Pass FOR572 - GNFA July 2019
Randy_Randerson
Member Posts: 115 ■■■□□□□□□□
It has been awhile since we've seen it posted on here, so figured I'd give my impressions on studying + test for those who are anticipating taking this course.
Method of Learning: OnDemand
Class Version: 2019 -- updated labs and capstone
Time: 110 Days
Estimated off-hours studying: 20-30 Hours
Testing time: 50 minutes of 120 minutes used
First, the class is very good. Phil knows his stuff and he talks concisely. The labs are engaging and have some real-world impact, albeit not nearly as much as I would like. But that is the joys of HTTP/S.
This is not an area of forte for me, but it is something I enjoy to tinker with. Largely because my environment isn't going to have some of these methods in place that I can actually use on a day-2-day basis. However, being able to read NetFlow's + Wireshark filters is incredibly helpful and something I picked up more from SEC503 than I really did in this class. Phil states a few times in the OnDemand lecture that he was told to remove some of the more technical things because the class is not a Firewall class. Which I'll get to in a moment. Overall, the books are smaller than the normal classes -- so I wish they would just combine them like they did for FOR508 and FOR500.
Onto the Index. As others have said -- index everything you possibly can, but honestly don't go extreme on this thing. Have filters, key concepts and make some notes on what some things are defined as to save yourself some time. Mine ended up being about 11 pages + I printed out the one that Phil made that is specific to your books.
The Test Itself: Honestly, rarely used the indices. And I mean rarely. That, I feel, is because of how much time I dedicated to studying and reading the material over just indexing (which is what I've done in the past when crunched for time). I just "knew" the answer. What I did have an issue with is they had questions relating to encoding/decoding Base64 without really a ton of material to help guide you through those types of questions (seriously, there is 3 pages in the books on this, and only 2 sentences go over how to calculate it). I felt these questions to be cheapshots. So be ready for them if you plan on taking it.
Overall, good experience. Test is only 50 questions, so you have enough time to really think about the question and answers. No hands-on questions. Very few graphic depictions of a GUI. Have your wireshark display filters handy. Know your wireless and you'll smash it!
Method of Learning: OnDemand
Class Version: 2019 -- updated labs and capstone
Time: 110 Days
Estimated off-hours studying: 20-30 Hours
Testing time: 50 minutes of 120 minutes used
First, the class is very good. Phil knows his stuff and he talks concisely. The labs are engaging and have some real-world impact, albeit not nearly as much as I would like. But that is the joys of HTTP/S.
This is not an area of forte for me, but it is something I enjoy to tinker with. Largely because my environment isn't going to have some of these methods in place that I can actually use on a day-2-day basis. However, being able to read NetFlow's + Wireshark filters is incredibly helpful and something I picked up more from SEC503 than I really did in this class. Phil states a few times in the OnDemand lecture that he was told to remove some of the more technical things because the class is not a Firewall class. Which I'll get to in a moment. Overall, the books are smaller than the normal classes -- so I wish they would just combine them like they did for FOR508 and FOR500.
Onto the Index. As others have said -- index everything you possibly can, but honestly don't go extreme on this thing. Have filters, key concepts and make some notes on what some things are defined as to save yourself some time. Mine ended up being about 11 pages + I printed out the one that Phil made that is specific to your books.
The Test Itself: Honestly, rarely used the indices. And I mean rarely. That, I feel, is because of how much time I dedicated to studying and reading the material over just indexing (which is what I've done in the past when crunched for time). I just "knew" the answer. What I did have an issue with is they had questions relating to encoding/decoding Base64 without really a ton of material to help guide you through those types of questions (seriously, there is 3 pages in the books on this, and only 2 sentences go over how to calculate it). I felt these questions to be cheapshots. So be ready for them if you plan on taking it.
Overall, good experience. Test is only 50 questions, so you have enough time to really think about the question and answers. No hands-on questions. Very few graphic depictions of a GUI. Have your wireshark display filters handy. Know your wireless and you'll smash it!
Comments
-
TechGromit Member Posts: 2,156 ■■■■■■■■■□Congratulations, but what does "Time: 110 Days" mean?Still searching for the corner in a round room.
-
iBrokeIT Member Posts: 1,318 ■■■■■■■■■□TechGromit said:Congratulations, but what does "Time: 110 Days" mean?
2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
LonerVamp Member Posts: 518 ■■■■■■■■□□Congrats!I see you have plenty of G-certs. At the risk of being biased due to each class probably building on others, where would you feel this one ranks with all the others you've taken? I'll let you use any criteria you'd like.Just curious, as that course is one I'd look at for any future choices of mine, particularly due to the update. But, I also know I probably won't learn as much new from it as I did from, say, FOR508. I'd never really done memory analysis before, but I've dealt with flows, pcaps, firewall rules, IDS/IPS alerts, etc. for years.Also, only 50 questions? That's not much!
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
Randy_Randerson Member Posts: 115 ■■■□□□□□□□TechGromit said:Congratulations, but what does "Time: 110 Days" mean?
-
Randy_Randerson Member Posts: 115 ■■■□□□□□□□LonerVamp said:Congrats!I see you have plenty of G-certs. At the risk of being biased due to each class probably building on others, where would you feel this one ranks with all the others you've taken? I'll let you use any criteria you'd like.Just curious, as that course is one I'd look at for any future choices of mine, particularly due to the update. But, I also know I probably won't learn as much new from it as I did from, say, FOR508. I'd never really done memory analysis before, but I've dealt with flows, pcaps, firewall rules, IDS/IPS alerts, etc. for years.Also, only 50 questions? That's not much!