GCIH Passed, Review Inside

Hi guys!

So I've finally passed my GCIH. Took the class in March, and the exam in May.

1st Practice exam: 89%
2nd Practice exam: 86%
Actual exam: 92%

Like everyone else has said on this forum, the index is your key. It helped me confirmed my answers for at least 70-80 questions.

My index was simple and about 40 pages long:

Topic, Book no., Page no., Description of the topic.

My advice is to read the books while indexing, and listen to the given audio files while commuting. John Strand was pretty entertaining with his experiences and he definitely impacted the way I conduct my security awareness talks

I'm thinking of the FOR500, FOR508 or SEC560 next, depending on the way the wind blows in the office. I may have the option for moving into web/network pentesting, but blue team work is more natural to me.

In the meantime though, I'll be lurking on the other subforums while I work on elearnsecurity's threat hunting course, or maybe the CISSP

Find more posts tagged with

Comments

gespenstern

Congrats! Plus, with you score you are getting the advisory board invitation!

cyberguypr

Congrats!

b0Ris

nebula105 wrote: »

Hi guys!

So I've finally passed my GCIH. Took the class in March, and the exam in May.

1st Practice exam: 89%
2nd Practice exam: 86%
Actual exam: 92%

Like everyone else has said on this forum, the index is your key. It helped me confirmed my answers for at least 70-80 questions.

My index was simple and about 40 pages long:

Topic, Book no., Page no., Description of the topic.

My advice is to read the books while indexing, and listen to the given audio files while commuting. John Strand was pretty entertaining with his experiences and he definitely impacted the way I conduct my security awareness talks

I'm thinking of the FOR500, FOR508 or SEC560 next, depending on the way the wind blows in the office. I may have the option for moving into web/network pentesting, but blue team work is more natural to me.

In the meantime though, I'll be lurking on the other subforums while I work on elearnsecurity's threat hunting course!

Huge fan of John Strand and I hope to be able to take a class from him one day!

vynx

gespenstern wrote: »

Congrats! Plus, with you score you are getting the advisory board invitation!

whats the minimum score to get advisory board invitation ?

Donklander

I think it's 90% or better.

nebula105

Thanks everyone!

I'm curious though, how long will it be before they send me the invitation to join the advisory board?

markmorow

nebula105 wrote: »

Thanks everyone!

I'm curious though, how long will it be before they send me the invitation to join the advisory board?

It should be a few days after. I got that with the GWAPT. I'm actually taking this GCIH in 3 weeks. Would you mind sharing your index? I just took the first practice test and scored an 88% but have some additional index work to do.

sunrise1994

Could you please share your index if possible.

cyberguypr

Have you guys created an index? I am curious what you expect to gain by using someone elses index.

quogue66

I would caution against looking at someone else's index. People create their index based on the way they think. The words, phrases and other items are arranged in a way that helps them quickly find things. If you try and mimic what they're using in their index it may cause more harm than good.

markmorow

Yes I have my own index, it's just not nearly as long as 40 pages so I'm interested to see how they set theirs up and what mine might be missing.

cyberguypr

There's no magic number. My index was 13 pages and passed with a 91 so don't let page number be an indicator of readiness. You can see how I approached mine here (with pics): http://www.techexams.net/forums/sans-institute-giac-certifications/98047-passed-gcih.html

nebula105

Hey guys, so.. A lot of you have been requesting for my index.

While I would love to provide it in it's entirety; I won't, as I sincerely hope you guys go through the books and index it yourself.

That way, you get forced to read through it at least lightly.

What I can do though, is provide a screenshot of the format that I did.

Nothing fancy and it was pretty terrible to be honest, I had to print it out and add sticky notes at the side to denote them by alphabetical order

But hey, if it gives you inspiration.. Then by all means, copy away!

What I can say though, is that although the index helped me with 70-80 questions, the rest of it is by experience.

So get out there, go through the labs and keep resolving incidents!

index.jpg

nebula105

cyberguypr wrote: »

There's no magic number. My index was 13 pages and passed with a 91 so don't let page number be an indicator of readiness. You can see how I approached mine here (with pics): http://www.techexams.net/forums/sans-institute-giac-certifications/98047-passed-gcih.html

Good Lord I just remembered, your post was the inspiration for my index! Thanks cyberguypr!

markmorow

I have an index but it's about 15 pages. I was looking to see how much detail you had. This is helpful.

mactex

I use the practice exams to gauge how sufficient my index is.

jjones2016

nebula105 wrote: »

Hi guys!So I've finally passed my GCIH. Took the class in March, and the exam in May.1st Practice exam: 89%2nd Practice exam: 86%Actual exam: 92%Like everyone else has said on this forum, the index is your key. It helped me confirmed my answers for at least 70-80 questions.My index was simple and about 40 pages long:Topic, Book no., Page no., Description of the topic.My advice is to read the books while indexing, and listen to the given audio files while commuting. John Strand was pretty entertaining with his experiences and he definitely impacted the way I conduct my security awareness talks :)I'm thinking of the FOR500, FOR508 or SEC560 next, depending on the way the wind blows in the office. I may have the option for moving into web/network pentesting, but blue team work is more natural to me.In the meantime though, I'll be lurking on the other subforums while I work on elearnsecurity's threat hunting course, or maybe the CISSP

560 is amazing followup to this course because it goes more in-depth with the tools in that class, but to be honest with you... You are pretty decent pentester after 504, so I could see someone either going the 500/508 route (blue team) or GWAPT, and eventually 660 (if you want pentesting). This is because in 560, they have to go over those same tools you learned in 504, i.e. netcat/ncat, enum4linux, sqlmap etc. They did a wonderful job on the 504, learned so much about exfil via ptunnel and user/kernel rootkits... I think the course was amazing. Just depends if you want to stay Red or Blue