SANS SEC566/GCCC
E Double U
Member Posts: 2,237 ■■■■■■■■■■
in GIAC
Are there labs in this course? Curious if you are just discussing the controls or actually testing them.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Comments
-
markmorow Member Posts: 44 ■■■□□□□□□□I'm currently doing this class now and yes there are some labs. They are built around different tools and such that you can use to satisfy the control. For example Control 2 is Software Inventory. You run some PowerShell commands to **** out what's installed on the lab machine. They aren't all that easy but they aren't really complicated either.
-
E Double U Member Posts: 2,237 ■■■■■■■■■■Thanks for response! My first day of SEC566 begins tomorrow.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□E Double U said:Thanks for response! My first day of SEC566 begins tomorrow.
To further answer the question: @markmorow has it right: there are some labs, but they are not very heavy lifting.E Double U said:Are there labs in this course? Curious if you are just discussing the controls or actually testing them.
To summarize:- At the time of writing you will be provided with one Windows 10 Pro VM.
- Yes, they do expect you to have setup VMWare on your system beforehand. Can be Player (free), Workstation/Fusion (cheapish). You could also use Parallels or VirtualBox, but in that case they tell you you're on your own; no guarantees about helping you in class.
- There are roughly 15 labs, for 20 controls. As Mark pointed out, basic introductions to one or two tools for each subject. You can compare it to labs in a C|EH class: drive-by safari showing you various red/blue team tools.
-
E Double U Member Posts: 2,237 ■■■■■■■■■■Passed GCCC today with 79% - just three weeks after completing the course. I wanted to attempt it sooner, but I had two work trips back-to-back that delayed the completion of my index. Took both practice exams the same day and got 59% on the 1st attempt (without the index) and 80% on the 2nd try (with the index).
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
FluffyBunny Member Posts: 245 ■■■■■■□□□□Passed GCCC today with 79%Congratulations! That's great work! I'm still working on my indices, but I keep getting distracted by my homelab
-
SecurityNoob45 Member Posts: 9 ■■□□□□□□□□E Double U said:Passed GCCC today with 79% - just three weeks after completing the course. I wanted to attempt it sooner, but I had two work trips back-to-back that delayed the completion of my index. Took both practice exams the same day and got 59% on the 1st attempt (without the index) and 80% on the 2nd try (with the index).
-
E Double U Member Posts: 2,237 ■■■■■■■■■■@ Bunny - How far are you into the material?
@ Noob - The questions were very straightforward. This is my 4th GIAC exam and it was the easiest.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
FluffyBunny Member Posts: 245 ■■■■■■□□□□@ Bunny - How far are you into the material?I'm almost through the second book. The easy part is that all five books and just about all the chapters have the same build-up, so there's a lot of recurring index words. I'm putting off going through The Big Fat Book(tm) unless I really, really have to.
As I said, my homelab has been waaaayyy too enticing, luring me away from the drudgery that is indexing. But now I'm putting my foot down! I'm scheduling my exam attempt in three weeks time (that's the one-week lull between two assignments), so now I absolutely have to finish my work -
E Double U Member Posts: 2,237 ■■■■■■■■■■Yes this has been the easiest index I have made because of the same structure with each control (measures, ERD, defenses, etc). I created a separate tab for each control and just copied the same format to each tab then modified it as needed. The fat NIST books are not needed for the exam.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□I'm also adding a lot of key software names and concepts to the index. We'll see how things go!
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□Hey @E double U, I seem to have found a bug.In book 3, pages 21 through 24 (root cause analysis for control 7) appear to be an exact copy/paste of pages 74 through 77 from book 2 (root cause analysis for control 5). Now I’ve seen other copy/paste moments, but in this particular case I feel that there’s been an error in making the syllabus: the repeated text does not appear to be relevant to the subject matter.
