Looking for GICSP material

jimmyfengzhaoxujimmyfengzhaoxu Registered Users Posts: 1 ■□□□□□□□□□
Hi all , I want to pass the GICSP exam without taking the 5-6k training course. Any one took such course and willing to sell the books and the usb? Or any other way to pass the exam with self study, With lower cost?


  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Friendly reminder: SANS specifically calls out that books can't be sold, rented, copied, etc. without express written permission.
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Ah, but so much fun is to be had at a live conference! Understandably, though, if you're going out of pocket then it's all but impossible unless you're already wealthy or have strong expectations the raise you get from having the cert outweighs the cost.

    SANS doesn't allow their material to be resold, but that doesn't mean people don't do it. Life finds a way, after all.....
  • fabostrongfabostrong Member Posts: 215 ■■■□□□□□□□
    I thought about taking a SANS course without the class also. I know you can find their books on ebay sometimes.
  • gluesniffmonkeygluesniffmonkey Registered Users Posts: 5 ■■■□□□□□□□
    I passed the GICSP exam last year after attending the ICS 410 in Abu Dhabi last year with Thomas Brandsetter as instructor. If you can do the course onsite I highly recommend Thomas Brandsetter. We got some extra insights into the Stuxnet response from his perspective as the Siemens vendor response. He also has a good webcast which is worth watching on  Securing industrial control systems: A peek into building automation security.

    As a few people say going to the Live training gives you some networking opportunities which can be as valuable as the course itself.

    Having said the above I think the GICSP can be passed self study. Unlike the GCIH (which I also passed a few weeks back), there were no Linux or Windows virtual labs on Vmware during the exam. While it has technical elements I find the GICSP to be managerial focused. I don't think that is a bad thing either. It appears to me the GICSP is aimed at getting IT and OT to have a common language and methodology for developing security solutions in ICS/SCADA and Building/Factory Automation environments. The GICSP is also more Blue Team focused.

    I would recommend at a minimum purchasing the hard copies of three books listed in the Suggested Reading on the right of the SCADAHacker website.  You need hard copies so you can take them in the exam center. He has lots of links to additional reading.

    Also spend some time on A Collection of Resources for Getting Started in ICS/SCADA Cybersecurity by Robert M. Lee from Dragos who is also a SANS Instructor. He recommends many of the same books as SCADAHacker plus a few more.

    Read everything, including the Posters in the SANS ICS Library.

    I highly recommend purchasing at least one practice test. I find my grades on the practice tests are similar to the actual. You can find out if you are weak in any area. If I had not done the practice tests for my GCIH I would not have know about the new labs and might not have known how to solve them.

    Good luck!

    The device drivers appeared to have been programmed by glue sniffing monkeys.
  • mig2000mig2000 Member Posts: 1 ■□□□□□□□□□
    Jimmy, were you able to find the books? I had the 2018 books and couldn’t pass the test because there were materials that were not in the books. 
  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    The only thing that I deplore from SANS are that the price for Self-study, Online or in-person class are the same. Self-study or Online should be lower. There are not much option (except work-study program) to get a lower price. 
  • amulyachilukuriamulyachilukuri Member Posts: 1 ■■□□□□□□□□
    edited April 2021
    Has anyone taken the GICSP exam recently? 
  • grojas1990grojas1990 Member Posts: 1 ■□□□□□□□□□
    Hi, i'm on the same position as you, i was searching for information on internet and founded your comments, did you find answers or references ?

    Thanks in advances.
Sign In or Register to comment.