GMON/SEC511 Any Advice?

markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
Finished the class last week.  I used the index that was provided in book 6 to go through my first practice exam.  I definitely rushed through it and didn't look up a lot of the answers.  Had 90 minutes to spare (out of 180) and failed by 1%.  I definitely will take my time and be more thorough looking up answers the next practice exam.  Other than that, any advice?  Any additional info you studied or brought with you?

Comments

  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    I just used the course books.  Sounds like you have it down if you use the full time and create a personal index.
  • DJVeritasDJVeritas GMON / CNDA / CEH / CB Defense Analyst Member Posts: 28 ■■■□□□□□□□
    If you're 1% off of a passing score, you are pretty close to passing the exam itself. Best thing you can do is update your index based on the weakest parts of your practice exam.  Also, look at the tools used in class again and include several commands into your index. The index provided is not enough to pass the exam by itself, however.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    edited February 2019
    Thanks!  Okay, I'll attach SANS' Linux **** sheets and maybe some other CLI stuff for those tools.  Otherwise, I feel fairly confident.  I thought some of the questions on the practice exam were trying to trick you a little, but all of the concepts I'm pretty familiar with.

  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Do they really censor the word C.H.E.A T on this forum?
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Got it scheduled 2 weeks from now.  Should give me plenty of time to study up and fix anything I need to after my 2nd practice exam
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    Good luck Markulous!  Pretty straightforward exam--you'll be fine!
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Thank you!  My boss hinted at a promotion in a few months when I pass this too, so extra incentive to pass this thing.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    When's the exam Markulous?
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    This Saturday in the morning. I'm feeling better about it now that I'm modifying the index quite a bit and adding things they didn't include in there.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    Good luck Saturday!
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Thanks!!  I'll post in here on how I do.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Passed!  89%.  Definitely easier than the practice exam or maybe I was just way more focused.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Thanks!  Now have to debate the next one.  Thinking the GSE may be a good goal, so maybe do the GCIA or GCWN next.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    markulous said:
    Thanks!  Now have to debate the next one.  Thinking the GSE may be a good goal, so maybe do the GCIA or GCWN next.
    GCIA is a really good class.  This was the first SANS class I took and I've heard it's also one of the harder exams.  I just did a practice GNFA exam last week and the GCIA had me very well prepared enough to be just about ready to challenge the GNFA.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    67% passing score, so yeah I'd guess it was pretty tough.  I look at SIEM logs all day, so sounds like something that would be beneficial too.
  • DJVeritasDJVeritas GMON / CNDA / CEH / CB Defense Analyst Member Posts: 28 ■■■□□□□□□□
    Congrats on the pass!  GMON'Ster!
  • afobafob Member Posts: 11 ■■□□□□□□□□
    Any tips that you can provide for GMON? I take the test in a month
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    afob said:
    Any tips that you can provide for GMON? I take the test in a month
    I personally used the index they provided but made my own modifications to it as there were a few things missing or labelled in a way that didn't make sense to me.  I felt pretty confident after doing that.  I was getting low 70s on the practice exam, then just slowed down and took my time and got an 89% on the actual exam, so don't get discouraged if you don't get a great score, especially on the first practice exam.

    Just relax during the exam and use the time you have to look up things in your index if you aren't sure.  If you can't find the answer after a minute or two, just flag it and move on.  Let us know how you do also, good luck!
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Member Posts: 1,990 ■■■■■■■■□□
    edited April 2019
    markulous said:
    I used the index that was provided in book 6 to go through my first practice exam.  Other than that, any advice?  Any additional info you studied or brought with you?

    Congratulations on the pass, but my advise to others is as follows.

    I said this before and I'll say it again, the index SANS provides you is ****.  Don't be lazy and use the SANS provided index, your far better off creating your own index from scratch, considering the price of the exam, you want to do all you can to prepare for the exam.

    But let's assume for a minute that the SANS provided index is the great.  What your given is a keyword and all the places in the books that keyword is mentioned. Now maybe the first place you look up provides you the answer you need, and maybe it doesn't. For an exam with a limited amount of time, do you want to be searching thru the books in 3 or 4 different places for the answer to the question. There simply isn't enough time to look up every answer, your far better off creating your own index and look up the answer once.



     

    Still searching for the corner in a round room.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    That's why I made my own modifications to it and it worked out great for me.  If I just used what they gave me and that was it, not sure how well I would have done.  The biggest value of making your own index or modifying theirs is just being able to study more IMO.  That helped a lot.
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Member Posts: 1,990 ■■■■■■■■□□
    markulous said:
    That's why I made my own modifications to it and it worked out great for me.  If I just used what they gave me and that was it, not sure how well I would have done.  The biggest value of making your own index or modifying theirs is just being able to study more IMO.  That helped a lot.

    This wasn't my experience with the GREM, the index provided was badly outdated, it referred to keywords that didn't exist in the books and wrong locations for others, not to mention it was very incomplete. I firmly believe learning on a SANS provided index is a recipe for failure.     
    Still searching for the corner in a round room.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    With the index for the GMON, I just felt like it had too much info if anything.  I crossed out a few things, added a bunch, etc.  I pretty much made my own, just didn't want to waste paper/ink so I just modified theirs.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    My indexes are usually only 4-6 pages at the most.  I go through all the books and if there is a topic I think is important or don't understand I will write down the book number, page number, and slide title in an Excel spreadsheet.  After I index all the books I sort alphabetically by slide title and I take a practice exam.  If I am still lacking I will search for the sections I need help in, rinse and repeat.

    This works well for me.  I am 3/3 so far in GIAC exam attempts.  The potential issue with using someone else's index is you are not tailoring the index to your needs.  What's the point in an index if it hits your strengths?
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    I think really, just do whatever works best for you.  I wouldn't blindly accept another index and use it at the actual test, that seems pretty foolish, but the way I did it worked great for me.  I did better on this than I did the GCIH.
  • mjs1104mjs1104 Junior Member Member Posts: 30 ■■■□□□□□□□
    The 511 index that they provide is much better than most SANS provided indexes.  I still built my own index for GMON but I also used the one they provided when I couldn't find the topic in my own index (had this happen a couple of times) and it is much better than most SANS indexes.  I feel you could definitely pass the GMON without building your own index but it's always better to be safe than sorry.  
    GSEC, GCIA, GCIH, GCCC, GCPM, GMON, GCTI, GCFA, GREM, GPEN, A+, Net+, Security+, Server+, C|EH, EnCE, ACE, CFCE, etc.
Sign In or Register to comment.