I've sent an email to James, Kelli and Russell about it. I'm curious whether you've noticed the same issue. -
E Double U Member Posts: 2,237 ■■■■■■■■■■My index is similar. For every index my tabs are topics, tools, and commands. The commands tab was not necessary for this GIAC attempt, but I kept the topics and tools plus the separate tab for each control. It made it easier for me to find what I was looking for during the exam. I rarely had to use the books.
I do not recall seeing that repeated text, but I will take a look.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
SecurityNoob45 Member Posts: 9 ■■□□□□□□□□E Double U said:My index is similar. For every index my tabs are topics, tools, and commands. The commands tab was not necessary for this GIAC attempt, but I kept the topics and tools plus the separate tab for each control. It made it easier for me to find what I was looking for during the exam. I rarely had to use the books.
I do not recall seeing that repeated text, but I will take a look.E Double U said:My index is similar. For every index my tabs are topics, tools, and commands. The commands tab was not necessary for this GIAC attempt, but I kept the topics and tools plus the separate tab for each control. It made it easier for me to find what I was looking for during the exam. I rarely had to use the books.
I do not recall seeing that repeated text, but I will take a look. -
LonerVamp Member Posts: 518 ■■■■■■■■□□Others may have them different, but what I use is just a spreadsheet with three columns: term/topic/phrase/keyword - brief description or important points - page number found.If a term appears on multiple pages in different places, I'll just have multiple entries for that term. And each definition will be tailored to the content from that specific page.I've also found it helped me to print it landscape and have it ringbound at the top at Fedex/Kinkos. I then add sticky tabs on the bottom or side to let me flip to various alphaletters quickly.And just to round out the subject, I'll add sticky tabs to the tops of the book pages for every major section shift, topic, examples, key charts and lists, and so on.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
E Double U Member Posts: 2,237 ■■■■■■■■■■Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□Yeah, that's a good tutorial. Similar to "Better GIAC testing with Hacks4Pancakes".
Gosh, creating that index is a task of drudgery. I'm on the last book and I'm so done with this... Once the index is done I'll tackle the practice exam(s) to see how I'll fare, then my exam is due in 1.5 weeks. -
FluffyBunny Member Posts: 245 ■■■■■■□□□□Whew! I finished my index today! I don't have a color printer at home, so all those cute colored labels aren't going to much use. But the index worked just fine anyway.
I immediately took my first practice test and scored a 90% in roughly 55 minutes. Two mistakes were down to sloppiness, the rest were honest fails on my part.
And since @SecurityNoob45 asked, here's a photo of my books and index. I used Apple's Numbers as spreadsheet to take indexing notes and then made the actual document in Pages. That took a little effort, because you can't simply paste Numbers data into the DTP tool that is Pages. You first have to make a table to post the data into, and funnily enough Pages limits its tables to 999 rows. So I've had to make three very long tables
-
SecurityNoob45 Member Posts: 9 ■■□□□□□□□□FluffyBunny said:Whew! I finished my index today! I don't have a color printer at home, so all those cute colored labels aren't going to much use. But the index worked just fine anyway.
I immediately took my first practice test and scored a 90% in roughly 55 minutes. Two mistakes were down to sloppiness, the rest were honest fails on my part.
And since @SecurityNoob45 asked, here's a photo of my books and index. I used Apple's Numbers as spreadsheet to take indexing notes and then made the actual document in Pages. That took a little effort, because you can't simply paste Numbers data into the DTP tool that is Pages. You first have to make a table to post the data into, and funnily enough Pages limits its tables to 999 rows. So I've had to make three very long tables -
FluffyBunny Member Posts: 245 ■■■■■■□□□□SecurityNoob45 said:
SO ARE YOU SUPERMAN OR BATMAN? CAUSE YOU SAVED ME! THANK YOU!!!
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□Today was the day I passed my GCCC certification exam with a 93% score (my trials rang in at 91% and 89%)
I found the actual exam to be a bit more difficult than the two trials. I also grabbed for my indices and reference tables a few more times than during the practice rounds. Overall it's a very doable exam though; mostly common sense thinking. -
LonerVamp Member Posts: 518 ■■■■■■■■□□Nice job, congrats!What's next?
