Thoughts on the GIAC 2700

Passed the GIAC 2700 exam on Saturday with a 81.33 score, and used a little over one hour. This test was much closer to the CISSP and CISA than any others in the WGU MSISA program, for sure.

After much thought, I did the open-book material I took in the exam a little different than Agent47 here: http://www.techexams.net/forums/sans-institute-giac-certifications/88987-passed-giac-g2700-exam-today.html Although I am grateful to him for giving me ideas on what to research and be familar with.

Maybe because my brain processes information differently, I had a hard time making 'notes' in the same manner, so i wound up taking two binders into the exam - one with the verbiage of 27001, 27002, and 27005, and another with more detailed, topic specific information such as wikipedia articles, a few technote pages, etc. (I don't know if listing everything I took in my binders is appropriate or not; if a mod permits, I will make a list.)

On the practice exams, I used my binders maybe a total of 10 questions out of the 150, and scored 74 and 93. On the actual exam, maybe paranoia played a factor, but there were quite a few that required me to look up specific things in the standards, and I probably would not have passed without those, for sure. Probably 40-50% I had to confirm. Put all your docs in plastic sleeves (it takes forever but is worth it!) and I grouped my printed topics into sections (like legal, project management, risk management, etc) which was invaluable in locating information quickly.

I honestly didn't study a whole lot; I DID read 27001 and most of 27002 (it gets old after a while) and 27001 was actually far more useful for me. I didn't really use any outside resources other than the controls, and what I had in my binders, but I also have CISSP and CISA certs, and a fair amount of experience, especially in C&A (some of my previous jobs included bank auditor, and then DIACAP consultant for the USAF.) I also got some ideas for what to have in the binder from Passing the G2700 ISO 27001/27002 certification: What Materials you will need for the Exam., and I had far more than what I needed, but I wanted to be well-prepared.

As far as certification tests go, this is one of the more challenging. It would be a helluva lot hard if they made it longer; it is quite taxing mentally, much like the CISSP or CISA.

Find more posts tagged with

Comments

cyberguypr

Congrats on the pass!

JDMurray

Congratulations!

Agent47

Congratulations on passing the exam! Told you!

colemic wrote: »

Although I am grateful to him for giving me ideas on what to research and be familar with.

And ahem, *clears throat* make that grateful to "her"

lol!

Glad I could help! So whats your next move?

colemic

Haha, sorry about that...

Plans are to start and finish my capstone, and then take a looong breather.

Hypntick

Congrats on the pass! I am starting in on my G2700 studies starting next Tuesday. Currently on vacation and then have my capstone oral defense Monday, will be nice to be done with that. Any other hints or tips that you can suggest on this test? How long did you study for if you don't mind my asking? Just trying to go into this as prepared as possible.

colemic

I didn't study very long (like a week or two); but I also have CISSP, and CISA certs, and the questions were very similar. Be familiar with PM terms and concepts, that is what I was weakest on.

colemic

This is just a listing what I took in, and I happened to pass.... Much of this was NOT on the exam, but I know it is fair game according to the domains, and doesn't hurt to be familar with anyways.

Here's a list of what I had in my binder... it may/may not be on your version of the exam, but this is what I took in with me, and I passed. First binder, all the standards. Use tabs to mark the different standards documents. Only other thing I tabbed was the control objectives in 001. If not marked wiki(pedia), google it and you can probably find the exact same docs I printed out.
Legal:
Sarbox -
HIPAA
Privact act 1974 (all above are wikipedia articles)
OECD Security Guidelines
GLBA/FFIEC - Dell Secureworks doc

Risk Management:
Risk management (wiki)
BITS Kalculator
Risk Treatment Plan
Four Key Benefits of ISO 27001 Implementation
Difference Between DRP and BCP
BCP vs. DRP
Is there a Theoretical Difference between DRP and BCP?
12 Principles of Risk Management - with an Agile Slant

Project management:
Project management triangle - wiki
Time_based Analysis (Cracked, Insecure and Generally Broken blog)
Cause-Consequence Analysis
Business Process Mapping - wiki
Failure Mode, effects, and criticality analysis - wiki
SMART criteria - wiki
CRAMM - wiki
A Qualitative Risk andlysis and Management tool - CRAMM by Yeki Yazar
Fault Tree Analysis - wiki
Parkerian Hexad - wiki
Single Loss Expectancy - wiki
Annual Loss Expectancy - wiki
12 steps to Information Security Nirvana (SANS doc)
Guideline for roles and responsibilities in information asset management
IANAL - wiki (I am Not a Lawyer - no idea why this is in one of the domains on the SANS site

Choose an Encryption Algorythm (technet)
IPSEC (wiki)
Overview of IPSEC - Aaron Balchunas
Dynamic Routing Protocols - technet
Dynamic routing - comptechdoc.org
Security Controls - wiki
QC Boss: Testing, INdependent Software Testing, Manaul Testing, Website testing, Funcionality testing, Usability testing, QC, QA, UAT - Preventive, Defective (they misspelled detective), & Corrective Controls
Discretionary Access Control - wiki
mandatory access control - wiki
translating security principles to management: economy of mechanism (sans blog)
translating security principles to management: separation of duties

cut and paste questions from both practice tests, along with correct answers, even on the ones you get right.

Hypntick

colemic wrote: »

I didn't study very long (like a week or two); but I also have CISSP, and CISA certs, and the questions were very similar. Be familiar with PM terms and concepts, that is what I was weakest on.

I have a general understanding of the PM stuff overall, so I should be fine with a brush up. I picked up the IT governance book that was suggested in the COS and was going to read through that. As I don't have my CISSP or anything along those lines I know I need to study a bit more. I'm going to shoot for 4 weeks, that way I have enough time for a retake if needed. Thanks so much for the advice and good luck on the capstone, it's fairly taxing.

horusthesun

Congrats