GPEN review

grauwulfgrauwulf Member Posts: 94 ■■□□□□□□□□
Greetings forum,

I just sat the GPEN exam and thought I would share a few notes about the general test taking experience as well as my thoughts on the exam itself. This was my first GIAC examination and it was very different to my other experiences with CompTIA, Sun, (ISC)2, EC-Council, etc. The most notable thing is that this is an open book/ open note exam, and it should be. The problem is that most Pearson/VUE testing centers are not set up for this. You really should visit your testing center ahead of time to work out the logistics of managing your materials. This will save you a lot of time if you need to look something up. Out of the 150 questions on the test I left that there were maybe 20 or 30 that anyone would have to look up. The rest of the material was very practical and I would expect that any pen tester, that studied reasonably, well would know at least 2/3 of the material off the top of their head.

The exam environment is very similar to the giac example tests and that kind of threw me for a loop. Most testing engines don't show you your score as you're working on the exam. For I would rather have it there but it is very distracting. In my case it was a real boon. There were network connectivity issues and I was punted out of the test FOUR times, once for 40 minutes. The other times were about 5-10 minuets each. Guess what, the clock keeps ticking! All in all I lost just over an hour of my testing time to network outages and I was about to use the score tracker to quickly calculate that I would still be able to pass even if I missed the majority of the last 15. So I just blew through those quickly to finish in time. This is not a strategy I would normally recommend but I was really hosed and knowing that I would still pass really took some of the weight off.

The test itself is quite doable but you really need to know the material. Make a good index and I would also recommend having the help or man pages for all of the key tools like nmap, nc, scappy, tcpdump, etc. on hand. They are not terribly useful but I had a few questions where I was very happy that I could make a quick check to be sure that a given command was properly formatted.

One of the things I really dislike about the test taking format is that you can only flag a few questions for review, 5 I think. For the most part; once you answer a question that's it. There is no way to go back and change an answer. This makes it extremely important that you pay attention as you're reading the questions. I had 1 question were I answered it and moved on only to get 3-4 more questions in and have a "Doh!" moment.

Read carefully but DON'T DODDLE! 4 hours seems like a long time (or 2.8 hours in my case *grumble*) but that only leaves you 1.6 minutes per question. There is simply no way, that I can think of, that you could look up every question. I really think you would be pushing it to have to look up even a third. Even though it is multiple choice there were a lot of 'read this output' or 'review this config' types of questions. These really force the test taker to know the technologies/techniques as well as just the material. Those types of things, you just can not look up.

At any rate I think this is a pretty good exam and a great evaluation. Over all I think I would put it on par with CEH in terms of the actual test, but above it because GIAC keeps the exams very fresh.

I'm glad it is over but it wasn't the most traumatic event of my life either.

Study Hard my friends.


Sign In or Register to comment.