Passed GSEC today 4/30/12

reppgoa

Just passed GSEC...know your linux.

kriscamaro68

Congrats on the pass, that is awesome!

the_Grinch

Congrats!

JDMurray

Yes, congratulations!


I wouldn't mind nailing that one myself one day. Do you have any other thoughts on it?

reppgoa

Its a lot of material over a wide breadth of domains. It was more technical than I thought it was going to be. You actually have to know how to deconstruct a packet, how the various protocols work and DONT work, and know the various outputs of tools like nessus, wireshark,net stumbler, snort, and kismet. And I cant stress enough how important it is to index your study material. Just because its open book doesn't mean it isn't still challenging. 6 books worth of material. You will NOT have enough time to blindly look up every question. I had to look up about 1/4 of the questions and finished with 1.5 hours left. If I had had to look up 50%, without indexed material, I am not sure I would have made it.

lanrexng2

congrats man! What books did you use or did you take the extremely expensive classes? :-p

YuckTheFankees

Awesome job! What's next for you?

dude2f4

congrats. Im currently studying for the GSEC myself... im taking the ondemand bootcamp from sans.org along with the books and mp3s do you think that is a good way to go. I took the Security + last year along with A+ and Net + the army threw this course on me out of nowhere. They paid for it ofcourse and I must say it is an expensive course to take. Is this really a good cert to have. Im trying to find a job in the information security field but it seems like everyone wants someone with experience... thats what im lacking. lol...

reppgoa

@dude2f4, It is significantly harder than security+. Its not even in the same league. I passed security+ in 18 minutes with a 96%, where GSEC took me 3.5 hours and I got an 85%

Up next is finishing my degree in Computer Networking and Security, I have 3 semesters left. I MIGHT consider OSCP as I love how they have it setup. GPEN is an obvious choice, but I would like to have my C|EH (lol) and OSCP before I take GPEN. I took an ethical hacking class 2 semesters ago and loved it. It was with Rob Murphy who runs warl0ck Gam3z. My final was a hacking challenge game board against my peers in the class. We attacked VM's, cracked passwords, and answered obscure trivia. I LOVED it.

This next semester I have an advanced digital forensics course, so who knows where that will take me. I know that I could probably pass CISSP at this point, but not sure if I can scrounge up the experience requirement. I took a CISSP practice exam last semester and got a 97%. We shall see!

reppgoa

lanrexng2 wrote: »

congrats man! What books did you use or did you take the extremely expensive classes? :-p

My company paid for training and then I used common books to supplement. All of the answers can be found in the supplied study material though. I just used other books for things that I didnt want to index in the provided materials.

docrice

Congrats on the pass. Not an easy one considering the wide number of subjects covered. The GSEC is a good solid foundations cert that's definitely a step above Security+. I passed Sec+ a few weeks before I took 401 so I remember the difference pretty well. I don't remember the study material being 7 books long, although perhaps I just don't remember or they upped the content an additional book.

reppgoa

docrice wrote: »

Congrats on the pass. Not an easy one considering the wide number of subjects covered. The GSEC is a good solid foundations cert that's definitely a step above Security+. I passed Sec+ a few weeks before I took 401 so I remember the difference pretty well. I don't remember the study material being 7 books long, although perhaps I just don't remember or they upped the content an additional book.

Indeed, its 6. Was a typo =P Will edit.

YuckTheFankees

OSCP and GPEN are on my to-do list as well, let us know when you get to that point!.

reppgoa

After taking some time to think about it, and talking with some old Army friends, I think I can squeeze the necessary time requirements out of my time in the service for CISSP. I easily have the 5 years of physical security down, just need to see if I can finagle access control. I was in the infantry and thats all I did was physical security and access control lol. I also have 2 years of experience in network security from the latter portion of my time in the service. While CISSP interests me very little in reality, I think its the most marketable cert.

laughing_man

Awesome job! Sitting for my GSEC in a week or two. Kinda nervous. Did you take the practice tests? If so, how did they compare to the final?

reppgoa

I took one of them, and it wasn't even close from what I can remember.

laughing_man

Oh joy.

dude2f4

ahhh cool thanks... ohhh one more question.. the test is open book? my unit didnt tell me that... shoot so I should tab these books then huh?

onesaint

Congratulations on the pass!

What's the college you're getting the degree from? Those sound like some pretty fantastic classes.

reppgoa

dude, I wouldn't waste time tabbing them with anything other than numbers. I created an index in a word document that linked to the numbered tabs in each book.

onesaint, it was UMUC, but it was a fluke. So many people failed that hacking class that the department watered it down completely. Its sad that rather than pushing people to actually meet a standard, they just lowered the bar. I still talk with the teacher all the time, and its pretty bad. There is a pre-req of a linux+ class that people must take to be able to take this hacking class. People show up barely even being able to spell Linux.

TeKniques

Congratulations on the pass. I checked into some SANS stuff out of curiosity a couple weeks ago and took the pre-assessment on their site; indeed this covers quite a bit of material. It's almost intimidating how much stuff is covered as it seems to be pretty technical as well.

Best of luck on your next effort!

onesaint

reppgoa wrote: »

dude, I wouldn't waste time tabbing them with anything other than numbers. I created an index in a word document that linked to the numbered tabs in each book.

onesaint, it was UMUC, but it was a fluke. So many people failed that hacking class that the department watered it down completely. Its sad that rather than pushing people to actually meet a standard, they just lowered the bar. I still talk with the teacher all the time, and its pretty bad. There is a pre-req of a linux+ class that people must take to be able to take this hacking class. People show up barely even being able to spell Linux.

I'm in a LAMP / Openstack cloud class like that right now. There's a prerequisite of Linux+ as well. We started out with 25 people. I was the only one who knew any Linux besides the Teacher. It's a joke. The Teacher is brilliant, but the lack of general Linux knowledge in the class is a drag. We've ended up with about 7 students still in class and I don't think they get 80% of what he talks about. I just sit and pick his brain which has the effect of delving deeper into specific topics. I wish folks would at least try to meet the prereqs.

CEHwanabe

how do u take that exam? just from GIAC site no application like EcCouncil?

reppgoa wrote: »

Just passed GSEC...know your linux.

reppgoa

You can challenge the exam, but generally you have to take the training. I took a 5 day training course in Baltimore, it was awesome.