Pass FOR572 - GNFA July 2019

It has been awhile since we've seen it posted on here, so figured I'd give my impressions on studying + test for those who are anticipating taking this course.

Method of Learning: OnDemand
Class Version: 2019 -- updated labs and capstone
Time: 110 Days
Estimated off-hours studying: 20-30 Hours
Testing time: 50 minutes of 120 minutes used

First, the class is very good. Phil knows his stuff and he talks concisely. The labs are engaging and have some real-world impact, albeit not nearly as much as I would like. But that is the joys of HTTP/S.

This is not an area of forte for me, but it is something I enjoy to tinker with. Largely because my environment isn't going to have some of these methods in place that I can actually use on a day-2-day basis. However, being able to read NetFlow's + Wireshark filters is incredibly helpful and something I picked up more from SEC503 than I really did in this class. Phil states a few times in the OnDemand lecture that he was told to remove some of the more technical things because the class is not a Firewall class. Which I'll get to in a moment. Overall, the books are smaller than the normal classes -- so I wish they would just combine them like they did for FOR508 and FOR500.

Onto the Index. As others have said -- index everything you possibly can, but honestly don't go extreme on this thing. Have filters, key concepts and make some notes on what some things are defined as to save yourself some time. Mine ended up being about 11 pages + I printed out the one that Phil made that is specific to your books.

The Test Itself: Honestly, rarely used the indices. And I mean rarely. That, I feel, is because of how much time I dedicated to studying and reading the material over just indexing (which is what I've done in the past when crunched for time). I just "knew" the answer. What I did have an issue with is they had questions relating to encoding/decoding Base64 without really a ton of material to help guide you through those types of questions (seriously, there is 3 pages in the books on this, and only 2 sentences go over how to calculate it). I felt these questions to be cheapshots. So be ready for them if you plan on taking it.

Overall, good experience. Test is only 50 questions, so you have enough time to really think about the question and answers. No hands-on questions. Very few graphic depictions of a GUI. Have your wireshark display filters handy. Know your wireless and you'll smash it!

Find more posts tagged with

Comments

TechGromit

Congratulations, but what does "Time: 110 Days" mean?

iBrokeIT

TechGromit said:

Congratulations, but what does "Time: 110 Days" mean?

Probably the amount of time between the class and passing the exam...

LonerVamp

Congrats!

I see you have plenty of G-certs. At the risk of being biased due to each class probably building on others, where would you feel this one ranks with all the others you've taken? I'll let you use any criteria you'd like.

Just curious, as that course is one I'd look at for any future choices of mine, particularly due to the update. But, I also know I probably won't learn as much new from it as I did from, say, FOR508. I'd never really done memory analysis before, but I've dealt with flows, pcaps, firewall rules, IDS/IPS alerts, etc. for years.

Also, only 50 questions? That's not much!

Randy_Randerson

TechGromit said:

Congratulations, but what does "Time: 110 Days" mean?

Sorry for the delay! It took me from start of the class to cert, 110 days.

Randy_Randerson

LonerVamp said:

Congrats!

I see you have plenty of G-certs. At the risk of being biased due to each class probably building on others, where would you feel this one ranks with all the others you've taken? I'll let you use any criteria you'd like.

Just curious, as that course is one I'd look at for any future choices of mine, particularly due to the update. But, I also know I probably won't learn as much new from it as I did from, say, FOR508. I'd never really done memory analysis before, but I've dealt with flows, pcaps, firewall rules, IDS/IPS alerts, etc. for years.

Also, only 50 questions? That's not much!

Than you LV! That is a good question, and I guess it really depends on your day job more than anything. Frankly, I found SEC503 to be the defacto network class IMO. Class is so intense, but so rewarding. If I were to put this class in a list of what I found to be the most beneficial, I have it slightly below the middle line. This is a really niche course imo.