GCIH Preparation

COBOL_DOS_ERACOBOL_DOS_ERA Member Posts: 205 ■■■■■□□□□□
Hello All,

I'm a long time lurker here, but this is the first post of mine. I do have a question for you all. I'm planning to Challenge the GCIH exam, and one of my colleague who has took the course in 2017 with SANS said we will lend him course materials for the exam preparation. My question is how helpful do you guys think that would be? I understand SANS periodicallyupdate their course materials. I don't want to shell out that absurd amount of money for the training, since all the expense is going to come out of my own pocket.

I'm also planning to use these books for the exam prep:-

Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.

Incident Response & Computer Forensics, Third Edition
Jason T. Luttgens

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)
Skoudis, Edward

Hacking Exposed 7: Network Security Secrets and Solutions
McClure, Stuart

Thank you all for the help, and advice.

Mr. T :D


  • vanquish23vanquish23 Member Posts: 224
    Normally the company would pay for the SANs classes, so yes I would not spend your own money on it.

    I just ordered this book from Amazon and will be hear today which will help you. But I have not taken a SANs class.

    Intelligence-Driven Incident Response: Outwitting the Adversary 1st Edition

    Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder
    He who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil.
  • COBOL_DOS_ERACOBOL_DOS_ERA Member Posts: 205 ■■■■■□□□□□
    I agree with you, unfortunately even though the company I worked for was one of the pioneer in the Tech industry they stopped all those perks for last 5-6 years unless you are really hooked up with Sr.Sr. manager. Since, I was laid of a month ago, I thought this is time to challenge this exam and be done with it while I hunt for the new gig.

    So, here is my question do you think I still could use the SANS 2017 GCIH exam prep materials from my colleague along with using those books?


  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    i think the problem is that most people likely haven't taken the 2017 and the 2018 test to be able to say the other materials cover what you'd be missing. Challenging an $1899 exam while job hunting might be a big stretch to make but I don't really know your situation. FWIW I'm studying for the GCIH now and testing soon but I don't know the older materials and while I own the 2nd book you linked I've only done some forensics reading from it for a class so I don't remember a ton of cross over.
  • MalwareMikeMalwareMike Member Posts: 147 ■■■□□□□□□□
    I'm currently in their masters program and have taken the GCIH...I would not recommend paying for their exam out of pocket. There is so much you could do with $1900 rather than take a certification that is a nice to have. I have 4 sans certs and I've been contacted a few times regarding them...paying $1900 and passing the GCIH will not open a lot of doors. *Just my opinion* . Maybe take the books from your friends, study the material, do the labs, and then use the $1900 on other resources or cheaper certifications. But it all depends on where you are located and what exactly you are trying to do.
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    I have to concur with MalwareMike here. I also have 4 GIAC certs and the only reason I have them is because I took the classes (Work Study). I would've never pursued them by challenging the test, as I value the class way more than the cert. Maybe if you are eyeing jobs where GXXX is required there will be some value. But otherwise, I say invest elsewhere.
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    cyberguypr wrote: »
    I would've never pursued them by challenging the test, as I value the class way more than the cert.

    Does it really matter were you obtain the knowledge to obtain a SANS certification? Regardless if you took an official SANS class or studied and researched the knowledge from other sources isn't it all the same in the end? If you know your stuff, a SANS cert can prove to potential employer you know your stuff. So I say there is value in challenging the exam. Just be aware without the official SANS materials, you face a tougher time getting a passing grade. When you take a SANS course and pay for a certification attempt, your guaranteed the Exam version you take will be based on the books you have. If you challenge the exam, you will not have that benefit. As to how much the material changes each year has be the subject of much speculation. I would assume the core material stays the same between versions, in only minor changes in content, but without paying for two courses and comparing the books, it's not possible to say for sure.
    Still searching for the corner in a round room.
  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    Of course there’s value in challenging the exam. Just not $1899 worth of value to me. OP needs to make his own call.
  • COBOL_DOS_ERACOBOL_DOS_ERA Member Posts: 205 ■■■■■□□□□□
    Thank you all your invaluable input.

    @MalwareMike: I do understand where you are coming from. I myself don't believe much the cert Hype, but at some point just to clear the HR door and to land a job interview you do need those certs. The real question here is how much you do really know vs what you just memorised to pass the exam? Especially, DC region and NYC is full with cert hype, unfortunately I do split my time between these two place.

    @Cyberguypr: I have been applying to Work Study program for a while, with no luckicon_sad.gif. I haven't lost my hope a bit though:). I believe one of this days, I will receive that email about volunteering with SANS.
  • rfrarfra Member Posts: 8 ■□□□□□□□□□
    The GCIH was the least rewarding exam I have taken and I passed it fairly easily. My employer paid for the SANS class which I think is way overpriced. While I know most people think the instructor is amazing I found it boring and a superficial treatment of most topics. I expected it to be a much more technical exam than it was. Having the SANS material to reference for the exam was pretty important though. The test references a specific selection of tools and it would be pretty difficult without their manuals to refer to in the exam. I have quite a bit of security work experience and I don't think I'd want to sit through the exam without a well-indexed set of SANS study materials at my side, even if I did take in a pile of other common books you can buy on these topics.
  • COBOL_DOS_ERACOBOL_DOS_ERA Member Posts: 205 ■■■■■□□□□□
    Rfra, thank you for your valuable insight. Finger crossed, I happen to be on a[FONT=Arial, Helvetica, sans-serif] *waiting list* for SANS GCIH work study program, and hopefully will receive a call within a month from them.... hey, you are next [/FONT]:D.
Sign In or Register to comment.