GMON passed

docrice · July 2016

Passed today with a 92. The GMON is my tenth GIAC cert. Took about 1.5 hours and sort of jetted through the questions in the name of getting through as quickly as I could. Likely could've scored higher but had to balance out the need to get back to work and get stuff done. The practice exam was very similar to the real one. Referenced the book a few times during the exam, the index helped a couple of times. At each checkpoint, I floated between 87 - 94%.

There were a few fruitcake questions but the majority I felt were pretty good and simulated real-world scenarios. However, you have to bear in mind the context of how the questions are framed. There's the exam-correct answer considering what the class material is trying to convey, but in the real world you can easily have been in situations where it isn't necessarily the case. I found myself weighing between these two ends. I imagine the CISSP exam being like this. Some of the questions also felt a bit vague and prone to misinterpretation. GIAC is usually good about this, or maybe I just didn't know the material well enough in specific areas.

I took the class back in May in San Diego. Finally got around to my final exam prep in the last couple of weeks. The class provides you an index, and normally I make my own but this time I made a very abbreviated one since a good bulk of the course was common sense for me. For the last few GIAC exams, I've relied extremely little on an index and went for the books directly.

SANS SEC511 was a fun course, but as someone who's been doing this sort of work for some time now the majority of the material was semi-review for me. So in my case, this exam was a bit easier than others I've taken. Your mileage may vary depending on your past professional work experience.

Have a spare GMON practice exam to anyone that wants it. Inbox me with your SANS portal account ID.

Iristheangel · July 2016

Congrats

zxbane · July 2016

Congrats!

cyberguypr · July 2016

Congrats on the pass! Happy to see you get a GIAC cert since you don't have any

LOL.

NetworkNewb · July 2016

Congratz!

chanakyajupudi · July 2016

Congrats! Fingers crossed for my exam. Have it in 3 weeks.

the_Grinch · July 2016

Congrats!! Have to agree with everything you said!

cgrimaldo · July 2016

congrats!

DAVIS NGUYEN · July 2016

Congrats!

docrice · July 2016

They're pretty quick about shipping these things.

I don't opt for the wooden plaque anymore since I just chuck these into a file folder. The GIAC site updates your profile right after you finish the exam.

JoJoCal19 · July 2016

Congrats on the pass! That's got to be a pain to keep up with recertifying 10 GIAC certs. You going to do the GSE (one cert to rule them all)?

cgrimaldo · July 2016

docrice wrote: »

They're pretty quick about shipping these things.

I don't opt for the wooden plaque anymore since I just chuck these into a file folder. The GIAC site updates your profile right after you finish the exam.

very nice!

docrice · July 2016

JoJoCal19 wrote: »

That's got to be a pain to keep up with recertifying 10 GIAC certs. You going to do the GSE (one cert to rule them all)?

Recertifying existing certs hasn't been that tough, actually. As long as I take a class each year and do the exam it seems to cover it. They're starting to add up though. The GSE is too much of a mental commitment right now. Even going through a class and exam is inconvenient since it takes a lot of time away from work.

oprime · August 2016

Congrats. I am taking my exam in a little over a month. Do you still have an extra practice test?

cavijayan · August 2016

Congrats ! You seems to have alot of GIAC Certs. Maybe should go for GSE ?

docrice · August 2016

oprime wrote: »

Do you still have an extra practice test?

Sorry, it was given away within moments of me posting about it.

cavijayan wrote: »

Maybe should go for GSE ?

As mentioned a couple of posts ago, I don't have the bandwidth.

rgstrdnny · August 2016

Happy to say I passed it today too!!! Yey to us!

g33k3r · August 2016

Congrats! Out of curiosity, being this is a relatively new cert, have people seen employers requesting this in job posts more often?

the_Grinch · August 2016

Congrats! I have seen increases in job postings for GMON, but have yet to be asked about it.

cyberguypr · August 2016

I've seen it slowly made its way into postings here in Chicago.

docrice · August 2016

I'm surprised employers are listing the GMON in their job postings as it's a rather new certification. That said, a hopeful sign of things to come. Seems many organizations equate information security as "buying/deploying new cyber gear" rather than in-depth investigative work, so if employers are getting more serious about acquiring talent to do real work then kudos to them.

vvimal9 · December 2016

Have today cleared GMON with 79%. What a great relief!!!

The context for the exam questions and practice test are entirely different. While the practice test is focused towards Course Materials, the real exam is on real world scenario.

My 2c for clearing

Prepare well using the course materials
Do a little more deep dive into relevant topics since the course materials wont bother too much or assume you ought to be knowing those.
Index ..Index..Index of what is referenced where so it will be easier while taking exams for referencing.
Read the question very carefully to check if its the detective/preventive thats being asked.

NetworkNewb · December 2016

Grats vvimal9. Looks like an interesting course.

TechGromit · December 2016

I was wondering how closely the SANS GMON compares to the BlackHat Network Forensics: Continuous Monitoring and Instrumentation course. The authors of the Network Forensics: Continuous Monitoring originally developed the course for SANS, but they were not happy with the money SANS offered for the course, Black Hat offered a better deal. SANS went on to develop there own course. the book is available from Amazon, https://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace/dp/0132564718 it's a far cheaper alternative to paying for a SANS course. I took the course from blackhat, and while good, a 5 day course doesn't begin to touch on all the 576 pages of material in the hardcover text book. When I have time to study the book, I'll order a SANS practice test and see how I do.

supasecuritybro · December 2016

Just found out I am going to Baltimore for this course in April. I am so excited to take it. Its my first SANS course/exam. I am a Security Engineer with a taste for PenTesting. I have also really been involved in SIEM integration and development. I believe this course is a great compliment for my path at this time. I am looking forward to the challenge. Any advice is openly welcomed.

gkhan · March 2017

Hi all
It’s my first SANS course - On Demand. I have completed the course including all labs and now I am preparing for Exam and doing revision of the course martial and working on Index.
I looking an advice form exam point of view, is it important to revise the labs and do I need to Index the work book.
Thanks in advance

GMON passed

Comments