Gmon/sec511

wes allen · May 2016

TL;DR Great course content, easy exam. Would probably be a good one to challenge if you have been doing infosec for awhile and want/need a SANS cert.

Just passed with a 92, in about an hour. The course material is outstanding, but I found the exam to be almost disappointingly easy/entry level. Or at least it felt entry level to me. For prep - I watched the on demand videos off and on over the last few months, built a very basic index, and took one practice exam this morning. No actual study time. I passed the practice exam with an 82 without using the books, and maybe used them for around ten percent of the actual exam questions.

The course material is very good, and I enjoyed the videos quite a bit. Very little of the content was new to me, but he did a very good job bringing it ltogether into a coherent, actionable framework.

I took the SANS 505 securing windows course last year, and it seemed way more detailed and in depth. I never took the test though, so not sure what it was like in comparison.

chanakyajupudi · May 2016

Nice review. I am hoping to pass it as soon as I finish the course. I am doing the work study in two weeks in Australia.

docrice · May 2016

I just took SEC511 at SANS Security West in San Diego (today was the last day). While a lot of the material wasn't new to me, the way it was put togther had a lot of value. The Day 6 capstone challenge was a lot of fun, especially considering that it was the very first 511 class which handed out coins (specific to 511) to the winning team, similar to the ones awarded in 504 and 560. My team was very close to winning and we were actually in first place most of the time. So, so close...

I intend to follow-up for the exam. I thought the course had real-world relevance (using real-world data) and it's the kind of material that all enterprise defense teams should either take or at least consider the type of mindset which is taught here. The world would be a better place with it.

One interesting thing about 511 is that most days are longer than most SANS 6-day classes. There's a bootcamp at the end of each day which is a (self-paced) NetWars challenge that goes over the day's content. It's an excellent complement to the lectures and labs. This is why the class is worth a whopping 46 CPE credits.

In addition, the VMs you get for the labs also has a built-in wiki for the labs (with videos), CLI cheatsheets, references, as well as an index which one could use for the GIAC exam, although I still highly recommend everyone to build their own. Each lab exercise provides options to go through it with minimal hints, some step-by-steps, or straight to the answers so you can reverse-engineer the labs' inner-working if you're not technical enough. In other words, anyone can play.

Eric Conrad is a very good instructor and made the material very relatable with plenty in-the-trenches war stories. I only wish I had taken something like this years ago.

the_Grinch · May 2016

Man your class got challenge coins?!? They were still being minted when my class was run and we actually won (well tied) the challenge!

docrice · May 2016

We were the first 511 class to award challenge coins ... and my team was real close to winning up to the last hour. Nail-biting experience. Just one more question answered and we would've won.

A great CTF (or DTF I guess) event nonetheless.

Gmon/sec511

Comments