Options
Passed GPEN This Weekend
Hey All. Took the test and passed with an 82%. Three hours may seem to be a lot of time, but trust me, it goes FAST if you find yourself hunting through the books and index for each question.
My recommendations:
1. Anyone who tells you that you need a 50+ page index is crazy IMO. Throughout the whole test, I used my 10 page index less than 15 times.
2. Knowledge of the material is your best resource. I found that I knew more off the top of my head than having to hunt for the answer in the books. Knowing the material is a better advantage than building a huge index and hunting for answers. Your time will deplete very quickly if you have to resort to this.
3. ACTUALLY READ THE BOOKS. Can't stress this any more. Especially the first book which has less technical information. While penetration testing is mostly technical in nature, reading the books will fill in gaps about the tools and procedures. You will also NEED to know the business side of pentesting.
4. DO THE LABS. You will gain more understanding of the tools than just reading alone. There are more questions regarding the OUTPUT of a tool than how it works. Ex: Which answer is the output of "nmap -sS -O 192.168.1.1"
5. A lot of questions will require you to use plain ole common sense. Read the question, and if you are immediately unsure of the answer, take a step back and choose the answer that makes the most sense.
6. The clock is your true enemy! Early in the test, I realized that I spent 15 minutes on ONE question! That is a HUGE mistake. Don't be afraid to skip a question and return to it later.
7. Your index needs to be an "information location guide", not a quick reference sheet. If each entry in your index covers multiple lines, then it is no longer an index. After completion, my index had only 351 entries. All included a base topic title, book #, book page(s), a light description, and a "High", "Moderate", "Low" indicator informing me of information verbose level. Even with all of that, I still barely used it.
My recommendations:
1. Anyone who tells you that you need a 50+ page index is crazy IMO. Throughout the whole test, I used my 10 page index less than 15 times.
2. Knowledge of the material is your best resource. I found that I knew more off the top of my head than having to hunt for the answer in the books. Knowing the material is a better advantage than building a huge index and hunting for answers. Your time will deplete very quickly if you have to resort to this.
3. ACTUALLY READ THE BOOKS. Can't stress this any more. Especially the first book which has less technical information. While penetration testing is mostly technical in nature, reading the books will fill in gaps about the tools and procedures. You will also NEED to know the business side of pentesting.
4. DO THE LABS. You will gain more understanding of the tools than just reading alone. There are more questions regarding the OUTPUT of a tool than how it works. Ex: Which answer is the output of "nmap -sS -O 192.168.1.1"
5. A lot of questions will require you to use plain ole common sense. Read the question, and if you are immediately unsure of the answer, take a step back and choose the answer that makes the most sense.
6. The clock is your true enemy! Early in the test, I realized that I spent 15 minutes on ONE question! That is a HUGE mistake. Don't be afraid to skip a question and return to it later.
7. Your index needs to be an "information location guide", not a quick reference sheet. If each entry in your index covers multiple lines, then it is no longer an index. After completion, my index had only 351 entries. All included a base topic title, book #, book page(s), a light description, and a "High", "Moderate", "Low" indicator informing me of information verbose level. Even with all of that, I still barely used it.
WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses: Done!!!
Start Date: Jan. 1st, 2012
Courses: Done!!!
Comments
-
Options
kanecain
Member Posts: 186 ■■■□□□□□□□
Thanks!WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses: Done!!! -
Options
JoJoCal19
Mod Posts: 2,835 Mod
Congrats on passing the GPEN!Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
OptionsTechGuru80
Member Posts: 1,539 ■■■■■■□□□□
Congrats!
Although I get your intention about the index comments, I actually have some different perspectives on the subject.
-In the index you definitely don’t want to rewrite the whole set of books and I think everybody agrees on that, however at minimum making sure every major term is included with book/page/term is going to be helpful if you have a mind blank moment. Personally, I tend to make my index more thorough than a lot of people probably do, because I want to be able to reference the material after the fact...the exam is not the end goal but it is on the path.
-If you have a small index, it can be very hard to return to the material and pick back up the details without rehashing more than necessary. Additionally, your brain can only hold so much information, so unless you don’t have very many certifications, it could be harder to retain the material...and then you have to go through the material fully later again.
-Some people learn differently but taking notes...or indexing...is a good way to help with memory retention. -
Optionskanecain
Member Posts: 186 ■■■□□□□□□□
In that case it would be better for one to create a "test index" and a reference index for later non test related use. I just felt if I spent more time hunting for answers, the quicker time would run out. On average, one will have around two minutes to answer each question in time. The more I read about SANS tests, the more I realized that people seem to put more emphasis on index creation than actually learning the material. I still believe that reading the books, doing the labs, and listening to the mp3s will put one at a greater advantage compared to a monster index. But I do agree, an index with high level terms is a safe bet.TechGuru80 wrote: »Congrats!
Although I get your intention about the index comments, I actually have some different perspectives on the subject.
-In the index you definitely don’t want to rewrite the whole set of books and I think everybody agrees on that, however at minimum making sure every major term is included with book/page/term is going to be helpful if you have a mind blank moment. Personally, I tend to make my index more thorough than a lot of people probably do, because I want to be able to reference the material after the fact...the exam is not the end goal but it is on the path.
-If you have a small index, it can be very hard to return to the material and pick back up the details without rehashing more than necessary. Additionally, your brain can only hold so much information, so unless you don’t have very many certifications, it could be harder to retain the material...and then you have to go through the material fully later again.
-Some people learn differently but taking notes...or indexing...is a good way to help with memory retention.WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses: Done!!! -
OptionsTechGuru80
Member Posts: 1,539 ■■■■■■□□□□
Yep it’s all preference when it comes down to it....if you don’t understand the material you won’t pass with any size index. I love the fact they give you mp3s...when I’m full study mode I listen to them driving to and from work.
-
Options
E Double U
Member Posts: 2,231 ■■■■■■■■■■
The clock is your true enemy! Early in the test, I realized that I spent 15 minutes on ONE question!
Had the same experience with both GCIH and GCIA.
Congratulations on the pass!Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
