Options
GPEN Pass!
charismaticx
Member Posts: 160 ■■■■□□□□□□
Due to current events, I was forced to wait to take the exam. The exam itself wasn’t too difficult if you read the books and practice all the labs. There were few questions I had no idea how to answer so I skipped them and saved them before the lab question. I’m certainly glad I was finally able to challenge the exam. It had been on my mind for months.
Preparation for the exam:
I took my time reading the books and going through some of the labs the first time around. When I had finished, I had built out my index. SANS is notorious for asking some of the obscure questions in the books and that's where the index comes into play. There's so much information in the books that its hard to digest it all at once. I envy those who can retain that much knowledge during their first practice test. During my first practice test, I had quickly realized that I was missing some crucial information in my index. The command sheets that SANS provides are normally helpful, but in my case they didn't do much for me.
After going through the books again, I was able to beef up my index some more. The second practice test was honestly harder than the first one. The index really came through and I scored significantly higher. The labs were much harder and it didn't occur to me that I should of made an index for the lab book itself. After that last practice test, I felt like I had to regroup and review the books and labs all over again. I had originally scheduled my exam for April, but due to the testing centers closing everywhere I had to postpone my exam indefinitely. Luckily, SANS was able to extend everyone's test attempt so it wasn't that much of an issue.
Exam Day:
Once SANS announced they were doing remote test proctoring I had booked my exam immediately. The exam itself felt very similar to the practice tests. None of the practice questions were on the exam, but they really help you understand the concepts. I felt quite confident after going through each book and making sure my books were tabbed out for quick reference. There was some weird questions on the exam that weren't covered in the books so I had to go with the best answer. After hitting submit on the last lab question I saw the pass and I was able to take a huge sigh of relief.
GPEN in my opinion really lays down the foundation to become a successful Pen Tester. It doesn't show you anything crazy, but it helps enforce the methodology that EC Council fails to do. If you're unable to take the GPEN course, I highly recommend looking up the Cyber Mentor's Udemy course called Practical Ethical Hacking. It's very similar to GPEN, but it covers the web application Pen Testing in detail. His review of Burp Suite really helps you understand the use of Zap. For now I can take a quick breather as I look forward to the next SANS course.
Preparation for the exam:
I took my time reading the books and going through some of the labs the first time around. When I had finished, I had built out my index. SANS is notorious for asking some of the obscure questions in the books and that's where the index comes into play. There's so much information in the books that its hard to digest it all at once. I envy those who can retain that much knowledge during their first practice test. During my first practice test, I had quickly realized that I was missing some crucial information in my index. The command sheets that SANS provides are normally helpful, but in my case they didn't do much for me.
After going through the books again, I was able to beef up my index some more. The second practice test was honestly harder than the first one. The index really came through and I scored significantly higher. The labs were much harder and it didn't occur to me that I should of made an index for the lab book itself. After that last practice test, I felt like I had to regroup and review the books and labs all over again. I had originally scheduled my exam for April, but due to the testing centers closing everywhere I had to postpone my exam indefinitely. Luckily, SANS was able to extend everyone's test attempt so it wasn't that much of an issue.
Exam Day:
Once SANS announced they were doing remote test proctoring I had booked my exam immediately. The exam itself felt very similar to the practice tests. None of the practice questions were on the exam, but they really help you understand the concepts. I felt quite confident after going through each book and making sure my books were tabbed out for quick reference. There was some weird questions on the exam that weren't covered in the books so I had to go with the best answer. After hitting submit on the last lab question I saw the pass and I was able to take a huge sigh of relief.
GPEN in my opinion really lays down the foundation to become a successful Pen Tester. It doesn't show you anything crazy, but it helps enforce the methodology that EC Council fails to do. If you're unable to take the GPEN course, I highly recommend looking up the Cyber Mentor's Udemy course called Practical Ethical Hacking. It's very similar to GPEN, but it covers the web application Pen Testing in detail. His review of Burp Suite really helps you understand the use of Zap. For now I can take a quick breather as I look forward to the next SANS course.
Goals: PNPT; OSCP; GPYC; GSE