GMON Pass 10/21

Passed GMON recently and figured I'd share my thoughts.

My employer was awesome enough to cover SEC 511 and the GMON attempt. I had never taken a SANS course or GIAC exam so I decided to choose one that I felt I could easily accomplish through my previous knowledge and experience.

The course was delivered live, remotely. Being able to attend the course from the comfort of my home was nice and made for a great experience. The instructor was very knowledgable (I had previously used some of their books for other certifications), personable, and the class was easily able to interact via Slack.

The material from 511 is very straight forward. If you have any SOC/Blue Team experience, this test will be easy for you.

I took the class earlier this year, studied a book every 2 days (100 pages/night), then took a month off. When I came back, I studied a book a night for 2 weeks straight, made my index, and took my first practice test closed book. I scored a 79% and felt pretty confident. I went through the books again and took the last practice test using my index and books. I scored an 82%, not that great of an improvement or the score I was hoping to get going into the actual exam.

Went to take the exam, it was straight forward and in line with the 2 practice tests. I ended up passing with an 86%.

Find more posts tagged with

GIAC

GIAC Exam

GMON

SEC511

GMON SEC511

Comments

JDMurray

Thanks for the review! My employer is looking to send some of our SOC analysts either to SEC511 (GMON) or MGT551 on-demand. It nice to hear that SEC511 good, SOC-relevant training.

E Double U

Congratulations @jvrlopez! If I had remained in the SOC I definitely would have taken GMON.

@JDMurray - Curious to know why your employer is leaning towards the leadership level training for SOC analysts. Granted the MGT551 syllabus does contain some information useful to an incident responder, it seems to me the target audience would be security leads. SEC511, 504, 501, 503, 450 and more seem better for blue team staff.

JDMurray

We have a large SOC with multiple managers and shift leads. Some analysts do lead towards management and are worth training in such.

jvrlopez

Thanks guys! I've heard a lot that GMON is along the lines of CYSA+ and Cisco Cyber Ops. I took a few online practice tests for those certs and agree with that assessment. I am excited for my next SANS course and GIAC certification attempt. My employer usually pays for 1 course and attempt during a year, so I am eagerly reviewing which I would like.