SANS GSEC thoughts and opinions

bodacious00

Hello,

Just wanted to ask for some last minute advice on the GIAC GSEC exam. I have taken the OnDemand class and the online assessments. I've done well on the practice exams that come with the official test (85+% w/o books). Are the practice exams a good indication of the real test? Also, what was the max number of books you used for the exam?

I'd appreciate any information.

Thank you.

GAngel

bodacious00 wrote: »

Hello,

Just wanted to ask for some last minute advice on the GIAC GSEC exam. I have taken the OnDemand class and the online assessments. I've done well on the practice exams that come with the official test (85+% w/o books). Are the practice exams a good indication of the real test? Also, what was the max number of books you used for the exam?

I'd appreciate any information.

Thank you.

I havn't taken the GSEC but i am familiar with the giac testing. If you've taken the ondemand then you've gotten the books. That's all you'll need to pass the exam. The practise exams are almost exactly like the tests so you shouldn't have too much trouble. As for maximum books I took everything I got at the conference which was the 7 books and a few other pages.

The practise tests are a good indicator for the exam. The assessments tell if you're really learning the material. Enjoy it and try to get there a bit early as it takes a bit longer to get you up and running than an MS exam.

dynamik

That's a great score without any references. It sounds like you're in good shape. Good luck!

j_a_s_o_n

I've taken the GSEC. As with any GIAC exam, the best resource, and really the only one that you need, are the course books. The best advice that I can give you for the test is to make an index of the books and take it in with you. That way when you hit an odd question, you stand a much better chance of being able to find it quickly (or at all). If you still have any practice tests left to use, build your index first, then run through the test with it to make sure that you've set it up well.

unsupported

In my experience with the GCIH certification, the concepts are the same, but the questions are different in their approach. The practice tests ask very direct questions, ex. "What is the first phase in incident handling"? When I got to the actual test it would ask indirect or vague questions "In what phase of the incident handling methodology where you would perform containment"?.

I strongly agree with j_a_s_o_n, in that you should build an index of the course materials. I went through all my books and wrote down key words and concepts, then typed up an Excel spreadsheet indicating each page the key words and concepts appeared. I also tabbed my work books with page numbers to assist in finding the information quicker.

Also, what helped me is that the authors of the test/course ware are often well established authors in their own right. The authors will have their own books which related directly to the material. For example, GCIH course ware and test was written by Ed Skoudis, who also wrote Counter Hack: Reloaded. The GCIA I am studying for now, is heavily written by Kim Novak who wrote an official SANS book with Steven Northcutt, Network Intrusion Detection. Mike Poor the SEC503 senior instructor suggested the book is more like "old course ware", but that has not stopped me from reading and indexing it. If I still have issues after indexing and taking my practice exams I may pick up Poor's Snort book as backup.

For the GSEC, the senior instructor is Dr. Cole. Who has written, The Security Bible, umong others. If you want to bring in some backup, I would recommend reviewing the objectives of the GSEC and reading more about Dr. Cole's books. I would make a recommendation, but I am not looking into the GSEC until I'm done with my GCIA.

Good luck!

dynamik

unsupported wrote: »

For the GSEC, the senior instructor is Dr. Cole. Who has written, The Security Bible, umong others. If you want to bring in some backup, I would recommend reviewing the objectives of the GSEC and reading more about Dr. Cole's books. I would make a recommendation, but I am not looking into the GSEC until I'm done with my GCIA.

How have I not heard about that book until now?

Sounds like you're gearing up for the GSE with that list. Gonna make an attempt in 2011?

Paul Boz

dynamik wrote: »

How have I not heard about that book until now?

Sounds like you're gearing up for the GSE with that list. Gonna make an attempt in 2011?

Email Hamburger Boy and JL the ISBN and price and we'll get it added to the library.

dynamik

Heh, I buy my own books. You know my collection dwarfs the company's library. I get paid in 31 minutes, and it will be arriving two days later via Amazon Prime.

Although, I'm now totally curious about the identify of hamburger boy. I don't think I've heard that nickname before

Paul Boz

dynamik wrote: »

Although, I'm now totally curious about the identify of hamburger boy. I don't think I've heard that nickname before

C'mon man. Dude wears a size 18.

dynamik

Paul Boz wrote: »

C'mon man. Dude wears a size 18.

I don't check out the men at our office, so that doesn't help at all.

unsupported

dynamik wrote: »

How have I not heard about that book until now?

Sounds like you're gearing up for the GSE with that list. Gonna make an attempt in 2011?

Sorry, it's the Network Security Bible.

And GSE is my long term plan. Once I get the GCIA, I'll see about the GSEC, and talk to my mentor at work about writing gold papers. I'm also considering a new mentor at work, who is a real up and coming thought leader in security. I know I can write the papers, it is just a matter of time with school.

dynamik

Yea, and it's been ordered

I'm going to have GPEN, and I might take a shot at GWAPT as well, so I'd be able to avoid the papers hehe (although OCD might force me into writing five instead ).

GAngel

dynamik wrote: »

Yea, and it's been ordered

I'm going to have GPEN, and I might take a shot at GWAPT as well, so I'd be able to avoid the papers hehe (although OCD might force me into writing five instead ).

The papers are the best part

If only the challenge wasn't so expensive. I'm going to definately nail gsec or gcih this year though. I rarely ever see GCIA offered which i'd think is the one everyone wants. I also read if you recertify more than one exam in a year the price is $200 each.

bodacious00

Thank you for the advice. I really appreciate it.

Well, I took the exam and passed. I doubted myself with almost every question. That happens to me when I take an open book test. I indexed all subjects and keywords for every book and reviewed some of the assessment tests that are at the end of the modules. The practice tests are good indicators of how one may perform in the real exam.

Thanks again everyone for the advice.

My experience with the OnDemand material was pretty good. The course material covered will definitely help me in my career. What really helps me is reading the material, so I read most of the notes in the book and listened to the MP3's in my car and before going to bed. The instructor provides a lot of insight and real world experience on the topics covered. The books are sufficient enough to pass the exam. I'll probably take another class via OnDemand.

The only thing I did not like about OnDemand was having to finish all the assessments to get a certification of completion for the course. In order to get the certification, and thus the 46 CPE credits for the CISSP, you need to view all the slides and get at least an 80 on all the test assessments. Even though you pass the GSEC exam, you still need to finish all the test assessments. I guess this is a good way to force students to learn the material and not just buy their CPE credits. But for someone who enjoys reading the material and listening to MP3's, this can be a conflict. The Self Study option doesn't offer any CPE credits and is about the same price as the OnDemand. I think taking the time to review the material and passing the GSEC exam should allow you to get at least some CPE credits.

This is just my opinion though. Overall, I had a positive experience with the OnDemand GSEC course and the material covered. I know I will use what I learned to good use in my organization. Good luck to anyone attempting this exam.

j_a_s_o_n

You can always put in self-study for CPEs. You may stand a higher chance of getting audited on them since they're not "officially" from SANS, but you can definitely still put in for them. I put in 40 CPEs worth of self study when I studied for my ISSAP last year