Passed GPEN

quogue66quogue66 GREM GPEN GCIA GSEC GCFE GCFA GCIH GASF GSE (multiple choice)Posts: 157Member ■■■□□□□□□□
I passed the GPEN exam today. This is my fifth GIAC exam in 11 months and I think I'll be retiring from SANS courses/certs for a while....unless anyone knows of a GIAC record I can break. Has anyone taken 6 in a year? Maybe I can squeeze in one more lol. I'm going to start "pre-studying" for the OSCP course. I've read a few reviews and watched a couple videos and since time is literally money with this course I am going to prepare for the class before actually taking it.

As far as the SEC560 course goes it was a pretty decent class. They teach you the basics of pen testing. There is a lot of discussion about best practices, rules of engagement and scope. Scanning is also a big part of the course and it covers nmap, scapy, nikto, nessus, etc. The exploitation portion gets your feet wet with Metasploit, the meterpreter, Veil Evasion and netcat. Password cracking with Cain, John the Ripper and Ophcrack is also covered. There are sections on Powershell and Web app pen testing. Overall I think this is a great intro to pen testing. You won't walk out of the course and be the best pen tester in the world but it gives you a solid foundation of what's involved.

I started the class the last week of August. I watched some of the videos and read the books 3 times. I did all the labs twice and some I did 3 times. I haven't done the CTF exercise yet but I plan on it. I took my first practice exam on Saturday and scored an 88. I took my second one last night and scored a 90. The surprising thing was that the questions were completely different. This was a first for me. Usually there is a pretty big overlap. The actual test was a lot harder than the practice tests. I scored a 79.

Comments

  • nopx90nopx90 Posts: 20Member ■□□□□□□□□□
    WOW, 5 in a year? Who paid for all these lol.

    Congrats man! Maybe next year you can take GSE!

    Yeah, take a week or so of rest if you're planning to go on to the OSCP..... burnout is real.
  • quogue66quogue66 GREM GPEN GCIA GSEC GCFE GCFA GCIH GASF GSE (multiple choice) Posts: 157Member ■■■□□□□□□□
    Work paid for 2.5 of them, I challenged the GSEC out of pocket, facilitated GCFE out of pocket and paid for the exam for GCFA....for a total of $2500. Kinda sucks to have to come out of pocket that much but I guess I got the cert bug and went a little overboard.
  • ErtazErtaz Posts: 907Member ■■■■■□□□□□
    quogue66 wrote: »
    I passed the GPEN exam today. This is my fifth GIAC exam in 11 months and I think I'll be retiring from SANS courses/certs for a while....unless anyone knows of a GIAC record I can break. Has anyone taken 6 in a year? Maybe I can squeeze in one more lol. I'm going to start "pre-studying" for the OSCP course. I've read a few reviews and watched a couple videos and since time is literally money with this course I am going to prepare for the class before actually taking it.

    As far as the SEC560 course goes it was a pretty decent class. They teach you the basics of pen testing. There is a lot of discussion about best practices, rules of engagement and scope. Scanning is also a big part of the course and it covers nmap, scapy, nikto, nessus, etc. The exploitation portion gets your feet wet with Metasploit, the meterpreter, Veil Evasion and netcat. Password cracking with Cain, John the Ripper and Ophcrack is also covered. There are sections on Powershell and Web app pen testing. Overall I think this is a great intro to pen testing. You won't walk out of the course and be the best pen tester in the world but it gives you a solid foundation of what's involved.

    I started the class the last week of August. I watched some of the videos and read the books 3 times. I did all the labs twice and some I did 3 times. I haven't done the CTF exercise yet but I plan on it. I took my first practice exam on Saturday and scored an 88. I took my second one last night and scored a 90. The surprising thing was that the questions were completely different. This was a first for me. Usually there is a pretty big overlap. The actual test was a lot harder than the practice tests. I scored a 79.


    Congrats on the pass! I'm taking the class right now. Web app pen testing tomorrow, CTF on Saturday. I will try and build my indexes over the next 3 weeks and work through the labs a few more times before scheduling the test. Once that's done, on to oscp.
  • DAVIS NGUYENDAVIS NGUYEN Posts: 1,472Member ■■■□□□□□□□
    Congrats!
  • gwood113gwood113 Posts: 65Member ■■□□□□□□□□
    Congratulations! My two favorite courses were SEC560 and SEC504.
  • kaizen_404kaizen_404 Posts: 16Member ■□□□□□□□□□
    Congrats! I've only taken one SANS course but I've taken PWK and passed the OSCP. From the looks of your background and having just passed GPEN, OSCP will pretty fun.
  • bigdogzbigdogz Posts: 522Member ■■■■□□□□□□
    Congrats on the pass. I will be working on my GPEN next month or two after I hit the CCSP.
  • yomistayomista Posts: 23Member ■■□□□□□□□□
    Congrats!! I'm looking tot ake GPEN next after GCED :)
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Posts: 1,888Member ■■■■■■■□□□
    nopx90 wrote: »
    Congrats man! Maybe next year you can take GSE!

    He'll need the GCIA first, but at the rate he's burning though certification exams, He'll have no trouble getting that.
    quogue66 wrote: »
    I'm going to start "pre-studying" for the OSCP course. I've read a few reviews and watched a couple videos and since time is literally money with this course I am going to prepare for the class before actually taking it.

    I would like to go for this in the future as well. I heard you need to be proficient in Linux, which is something I'm weak in, I'll probably go for Linux+ to prep for it. Congratulations, and I thought I was doing pretty good getting two SANS certs in 8 months. :)
    Still searching for the corner in a round room.
  • Cora_PanCora_Pan Posts: 26Member ■■□□□□□□□□
    quogue66 wrote: »
    ...
    I started the class the last week of August. I watched some of the videos and read the books 3 times. I did all the labs twice and some I did 3 times. I haven't done the CTF exercise yet but I plan on it. I took my first practice exam on Saturday and scored an 88. I took my second one last night and scored a 90. The surprising thing was that the questions were completely different. This was a first for me. Usually there is a pretty big overlap. The actual test was a lot harder than the practice tests. I scored a 79.

    I have a question regarding the labs for the GPEN exam. Did you the labs only in the class or you setup your own PenTest lab at home? If so, how did you setup your lab? Just give me some hints if possible. Thanks in advance!
  • quogue66quogue66 GREM GPEN GCIA GSEC GCFE GCFA GCIH GASF GSE (multiple choice) Posts: 157Member ■■■□□□□□□□
    The labs are mostly done through a VPN. They provide you with an OpenVPN client and config. You will connect to their VPN using your Windows device and their Slingshot Linux VM that is provided by SANS.
  • Cora_PanCora_Pan Posts: 26Member ■■□□□□□□□□
    Thank you quogue66 for your prompt response!
  • RobicusRobicus CISSP, GSE #202, GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, eJPT Posts: 140Member ■■■□□□□□□□
    Congratulations! I respect your tenacity and your thirst for getting certified!

    I'm scheduled to take the GPEN next month. I plan on taking my first practice exam this weekend.

    Congrats again. Thanks for sharing!
    What's Next? Sans Cyber Security Master's Degree (MSISE) [Currently Enrolled]
    ... Progress { | | | | | | | | | . } // 95%

    CISSP, GSE #202, GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, eJPT
Sign In or Register to comment.