GPEN - Passed!!!
supasecuritybro
Member Posts: 206 ■■■■□□□□□□
in GIAC
Just got home from taking the exam and it was pretty intense. It was my first go at a SANS exam and the whole experience really prepares you to learn the material. I can see how just getting the books and making an index can get you there but you really would be working hard against a clock to find the needed material. I was able to learn where certain topics were discussed after reviewing each book like five times getting the index right. I am glad I passed. On to the next one.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Comments
-
636-555-3226 Member Posts: 975 ■■■■■□□□□□Congrats. I use stuff I learned in 560 more than any other SANS course I've taken. What's next?
-
supasecuritybro Member Posts: 206 ■■■■□□□□□□636-555-3226 wrote: »Congrats. I use stuff I learned in 560 more than any other SANS course I've taken. What's next?
Thanks! I was already working on the eCPPT before I got selected for the 560 WorkStudy. I am going back to that since my job paid for it.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
JoJoCal19 Mod Posts: 2,835 ModCongrats on the pass!! Do you think doing the labs in the material prepped you the best for the exam, or more memorizing what you read in the course material?Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Congrats on the pass!! Do you think doing the labs in the material prepped you the best for the exam, or more memorizing what you read in the course material?
Both, you need to know what a command output looks like. Without that, knowing definitions and stuff like that will not help. There was a lot of questions where it wasn't exactly in the book but the idea was there, you had to know how to use the specific tool or method.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
Robicus Member Posts: 144 ■■■□□□□□□□Congratulations! I found the GPEN to be one of the harder ones I've taken. Great job again!What's Next? eLearnSecurity's eCIR
MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP -
InCryptable Member Posts: 36 ■■□□□□□□□□supasecuritybro wrote: »On to the next one.
What are you taking next for a test? SANS courses? -
Hornswoggler Member Posts: 63 ■■□□□□□□□□Congrats!!!
edit: curious your thoughts on overlap between the GPEN/SEC560 and eCPPT?2018: Linux+, eWPT/GWAPT -
clarkincnet Member Posts: 256 ■■■□□□□□□□Congrats!Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F -
supasecuritybro Member Posts: 206 ■■■■□□□□□□InCryptable wrote: »What are you taking next for a test? SANS courses?
SANS courses are a bit steep. I think I can self-study for the GMON since looking at the requirements, I do a lot of that kind of work already and I have been messing with Security Onion a little. I signed up for another work study and hope I get selected. I am going to continue working on the eCPPT since I had to place it on hold since I was selected for GPEN workstudy.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Hornswoggler wrote: »Congrats!!!
edit: curious your thoughts on overlap between the GPEN/SEC560 and eCPPT?
The GPEN is an excellent course and better taken in class so you can have the interactive lab work with it. I loved the class and Ed Skoudis is the truth when it comes to this stuff. The guy is so good. eCPPT really goes into the depth of PenTesting. You are doing some serious material with each section. The topics do overlap a little but eCPPT goes more in depth. As far as building from one part to the next, that’s the same. I signed up for the eCPPT before starting the GPEN so I placed it on hold to get the GPEN done.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
InCryptable Member Posts: 36 ■■□□□□□□□□supasecuritybro wrote: »The GPEN is an excellent course and better taken in class so you can have the interactive lab work with it. I loved the class and Ed Skoudis is the truth when it comes to this stuff. The guy is so good. eCPPT really goes into the depth of PenTesting. You are doing some serious material with each section. The topics do overlap a little but eCPPT goes more in depth. As far as building from one part to the next, that’s the same. I signed up for the eCPPT before starting the GPEN so I placed it on hold to get the GPEN done.
...just curious (as I have not been following along, in case you already gave this info),
But how did you do the GPEN training? Was it via onDemand video training?
I'm getting ready to start the onDemand GPEN training - and wondering if maybe I should choose something else.
I just got done with GCIH and passing that seemed difficult...especially not using the tools much beyond the labs.
My understanding with GPEN...is that it is much more lab based and you are using the tools very extensively??? -
Hornswoggler Member Posts: 63 ■■□□□□□□□□GPEN and GCIH here, throwing in my $0.02...InCryptable wrote: »...just curious (as I have not been following along, in case you already gave this info),
But how did you do the GPEN training? Was it via onDemand video training?
I took mine via Simulcast during Pentest Austin this past March. The classes were live and I did it from home 9a-5:30pm central time Monday through Saturday. There are some small pros/cons to Simulcast vs the other formats, but I felt it was every bit as good from a learning experience vs being there in person. The class was broadcast via GoToMeeting with access to the recorded video posted a day later for review. I was able to VPN into the three nights of NetWars and participate live along with the event (Coin-a-palooza so I earned my 504 and 560 challenge coins!!!).
Day 6 CTF I was paired up with 5-6 other Simulcast students but only 3 of us were actively working on it. We achieved the challenge and came in 3rd. Sometimes I work from home so the virtual team format felt normal and productive. Probably could have gained some time in person via direct delegation.
Pros vs live event:
No lugging around laptops and books.. all right there on my desk in the morning!
No need to get dressed, shower, or even brush teeth!
Cons vs live event:
On your own for snacks.
Passed my GPEN exam ~7 weeks after taking the course with a 94%. The materials are excellent and no disadvantage over the Simulcast format.
For reference I took 504 (GCIH) via SANSFire 2016 in DC. I miss the FOOD that was nearby the event hotel!!!InCryptable wrote: »I'm getting ready to start the onDemand GPEN training - and wondering if maybe I should choose something else.
