GSEC - Windows and Linux security

YFZbluYFZblu Posts: 1,462Member ■■■■■■■■□□
Hey all,

I was recently accepted to join the SANS Work Study program for the GSEC training, which I'm super happy about. The Work Study program also provides me with a free GSEC exam attempt. My question is regarding the amount of pre-requisite knowledge you believe is needed to do well on the Windows and Linux portions of the exam.

I just completed the CCNA and I'm about 75% through my CCNA: Security studies. Between that knowledge and the Security+ I feel that I have a solid foundation in place regarding many of the core concepts of the GSEC; however I have close to no working knowledge of the intricacies of Windows or Linux, which concerns me. My employer will be paying my Work Study fee within the next week or so and at that time I will receive OnDemand access to my SANS resources. Additionally the conference isn't until the very end of October. It is also my understanding that my free exam challenge is good for four months after the conference. The way I see it, I have six months to prepare.

Would something like LPIC-1 be enough core knowledge to 'get it' once the security side of things is revealed to me in Linux? What options do you think I have for the Windows side? As someone with no practical security experience and no Windows / Linux knowledge, it would be easy to say I have bitten of more than I can chew regarding the GSEC; however I would prefer to accept the challenge head-on.

Thank you in advance for any advice you can provide me with!


  • ChooseLifeChooseLife Posts: 941Member ■■■■■■■□□□
    Hey, YFZblu, hope you don't mind me stalking your threads lately... :)

    I had a chance to peek through OnDemand material for the course, so here's my take on it - at least on Linux, did not look at Windows chapter yet...

    SEC401 covers basics of Linux security. It does seem to cover a fair share of common tools and areas, and working knowledge of Linux would help to make most out of the learning experience. I'm not too familiar with Linux certs, but if you have no experience with the OS, try to get at least basic familiarity with it before the class - the more the better of course. I can imagine diving straight into xinetd configs and pre/post-routing iptables chains without previous Linux experience can be overwhelming...
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    - discounted vouchers for certs
  • YFZbluYFZblu Posts: 1,462Member ■■■■■■■■□□
    Not at all! Thanks for the insight. I believe my Manager just paid my fee a few hours ago. I haven't received the email yet, so I'm thinking my OnDemand stuff will come early-mid next week.
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,378Admin Admin
    I'm taking the GSEC exam tomorrow. After studying the SANS SEC 401 materiel for the past three months, I can definitely say that prior Windows and Linux experience will be a BIG help on the exam. Not just for the security aspects of the OSes, but also the developmental history, file systems, security features (native and 3rd-party), networking services, and the networking protocols typically associated with each OS.

    Aside from the actual SEC 401 materials, the best source of non-SANS-related information is probably the Network Security Bible by Dr. Eric Cole, et al. He is the author of the SEC 401 course and the principle author of the GIAC GSEC exam. It's a book both worth having a look at and bringing into the GSEC exam itself.
  • ipchainipchain Posts: 297Member
    JDMurray wrote: »
    I'm taking the GSEC exam tomorrow.

    How did it go? Did you pass? If so, how did you find the exam?
    Every day hurts, the last one kills.
  • docricedocrice Posts: 1,706Member ■■■■■■■■■■
    Based on his updated certs list, I'm guessing he passed. I'm interested to hear his opinion on the SANS / GIAC experience.
    Hopefully-useful stuff I've written:
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,378Admin Admin
    I passed with a 93.89% in 04:04:34. I'm writing a set of three blog articles now and trying to get them posted today.
  • ipchainipchain Posts: 297Member
    docrice wrote: »
    Based on his updated certs list, I'm guessing he passed. I'm interested to hear his opinion on the SANS / GIAC experience.

    Good catch, I must have missed it last night.
    Every day hurts, the last one kills.
  • ipchainipchain Posts: 297Member
    Congratulations! Excellent, looking forward to the articles.
    Every day hurts, the last one kills.
Sign In or Register to comment.