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
FluffyBunny Member Posts: 245 ■■■■■■□□□□LonerVamp said:Nice job, congrats!What's next?
I'm also applying for a SANS Mentor position (for the Netherlands) and have just signed up with the GIAC Advisory Board -
dimkat2903 Member Posts: 2 ■■□□□□□□□□E Double U said:Passed GCCC today with 79% - just three weeks after completing the course. I wanted to attempt it sooner, but I had two work trips back-to-back that delayed the completion of my index. Took both practice exams the same day and got 59% on the 1st attempt (without the index) and 80% on the 2nd try (with the index).
-
E Double U Member Posts: 2,237 ■■■■■■■■■■My index is over a year old so I am not sure how good it will do you since the material is updated. I have no problem with sharing it, but I would strongly advise you to prepare your own. Index building has been a part of studying process for me since I read all of the books and do the labs as I create it. If you are just looking for a quicker way to pass the exam you are cheating yourself.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□I was thinking about doing the SEC566 SANS class, Is it good ? Did it really bring something more than reading the control (most are rather straight forward).
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□SteveLavoie said:I was thinking about doing the SEC566 SANS class, Is it good ? Did it really bring something more than reading the control (most are rather straight forward).
It depends on the trainer and more importantly it depends on the students. Unlike most technical SANS classes, SEC566 is squarely targeted at defining and enforcing policies and procedures and at testing their outcome. It's not hacking, it's not code, it's about helping an organization reach security maturity targets.
The quality of this class stands and falls with interaction between those people in the room. If it's nothing but one-way traffic and students are only there to drink from the firehost, it's gonna suck for you. Yes you'll learn stuff, but you could be getting so much more from it. I found the talks and discussions we had during each chapter the most valuable parts of my week with SANS. As you point out: you can just read best practices and the CSC. But it's discussing HOW to tackle all this with others that will help you actually get somewhere with'm. -
FluffyBunny Member Posts: 245 ■■■■■■□□□□dimkat2903 said:
Greetings my friend and congrats for passing your exam. As i am also preparing for the exam, may i ask if you could provide me with your SEC566 index please? That would be a great help for me, please.
I'm with E double U here: the point of making your index is part of the learning experience and helps you familiarize yourself with all the materials. Sure you can ask for other people's index, but you're robbing yourself of an experience.
Yeah, I've shared my index with one of my classmates at the time. And yeah, I'm pretty sure they passed. But yeah, I felt a bit "meh" about it. But asking us for our index now, over a year after the class, won't help you much. The books have probably changed quite a bit since then. -
Kickstone Member Posts: 6 ■■■□□□□□□□E Double U said:
My index is over a year old so I am not sure how good it will do you since the material is updated. I have no problem with sharing it, but I would strongly advise you to prepare your own. Index building has been a part of studying process for me since I read all of the books and do the labs as I create it. If you are just looking for a quicker way to pass the exam you are cheating yourself.FluffyBunny said:
I'm with E double U here: the point of making your index is part of the learning experience and helps you familiarize yourself with all the materials. Sure you can ask for other people's index, but you're robbing yourself of an experience.
You guys are right. But, on the other hand, there are more kinds of approach. One of them is making your own index and then compare with others and refine your work. That's the way I always passed those exams quite successful.
Also, with this kind of preparing, the "age" of an index doesn't matter at all. It's just for optimizing.
Due to the current global situation I am taking the Online Training now, and as there is not much orientation to what's important and what's not, which does not make it easier.
If somebody is willing to share his index with me, I would appreciate it very much. Thanks in advance.
-
E Double U Member Posts: 2,237 ■■■■■■■■■■I found my index. What is your email?Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□
Also, with this kind of preparing, the "age" of an index doesn't matter at all. It's just for optimizing.
Weeellll, chapter layout and page count of the source books may vary wildly.
But sure. Knock yourself out -> https://www.kilala.nl/Images/SEC566-index.pdf