I just got done with GCIH and passing that seemed difficult...especially not using the tools much beyond the labs.
My understanding with GPEN...is that it is much more lab based and you are using the tools very extensively???
Having done the GCIH first was a huge help in getting up to speed. These classes can be like drinking from a firehose over 5-6 days and it's better to keep up than get lost. GPEN will give you another chance (with more labs!!) to learn the tools, dive deeper, and discover ways to apply them in a testing scenario. Plenty of hands-on hacking but the real value to me is understanding Ed's approach to the business side of pentesting, the methodology, the discipline, thinking like a hacker, and applying the findings to maximize business value. From what I understand, it isn't the exploit hack-a-thon and priv escalation of PWK but will give you a structured approach to the different phases. More about getting credentials, then what you do with them (pstools, powershell, bash, remote shells, relays, etc). After the class I was able to apply it at work immediately. 560/GPEN is great but not the end of my journey for technical skills. Ed will tell you it's the business side (scope docs, reports, consulting, professionalism, etc) that make the big money.
There are more labs in 560 than 504, yes. Both are great experiences!!!2018: Linux+, eWPT/GWAPT -
jjones2016 Member Posts: 33 ■■■□□□□□□□Congratulations! GPEN is definitely an eye opener. Great source of reference materials!!!
-
InCryptable Member Posts: 36 ■■□□□□□□□□Hornswoggler wrote: »GPEN and GCIH here, throwing in my $0.02...
I took mine via Simulcast during Pentest Austin this past March. The classes were live and I did it from home 9a-5:30pm central time Monday through Saturday. There are some small pros/cons to Simulcast vs the other formats, but I felt it was every bit as good from a learning experience vs being there in person. The class was broadcast via GoToMeeting with access to the recorded video posted a day later for review. I was able to VPN into the three nights of NetWars and participate live along with the event (Coin-a-palooza so I earned my 504 and 560 challenge coins!!!).
Day 6 CTF I was paired up with 5-6 other Simulcast students but only 3 of us were actively working on it. We achieved the challenge and came in 3rd. Sometimes I work from home so the virtual team format felt normal and productive. Probably could have gained some time in person via direct delegation.
Pros vs live event:
No lugging around laptops and books.. all right there on my desk in the morning!
No need to get dressed, shower, or even brush teeth!
Cons vs live event:
On your own for snacks.
Passed my GPEN exam ~7 weeks after taking the course with a 94%. The materials are excellent and no disadvantage over the Simulcast format.
For reference I took 504 (GCIH) via SANSFire 2016 in DC. I miss the FOOD that was nearby the event hotel!!!
Having done the GCIH first was a huge help in getting up to speed. These classes can be like drinking from a firehose over 5-6 days and it's better to keep up than get lost. GPEN will give you another chance (with more labs!!) to learn the tools, dive deeper, and discover ways to apply them in a testing scenario. Plenty of hands-on hacking but the real value to me is understanding Ed's approach to the business side of pentesting, the methodology, the discipline, thinking like a hacker, and applying the findings to maximize business value. From what I understand, it isn't the exploit hack-a-thon and priv escalation of PWK but will give you a structured approach to the different phases. More about getting credentials, then what you do with them (pstools, powershell, bash, remote shells, relays, etc). After the class I was able to apply it at work immediately. 560/GPEN is great but not the end of my journey for technical skills. Ed will tell you it's the business side (scope docs, reports, consulting, professionalism, etc) that make the big money.
There are more labs in 560 than 504, yes. Both are great experiences!!!
Thanks for taking the time to superbly write-up and summarize your experience. I really appreciate it.
Based upon everything I've read here on this post and these forums, I'll be choosing the GPEN for my next course! It'll be my 3rd SANS certification class in the past 3-4 months! I've made various contacts here on this website over the past couple of months and have received amazing support, notes, and guidance. Thanks again!
P.S. The snacks at the first two courses were eh...but yea, I guess I'm on my own for my own snacks this go-around. ...and I recommend brushing at least twice a day! -
_nessie_ Member Posts: 39 ■■■□□□□□□□supasecuritybro wrote: »Thanks! I was already working on the eCPPT before I got selected for the 560 WorkStudy. I am going back to that since my job paid for it.
Congrats
I passed mine this morning and was in the same situation. Also got selected for a work-study last month .. I used the eCCPT labs to prep a bit more for the GPEN .. wasn't really necessary but still fun -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Congrats
I passed mine this morning and was in the same situation. Also got selected for a work-study last month .. I used the eCCPT labs to prep a bit more for the GPEN .. wasn't really necessary but still fun
CONGRATS!!
How did you like the eNDP?Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
quogue66 Member Posts: 193 ■■■■□□□□□□Congrats! GPEN was definitely one of the harder ones but it was also one of the funnest classes.
-
_nessie_ Member Posts: 39 ■■■□□□□□□□supasecuritybro wrote: »CONGRATS!!
How did you like the eNDP?
Thanks.
Well, I now realize I didn't write a write-up on here like I did for some other certs. Shame on me.
I actually got into the eNDP for a particular reason ... I felt like I was 'missing' stuff for the PTP and thought it wasn't a bad thing looking at the other side first ..
It was quite a diversion, but still interesting .. from a defensive point of view, as said: other side.
I think it provides a nice overview on defensive measures and the reasons why you would/should implement them.
I also liked the exam where you have to crack up the defensive measurements and write a report on that.
I definately should write something up more in detail, but I'm not going to hijack your thread