LonerVamp wrote: » About a week ago I passed the GCFA exam. I took FOR508 in person in May at SANS West and then studied for the whole summer off and on before tightening up for the exam before it expired. This was my first SANS course and first GIAC exam, and I have to say I have 0 complaints and loved the material. I have 15+ years of IT and infosec-blended experience, and almost all of those years include Windows systems administration on desktop (3 years) and servers (the rest). So, I've done live troubleshooting and minor forensics-type work, but never at this depth or using saved images of any sort. So all of that was new to me, and I feel like I could pick up a forensics job or task and run with it. My goal with taking this course was to close the feedback loop of Defense-Offense-Forensics. I have had lots of experience with being on the defense side, and love being on the offense side, so I wanted to take a course that allowed me to do more forensics against the offense, so that I can better inform my defense and make my offense even better, and so on.
1point8t wrote: » Congrats LonerVamp! I'm looking to take the exam within the next two months, I'm just finishing up my index. Do you have any advice for the exam? Were the practice tests similar to the final exam?
