Passed SANS GIAC GSTRT - mini review

UnixGuyUnixGuy Are we having fun yet?Mod Posts: 4,503 Mod
This is the training that I did:

and I passed the exam yesterday.

It's different than the other SANS training that I did (GCFA/GPEN) as this was not a technical training, the focus is on leadership/strategic management theory, policy development, coaching, and security program management.

The class size was small so we did the practicals together with the instructor (G. Mark).

My honest thoughts:
I personally enjoyed it and case study style was not new to me as this is how business schools teach (MBA), I was also familiar with some of the material (SWOT analysis, strategy, etc) from business school and I also had a good grasp on the frameworks they focused on (CMMI, NIST, CIS).

My class mates however, didnt seem to have enjoyed the course and got most of the questions/practicals wrong during the training. I have an opinion on why that was the my personal opinion thouhg. They were all either "IT manager" or "infosec manager". The IT folks simply didnt have an understanding of InfoSec and were out of their depth when it came to management training. They knew IT from a technical perspective but that's about it (you could really see that from their analysis of the case studies, they haven't really come across similar scenarios in real life).

The InfoSec folks  also didn't seem to have enough breadth, he only worked in one organisation for 10 years.

Another security person works in "government" and evidently had no experience with either IT or infoSec and got 100% of the questions wrong (he was way off...).

You could easily tell who thinks like a "business leader" and who thinks like a "technical lead/Engineer", this course is there to teach you the language and give you tools to be a better "Business leader".

I think having a consulting background and some business school training will give you more appreciation of the material.

Now the exam itself, it was honestly easy if you make a good index. It's easier to pass.

Would I recommend this course? yes if your organisation is paying for it AND you are a senior manager/CISO or aspire to be (in the near future)

if you dont have any training in management (CISSP/CISM don't count) / leadership/ security program development/ policy writing, you can definitely do and pass this course with ease but you may not enjoy it or you may not find it useful at all. I recommend that you do this instead as it'll be more applicable to what you do and you will learn more from it:

What's next for me?
Absolutely nothing, I do not want to do any more exams or certs or any study, I'm done...really done :D

I will be making a youtube video about it if you want to hear me blabbing.


Check out my YouTube Channel!


  • E Double UE Double U Senior Member Member Posts: 2,182 ■■■■■■■■■■
    UnixGuy said:

    What's next for me?
    Absolutely nothing, I do not want to do any more exams or certs or any study, I'm done...really done :D

    I say that after every exam LOL. Congratulations!
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS2022 goal(s): CRISC, AWS Certified Cloud Practitioner"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • JDMurrayJDMurray Certification Invigilator Surf City, USAAdmin Posts: 12,846 Admin
    Congratulations! Did you get this for your current work or for your future prospects?
    I wanted to take the broader SANS MGT514 with the GSTRT cert this year, but my leadership steered me into the SOC-specific MGT551 with its companion cert due to be released next year.
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,503 Mod
    @JDMurray for current and future, I'm writing policies/strategy and doing various gap analysis/assessments so it's a direct applications

    I think this training is a 'nice to have'  rather than a must (unlike GCFA for forensics, It's almost a must), this is just good theory and some tools that you can use

    Check out my YouTube Channel!

Sign In or Register to comment.