Passed GCIH 93%
This was my first SANS training/exam, so I wanted to provide some feedback based on my experience and preparation.
Experience:
I've been in security for ~8 years and I've for the past year I've been a senior security analyst for an Incident Response team. I think having real world experience was a huge reason for my success. I had a lot of practical troubleshooting experience, so I was able to narrow down most questions simply by process of elimination based on prior knowledge.
Study Experience/Index:
I am a notorious procrastinator, so I wasted the first 3 months not doing much. I ended up paying $349 to extend my exam and on-demand access because I underestimated the amount of time required for studying and creating the index. I watched the on-demand videos and read through the book twice.
I scored 79% and 83% on my 2 practice exams. I ended up recreating my index after taking my 2nd practice exam. I made it WAY too detailed and I was unable to find anything when I was testing, so I ended up guessing on a lot of the questions on I was unsure of. My 2nd iteration of the index was much simpler the the 1st. I went through each book and notated any keywords, tools, directories, etc that I thought were important. I marked which book and page it was on and then I sorted by the keyword column. There were multiple duplicate keywords (nmap, netcat, etc) that referenced different books/pages, but I never felt overwhelmed with sorting through the books to find what I was looking for. I also tabbed each book to make the main sections easier to thumb to.
I was able to locate 99% of the information I was unsure in the exam from my newly created index. I took well over 3 hours to complete my exam and that included a small break 2/3 of the way through. I made sure to validate every answer I wasn't 100% certain on and I think that made a big difference on my final grade compared to the practice exams.
I'm glad to be done.
Experience:
I've been in security for ~8 years and I've for the past year I've been a senior security analyst for an Incident Response team. I think having real world experience was a huge reason for my success. I had a lot of practical troubleshooting experience, so I was able to narrow down most questions simply by process of elimination based on prior knowledge.
Study Experience/Index:
I am a notorious procrastinator, so I wasted the first 3 months not doing much. I ended up paying $349 to extend my exam and on-demand access because I underestimated the amount of time required for studying and creating the index. I watched the on-demand videos and read through the book twice.
I scored 79% and 83% on my 2 practice exams. I ended up recreating my index after taking my 2nd practice exam. I made it WAY too detailed and I was unable to find anything when I was testing, so I ended up guessing on a lot of the questions on I was unsure of. My 2nd iteration of the index was much simpler the the 1st. I went through each book and notated any keywords, tools, directories, etc that I thought were important. I marked which book and page it was on and then I sorted by the keyword column. There were multiple duplicate keywords (nmap, netcat, etc) that referenced different books/pages, but I never felt overwhelmed with sorting through the books to find what I was looking for. I also tabbed each book to make the main sections easier to thumb to.
I was able to locate 99% of the information I was unsure in the exam from my newly created index. I took well over 3 hours to complete my exam and that included a small break 2/3 of the way through. I made sure to validate every answer I wasn't 100% certain on and I think that made a big difference on my final grade compared to the practice exams.
I'm glad to be done.
Comments
-
gespenstern
Member Posts: 1,243 ■■■■■■■■□□
Congratz!
Also, from what I know, >90% initiates a SANS/GIAC advisory board invitation protocol. -
TechGromit
Member Posts: 2,156 ■■■■■■■■■□
Congratulations, and nice score too. I only got a 78%, I found the material and Exam a harder than the SCAN 401 course I took.Still searching for the corner in a round room. -
JoJoCal19
Mod Posts: 2,835 Mod
Congrats on the pass!Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
methyl
Registered Users Posts: 3 ■□□□□□□□□□
Congrats! I failed twice on my GCIH and currently studying so that I can take the third one. Any tips or advise is appreciated.
-
Kasor
Member Posts: 934 ■■■■□□□□□□
Congrats. Thanks for the updated information.Kill All Suffer T "o" ReBorn