GPEN **** Sheets?

josephandrejosephandre Posts: 315Member ■■■■□□□□□□
Im preparing to take GPEN next week, and I've never brought in anything other than my index and the books.

Seems like most people in my office bring in all sorts of things, and definitely **** sheets / posters.

Which **** sheets have you all used when taking GPEN. I think I'll be fine with what's worked for me, but if it's allowed, and produced by SANS, why not?

Comments

  • iBrokeITiBrokeIT GXPN GPEN GWAPT GCIH GCFE GICSP GSEC eJPT Sec+ Posts: 1,260Member ■■■■■■■■■□
  • josephandrejosephandre Posts: 315Member ■■■■□□□□□□
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Posts: 1,905Member ■■■■■■■■□□
    Maybe it's just me, but I've never found those SANS quick **** sheet of any value on the exams, I have used them Analyzing malware, to give me help what program to use to analyze a specific type of malware.
    Still searching for the corner in a round room.
  • al88al88 GCIH, GCFA, GNFA, GCTI, GASF, GISP, Sec+ Dallas, TXPosts: 62Member ■■■□□□□□□□
    TechGromit wrote: »
    Maybe it's just me, but I've never found those SANS quick **** sheet of any value on the exams, I have used them Analyzing malware, to give me help what program to use to analyze a specific type of malware.

    In GCFA, both "Finding Evil.." and "Evidence of.." posters were a tremendous help to me honestly.. finding normal processes and services and their parent process, Execution path, number of active ones .. etc. Also files timestamp and what gets modified and when..etc.

    Wireshark one was also helpful in GNFA..

    I mean all of that were in the books, sure.. but it was faster, cleaner and just easier to get the information from poster/cheatsheets. Now i know I'll, definitely, rely on them at work ;)

    Here's the link to DFIR posters and cheatsheets, if anyone were also looking for them. https://digital-forensics.sans.org/community/****-sheets
  • josephandrejosephandre Posts: 315Member ■■■■□□□□□□
    Good stuff, thanks.

    Sidenote, reading the gpen books, i find myself reading them in the OSCP videos voice subconsciously icon_lol.gif
Sign In or Register to comment.