GCIH Practice Exam - Easy A

ChooseLife

This weekend I took a practice exam for GCIH. The exam contained 150 questions, and took me ~100 minutes to complete. I scored 90% without googling or using external sources. Could've done even better, but I was sleepy and did not care enough.

I have not actually taken the course - part of the reason for taking this practice test was to see how challenging it would be. The practice exam looks really good, it covers a variety of topics from Incident Handling process to technical minutia on tools to identification of various types of attacks. Overall it lives up to the title of a certification on incident handling pretty well.

Now I am somewhat torn. On the one hand, GCIH is one of the most popular GIAC certs for a blue-teamer. On the other hand, seems like I have most of the knowledge already, so not sure if it's worth the money...

CISSP is my shorter-term goal, but I'm shopping for the next SANS class... GPEN, maybe? I'm not a pentester, but I need a technically challenging training...

Psyco32

Try course FOR610: Reverse Engineering Malware

YFZblu

I just sat through Alissa Torres' sales pitch on the Offensive Digital Forensics class SANS is planning to release..It looks incredible if you happen to have a solid understanding of Forensics techniques and methodologies.

xBlank

@ChooseLife do you have spare practice exam? 

TechGromit

ChooseLife said:

Now I am somewhat torn. On the one hand, GCIH is one of the most popular GIAC certs for a blue-teamer. On the other hand, seems like I have most of the knowledge already, so not sure if it's worth the money...

I think your missing the point of certifications. They are to measurement of proof to others you have the level of knowledge you claim you do. If a job came up and we both applied, chances are I would get the interview and your resume would end up in the garbage, assuming you don't hold any other certifications. You could very well be the smartest, most qualified guy for the job, but can you prove that on paper or job application, having never talked to the HR person that forwards or trashes your application.  

bigdogz

@TechGromit is correct. You have to get by human resources and management, otherwise your resume isn't even going to made for paper airplanes.

In addition, the GIAC is an open book exam. There may be a question or two that you are lost and you have to go to your index that was made for this exam. No index, no books, then you are just guessing.
If someone handed you the material, then both of you are in violation of the EULA. One or both of you could be banned from SANS and stripped from your certification.
Go to the class. Study for the exam, and get the certification. You will feel better and you just may learn something.

TechGromit

bigdogz said:

Go to the class. Study for the exam, and get the certification. You will feel better and you just may learn something.

If he got a 90% on the practice exam without building an index, I say there nothing he can learn from the class, at least not enough to justify spending $6,000+. He should challenge the exam for $1,800, pass the exam and get his shiny plaque that in theory will help him get a better paying job to be worth the investment.

bigdogz

That is a gamble I would not take.