Self study for GSEC

belledern

Hi all,

I am aiming to get the GSEC later this year, but am planning to challenge the exam, as neither my employer nor I can fund the SANS course or SANS self-study materials. I know Work Study is an option, and have applied for it, but don't believe I will be offered a facilitator role.

Looking through the forums, it appears that it is possible by doing a range of things including:
- study material from SSCP, Sec+, Net+, Linux+
- study material from older SEC401 courses (this one may not be so helpful since specifics within the course and exam content changes frequently)
- use learning platforms like Cybrary, ImmersiveLabs etc.

I do not have much technical IT experience, and this will be my first exam attempt and certification. I know that this will make what I'm doing sound quite ambitious, but I believe I can do it. If anyone's got any further tips, or has experience with challenging exams without using SANS material please let me know about what you did and how you went.

JDMurray

GSEC is a tough first cert exam, especially if you are not studying from the latest course materials. The two practice exams that come with the challenge will give you an idea of the format and style fo the exam items, but they are not a replacement for the actual exam experience.

If you don't have much technical IT experience, what do you hope to gain from getting the GSEC certification? There are much better ways to learn how to secure and defend information systems.

belledern

I plan to use the 2nd issue of the Security Essentials Certification guide coming out in July (would link but it won't let me) so it would be fairly recent material (even though its not straight from SANS itself).

I'm working in GRC at the moment, so I do have information security knowledge, just not at a lower level. The reason I want to take the GSEC is so I get a more rounded view of infosec, and fill the gaps in my technical know-how.

It's interesting to hear that it's a hard cert exam, considering it is viewed as being an entry-level cert   

mactex

The sheer volume of information covered makes it challenging. I think it would be doable with experience. I wouldn't fall into the "entry level" = easy trap with SANS.

Randy_Randerson

Speaking bluntly, using someone else's books on this site has never gone too well. With that said, if you anticipate taking this legitimately it can be done. Just going to need really buckle down. 

One of the best books you can get is a CISSP study book. Seriously. 
Pen Testing with Kali 
Any cloud-based material that discusses Azure/AWS 

That would at least get you probably over the passing line. That CISSP book will be a gold mine.  

dinger68

Doesn't SANS provide with the latest books/material when you challenge and schedule an exam?

Randy_Randerson

dinger68 said:

Doesn't SANS provide with the latest books/material when you challenge and schedule an exam?

OP is attempting to self-study for the exam. So he is foregoing the course and labs to reinforce the material. 

cyberguypr

The only thing you get when scheduling the exam is the two practice tests. Books are only provided in the class, or when you renew the certification. 

Danielm7

As a few others have mentioned, this is a quick way to burn around 2K for a single attempt at an exam without experience. Have you considered maybe something like the network+ / security+ and working your way upward with more of a foundation? Is the desire in the market for the GSEC even that high that it'll make a difference?

Blucodex

Because you do not have much technical IT experience I would say do not attempt to test out of this.

My advice is to either start with something smaller like the Security+ or CEH to build some foundation security knowledge
OR
Apply for the Work Study.  For $1500 you'll get get the class, exam attempt, and two practice exams.  The experience will be well worth it plus it's a great opportunity to network with those already in the industry.  You said you already applied--did you apply for multiple dates/locations?  I had to apply a handful of times before I was selected.  If it was me, I would be patient and go this route.

PC509

Are you wanting to put the cert down on a resume? Or are you wanting to learn the material? I think challenging the exam will get you those letters, but you're going to be studying for other exams (CISSP, Sec+, CEH, etc.) rather than the GSEC. I have always heard that SANS/GIAC certs are great and valuable, but the real value comes from the actual course and people you meet along the way. 

Doable, but I'm not sure if you're going to get out of it what you think you are. 

TechGromit

dinger68 said:

Doesn't SANS provide with the latest books/material when you challenge and schedule an exam?N

Nope. When they say challenging the exam, they mean taking the exam without the official books / study material. When you take one of there courses and signup for an exam the when you purchase or during your course, your guaranteed the version of the exam based on the material they provided you. The material and exam content changes as the information is updated. How much it changes between version has always been a matter of much speculation.