GMON Pass 10/21

jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
Passed GMON recently and figured I'd share my thoughts.

My employer was awesome enough to cover SEC 511 and the GMON attempt.  I had never taken a SANS course or GIAC exam so I decided to choose one that I felt I could easily accomplish through my previous knowledge and experience.

The course was delivered live, remotely.  Being able to attend the course from the comfort of my home was nice and made for a great experience. The instructor was very knowledgable (I had previously used some of their books for other certifications), personable, and the class was easily able to interact via Slack.

The material from 511 is very straight forward.  If you have any SOC/Blue Team experience, this test will be easy for you.

I took the class earlier this year, studied a book every 2 days (100 pages/night), then took a month off.  When I came back, I studied a book a night for 2 weeks straight, made my index, and took my first practice test closed book.  I scored a 79% and felt pretty confident.  I went through the books again and took the last practice test using my index and books.  I scored an 82%, not that great of an improvement or the score I was hoping to get going into the actual exam.

Went to take the exam, it was straight forward and in line with the 2 practice tests.  I ended up passing with an 86%.


And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna

Comments

  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Thanks for the review! My employer is looking to send some of our SOC analysts either to SEC511 (GMON) or MGT551 on-demand. It nice to hear that SEC511 good, SOC-relevant training.
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    edited October 2021
    Congratulations @jvrlopez! If I had remained in the SOC I definitely would have taken GMON. 

    @JDMurray - Curious to know why your employer is leaning towards the leadership level training for SOC analysts. Granted the MGT551 syllabus does contain some information useful to an incident responder, it seems to me the target audience would be security leads. SEC511, 504, 501, 503, 450 and more seem better for blue team staff. 
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    We have a large SOC with multiple managers and shift leads. Some analysts do lead towards management and are worth training in such.
  • jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
    Thanks guys! I've heard a lot that GMON is along the lines of CYSA+ and Cisco Cyber Ops.  I took a few online practice tests for those certs and agree with that assessment.  I am excited for my next SANS course and GIAC certification attempt.  My employer usually pays for 1 course and attempt during a year, so I am eagerly reviewing which I would like.
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
Sign In or Register to comment.