GWAPT - Tips/Advice?

Hello TE,

I took the SEC542 course over the summer. Unfortunately, shortly after completing the course had lots of crazy family/life type events. I am now finally able to focus again since early last week. I am listening to the seminar and should be done through it tomorrow. Then I will take my time and go over the material again this time taking notes and creating an index... at a slower more critical pace. I have the exam scheduled for end of the month as I have a work deadline for it, so that is helping with the discipline. I am officially in study zone.

I do web app testing for a living granted I have only been doing it for 3+ months now. We do part manual and part Burp Pro. I am getting nervous for the exam especially since I will not get reimbursed for training until I pass the exam. Someone was telling me the exam is not that difficult but they have been doing web app testing for years. However, I was thinking since it is just a 5 day class of actual material, and it's open book would it really be that hard as long as I put in the work to study the provided material and index?

I plan to take a practice exam end of this week and calibrate on weak areas from there. Do you have any other tips/advice/thoughts on the GWAPT? Anyone have an amazing index I could use as a template or good **** sheets outside of what SANS provides?

Thanks!

Find more posts tagged with

Comments

TechGromit

Your practice exam is really going to tell you were you stand of being ready for it or not. Usually if you put the study time in, and build a good index you'll pass. Don't recommend cramming all your studying a week before your exam.

E Double U

^^^^ Pretty much!

supasecuritybro

+1 on the advice above

636-555-3226

From what I heard (and take this with a BIG grain of salt considering my less-than-reliable source), SANS/GIAC has been putting more effort into their exams lately with some of the newer material. SEC542 had a big rewrite this year (again, so I hear) and either the test has a lot of old material from stuff that isn't in the new books or they're upped their game with the new questions. Guy I know who took it said the exam was much harder than the practice questions which themselves were the usual run-of-the-mill straight out of the book stuff we all know and quasi-love.

Not sure if your material was the old stuff or new stuff, or where it'd fall into the exam questions. Not trying to get you down, just letting you know what I heard. Post back afterward and give us the truth!

ZzBloopzZ

Thanks for the response 636. I will start cramming even harder now and assume the exam is super hard instead of the easy that I have been reading around granted the few people that said it was easy, they took exam back in 2015 or before.

Hopefully someone that took exam in 2017 could post some feedback here.

kiki162

I can confirm that earlier this year they had a major update to the GWAPT exam material. Yes, the exam was much harder then the practice, plus I saw a lot of questions that were not in my course material, which made me think WTF?! I missed it by 3 points, and decided a retake was not worth my time or money.

One would think that if there was any type of updates for an exam, GIAC would provide that material to those who have taken the course. Although the courses are great, and you certainly learn a lot, SANS/GIAC really needs to up their standards when providing updates for course material. Even if they did have that available, they would be charging for that too.

Sure if you have a lot of real world experience, then the exam would be a piece of cake. Since you are just starting out, my advice would be to take the information you learned from the course, and bypass the exam all together.

ZzBloopzZ

Hello kiki,

Thank you for your detailed response. Unfortunately, I do have to take the exam due to a work requirement. I am starting to stress out now based on your response. I do feel the material is pretty basic/foundational. The only area I really will focus on next weekend is the SQLi but the other stuff does not seem too bad. I will definitely be making a full index/**** sheet for every tool and syntax mentioned in the material as I do not use most of them. What month did you take the exam? Hopefully they have the exam more in line with the material now.

Stylesheets

I have a background in web app development. I took the GWAPT in the summer of '16. I can't speak to Kiki's claim that the material changed. However, I will say that the practice exams helps. While the questions will be different on the exam, they will be similar in context. Meaning, if you're missing questions on the practice exam related to NMAP parameters then I'd study all of the NMAP commands , not just -sV.

The other advice I'd give you is do the labs. I did not. I regret it. Like a lazy ******* I didn't do it and it almost cost me. I barely passed.

I read the books 3 times, made an index (!important), and studied the practice exams content. I don't actually think I watch all the lectures.

I'm not smart. I struggle with reading and comprehension. I also forget a lot of things. For example, what was that command for identifying a blind SQLi again? I don't remember but it's on my index! I'm aware of my weaknesses and learned to cope by studying more and being resourceful. I learned a lot about recall and studying skills watching the crash course channel (https://www.youtube.com/watch?v=IhuwS5ZLwKY&list=PL8dPuuaLjXtNcAJRf3bE1IJU6nMfHj86W) . Also watch the computer science Crash Course channel so you can learn about the basics which helped me to put some of the GWAPT content into context that i could relate to and understand. Which in turns helped me to remember.

Make your index, make it good, and do it thoroughly. It will really help you to focus and remember. Dont be like me and wait the last week before studying. Dont be like me and avoid the labs. If you do all I said you'll be a lot more prepared than I was and I passed.

TechGromit

kiki162 wrote: »

One would think that if there was any type of updates for an exam, GIAC would provide that material to those who have taken the course.

I asked this exact question at the last SANS conference I attended. I was told that when you registered for your exam, your exam would be based on the course materials you possessed. Regardless if they had a complete rewrite of the material, your test should have been based on the material available before this re-write. If you believe your exam had significant content that was not in the material you possess, I would write SANS and ask them to confirm the exam you took was based on the material version you have, and not the new exam. If there's a discrepancy, perhaps they will give you a retake, or send you updated material. Can't hurt to ask.