New here and Just Passed my GCIH
Hi All,
To start of, I would like to introduce myself that I am from Singapore, I only have 2 years work experience and have gotten my CEH 22 Nov last year and just passed my GCIH 16 Jan (on this monday), both by self study means. I have planned to go into GIAC certifications instead of a degree after reviewing my local degree courses and found them disappointed in the info sec sector.
Anyway, just sharing my GCIH experience for those who are interested. The actual test and the practice test questions are entirely different. But still for the test it is good to refer to those books (with indexing) actively, answering the question hastily is definitely not recommended. I won't recommend question **** at all as it won't help much.
Back to topic, I actually took 22 Days to complete my GCIH self study (started Dec) and I am currently studying my GCUX now (about 50% completion, started studying before GCIH exam) and planned for it for February or March.I spend most of my travelling time (including walking) and free time studying. I would like to have some opinions on the following.
G2700 - Is this certification really important and does it cover any CISSP topics? I notice some companies are looking for people with knowledge of 2700x series compliance. Is it a must for everyone in the industry to know this?
GSEC - I know this is an important certification, but it cover a wide range of topic, I wonder if it have any applicability in real life work environment?
GCFW - Has anyone taken this? Is this test hard to pass?
To start of, I would like to introduce myself that I am from Singapore, I only have 2 years work experience and have gotten my CEH 22 Nov last year and just passed my GCIH 16 Jan (on this monday), both by self study means. I have planned to go into GIAC certifications instead of a degree after reviewing my local degree courses and found them disappointed in the info sec sector.
Anyway, just sharing my GCIH experience for those who are interested. The actual test and the practice test questions are entirely different. But still for the test it is good to refer to those books (with indexing) actively, answering the question hastily is definitely not recommended. I won't recommend question **** at all as it won't help much.
Back to topic, I actually took 22 Days to complete my GCIH self study (started Dec) and I am currently studying my GCUX now (about 50% completion, started studying before GCIH exam) and planned for it for February or March.I spend most of my travelling time (including walking) and free time studying. I would like to have some opinions on the following.
G2700 - Is this certification really important and does it cover any CISSP topics? I notice some companies are looking for people with knowledge of 2700x series compliance. Is it a must for everyone in the industry to know this?
GSEC - I know this is an important certification, but it cover a wide range of topic, I wonder if it have any applicability in real life work environment?
GCFW - Has anyone taken this? Is this test hard to pass?
Comments
-
kiran_09
Member Posts: 5 ■□□□□□□□□□
Hi,
Congrats for passing GCIH. Can i know what books/resources did you refer for GCIH exam.
Regards,
Kiran -
LionelTeo Member Posts: 526 ■■■■■■■□□□
To add on to this List I will recommend
http://www.techexams.net/forums/sans-institute-giac-certifications/68043-post-your-sans-giac-study-material-recommendations-here.html
Netcat **** sheet
http://www.sans.org/security-resources/sec560/netcat_****_sheet_v1.pdf
Windows and Linux **** Sheet for SYSAdmin
http://www.sans.org/security-resources/sec560/windows_command_line_sheet_v1.pdf
There is a linux one but I can't seems to find it at the moment
**** Sheet for Incident Handler
ISC Diary | 2 **** Sheets for Incident Handling
NMap Reference
Chapter 15. Nmap Reference Guide
Metaplsoit Unleashed Chapter 8 to 12
Metasploit Unleashed - Client Side Exploits
Other Topics
Loki and Convert Channels
Netstumbler vs Wellenreiter
AirCrack
War Dialer vs Demon Dialer
Different Type of Rookit and LRK -
docrice
Member Posts: 1,706 ■■■■■■■■■■
I think the GSEC has real-world applicability from a generalist's perspective. It does not drill deep into any specific area, but it certainly provides a strong foundation to dive into the next step (whatever path that may be) for any aspiring infosec professional. I think the material is good for people who do general IT work and not necessarily focused on security on a daily basis. At the very least, it would raise a lot of awareness of key topics which affect their environment's security stance.
The GCFW / SANS 502 is a good course. It's not as hard as perhaps 503 in my opinion. I'm a little biased because I already some firewall and VPN experience when I took 502 so a good portion of material wasn't new to me.
As for the G2700, I'd guess that unless you're directly going to be involved in compliance work, it's not going to be immediately beneficial. I personally have no plans to ever take that SANS MGT411 or pursue that particular GIAC cert.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
Dakinggamer87
Member Posts: 4,016 ■■■■■■■■□□
Congrats and welcome to TechExams!!
*Associate's of Applied Sciences degree in Information Technology-Network Systems Administration
*Bachelor's of Science: Information Technology - Security, Master's of Science: Information Technology - Management
Matthew 6:33 - "Seek the Kingdom of God above all else, and live righteously, and he will give you everything you need."
Certs/Business Licenses In Progress: AWS Solutions Architect, Series 6, Series 63 -
Hey thanks for the advice and warmth coming. I am now doing lots of Unix Hardening practical (hopefully going UX next) and intended to go GPEN path after UX
Just a few more IH materials (not everything though)
dsniff
SSLStrip
Moxie Marlinspike >> software >> sslstrip
Also, some white paper does helps
SANS InfoSec Reading Room - Steganography -
pizzahut
Member Posts: 11 ■□□□□□□□□□
I am planning to take GCIH exam this year.
Any update on the recommended study materials? -
pizzahut
Member Posts: 11 ■□□□□□□□□□
Yes. I am planning for self study and are having SANS year 2010 student manual but are worried that might be out-dated.
Any kind soul can share with me their latest study material? -
docrice
Member Posts: 1,706 ■■■■■■■■■■
You might not be aware of this, but official SANS courseware is non-transferrable and is only for the original student who took the class. Specifically, the SANS Courseware License Agreement states:User may not copy, reproduce, distribute, display, modify or create derivative works based upon all or any portion of the courseware in any medium whether printed, electronic or otherwise, without the express written consent of the SANS Institute. Without limiting the foregoing, user may not reproduce, distribute, re-publish, display, modify, or create derivative works based upon all or any portion of the courseware for purposes of teaching any computer or electronic security courses to any third party without the express written consent of the SANS Institute.
SANS courses also tend to get updated frequently and four-year old class material probably won't reflect the current exam questions very well.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
pizzahut
Member Posts: 11 ■□□□□□□□□□
Does registering for the exam entitle access to the courseware?
-
docrice
Member Posts: 1,706 ■■■■■■■■■■
No. Registering for the exam gets you access to two practice tests (which resembles the real exam relatively closely in my experience) as well as the actual live exam. To get access to the courseware, you have to sign up for the respective SANS course, in this case SEC504.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
