GWAPT - Worried about the content

Hi Everyone,

I'm sitting here in the SEC542 course right now and I'm on day 4.

I was always told that the course books were all you need in order to take the exams and pass them, however, it seems like this course's books are fairly short in the amount of information within the text under the slides.

I'm comparing this to the SEC504 I took in September last year.

For those of you who took this, what should I do? Should I focus on the material in the books, make my index, and just hammer away in the workbook labs and just understand how each of the labs are working?

In particular, I'm very worried about AJAX and some of the SQL (SQL not as much as AJAX, but I'm COMPLETELY lost on AJAX)

Should I grab another book? I know I can and should look at w3schools for things I don't understand, and I will.

Find more posts tagged with

Comments

iBrokeIT

You can relax, I just took GWAPT earlier this week and found it to be on par with the GCIH. A good, thorough index will get you through this exam.

I actually took the SEC542 class back at Sec West 2018 in May, put it off until three weeks ago, crammed and created my index in 2.5 weeks, and passed with an 87%.

I would recommend that you create you index and then take your first practice exam to get a feel for it before you start looking into supplemental material. The labs can be helpful if you are having difficultly grasping a subject and you are more of a hands on learner.

TechGuru80

The exam is only 75 questions so the books don’t have to be as long as GCIH. Understand the labs, techniques, and tools...you should be fine.

LionelTeo

[HTML][/HTML]

Jasiono wrote: »

Hi Everyone,

I'm sitting here in the SEC542 course right now and I'm on day 4.

I was always told that the course books were all you need in order to take the exams and pass them, however, it seems like this course's books are fairly short in the amount of information within the text under the slides.

I'm comparing this to the SEC504 I took in September last year.

For those of you who took this, what should I do? Should I focus on the material in the books, make my index, and just hammer away in the workbook labs and just understand how each of the labs are working?

In particular, I'm very worried about AJAX and some of the SQL (SQL not as much as AJAX, but I'm COMPLETELY lost on AJAX)

Should I grab another book? I know I can and should look at w3schools for things I don't understand, and I will.

It is totally okay to go with the course material alone but also lookout to enrich your knowledge especially on your weak area.

Here is my take on outside resources since I had used the Web Application Hacker Handbook without the actual course materials for the exam and pass it. Although WAHH is one of the best books for learning web application attacks, there content in the book and the course itself is vastly different. While the same concept revolves around the same theory, their application can differ. One example that I can vaguely remember is the WAHH speak about using time delay for fingerprinting while SANS actually uses the same technique for something else. Eventually, I realize it is all about understanding the technique and knowing the application!