure how easy that would be. The material in the class is catered to the exam or vice versa.
-
cyberguypr Mod Posts: 6,928 ModCongrats on the pass. In regards to real world forensics, I just finished taking 3 EnCase classes (working on EnCe practical right now) and can tell you that GCFE and course FOR 408 cover way more real life hands-on stuff that what EnCase covers.
-
cyberguypr Mod Posts: 6,928 ModFOR 408 (GCFE) is Windows Forensic Analysis covering of course Win artifacts, USB, shell items, browser, email, etc. FOR 508 (GCFA) is Advanced Digital Forensics and Incident Response covering kill chain, memory forensics, timeline analysis, etc. Both courses are Windows-centric.
-
JoJoCal19 Mod Posts: 2,835 ModCongrats on the pass!!! How helpful is FOR408 to security engineers or other security positions? Curious just in case I get picked to facilitate it instead of one of my other choices.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
testing010101 Member Posts: 22 ■□□□□□□□□□Congrats on the pass!!! How helpful is FOR408 to security engineers or other security positions? Curious just in case I get picked to facilitate it instead of one of my other choices.
Depends on how much forensics those engineering positions are actually performing. IMO the class was very applicable to a day-to-day digital forensics analyst. -
Robicus Member Posts: 144 ■■■□□□□□□□Awesome job! It sounds like your worked very hard and put the time in. Congratulations!What's Next? eLearnSecurity's eCIR
MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP