Gcih - sans 504
laughing_man
Member Posts: 84 ■■□□□□□□□□
in GIAC
Just signed up for SANS SEC504 with a GCIH attempt. Can't wait to get the books and study hard 
I will post with my progress and impressions for those who are interested.
I will post with my progress and impressions for those who are interested.
Comments
Here is hoping GCIH goes into a little more detail than GSEC, which was a bit too broad I think.
I am doing the OnDemand course, so doing a daya by day would be tedious. But certainly I plan on posting at times when I think I have something meaningful or helpful to post. Reading old posts by folks who have gone through an exam are always helpful, so I intend on leaving something for others.
So is your feeling that the GCIH is casting too wide a net in terms of material? I felt that the very nature and purpose of the GSEC was to be broad, hence the security essentials bit.
No. It's definitely not GSEC. 504 is what it is: Hacker Techniques, Exploits and Incident Handling. I was expecting it to be mostly Incident Handling and Network Forensics with some hacking knowledge. In reality it's more like 25% IH and 75% Hacker techniques that also happens to cover how to prevent each attack.
I got to say after slogging through the IH material, I am hitting my stride with the hands on. Truly a great course. I enjoy the work so much , I have to remember to keep making my index
http://adarsh.amazonwebservices.ninja
It's a fun course, good luck
Just finished my first practice test. Scored an 81%, which is lower than I hoped. The GCIH material is proving to more difficult than I had expected, but still enjoyable.
Anyway I have my printout with my results for each category on the test. I have 12 days to study hard on those weak areas and I have another practice test to use if I need it.
my 504 class begins tomorrow. i'm in virginia do you have any advice? i heard that creating an INDEX is helpful for the exam. do you feel you will pass this exam?
Best advice is read the books cover to cover, making your index as you go along. I have 4 columns in mine: term, book number, page number and description.
I also make notes for each section, basically re-writing the material in my own words. I use that basically as a tool to help get the information in my head, not really as a study tool.
I also listen to all the lectures, either in the car, on a walk or in the evening when I have time.
After that I have read the books through once more, making additional entries or additions to my index.
I feel confident I will pass. Honestly, I had about 10 questions on the practice test that were d'oh moments where I did not read the question and answers fully and I clearly knew the answer, but did not take my time.
Having already done a SANS cert, I know the process and how the tests work. When I did my GSEC I tested in the mid to high 80s on my practice exams and got a 93% on my final. Basically again due to the fact that I rushed a bit on the practice tests but took my time on the actual exam.
I think if you invest the time and effort to read and know the material, plus build a solid index, you will be fine. Its a lot of work yes, but then all good things are
Good luck to you!
okay my friend. when do you plan to take the GCIH? also do you mind if i post questions here for the next few days as i go thru the course? the exam is multiple choice and open book. yes?
wow thanks man. i appreciate this very much. i have book #1 and the class starts in an hour. day 1 seems like an introduction day. should i take the primary terms there and index them?
because this guy
http://digitalforensicstips.com/2012/11/sans-index-how-to-guide-with-pictures/
made he has things organzied according to "tools" "windows" "linux" and "miscellaneous" and it seems like -
and day 1 seems like a general terms and processes ideas. Should i index and alphabetize terms in a "miscellaneous" section? because day 1 doesn't have any thing on the technical side. just the Linux commands in the appendix.
I indexed as I went and then reoordered my index alphabetically. I also would recommend doing 1 index, not 3. I toyed with idea, but it was too unwieldly.
I liked the idea of of 3 separate index sections. In my eyes things flow smoother if your only focus is searching
alphabetically. If you subdivide and then blank out at a term, you will have to spend extra tome looking up through the sections.
thanks for this information. i really appreciate it very much. i still feel it's important to build up my index after each session. thanks for information. i will post my progress here and ask generic questions as i progress thru the course for the next 6 days.
i'm in a rush to be honest. and i'm gonna take the practice exam a week after the class is over and then if i do well on practice exam. i will attempt the real thing.
okay every one. i just finished the bootcamp. i will post my entire index within the next 4 days. i have been working on it. thanks for all the help.
any suggestions for making it better will be helpful. thanks everyone.
Also, make sure to tack on a few "extra" pages to the back of your index for **** sheets like common ports.
Anyway, glad to be done.
Study suggestions for future test takers:
Make a solid index (mine was a bit overkill at 40 pages). Basically if it was a proper noun, I made an entry. Creating the index is the single most helpful thing you can do while studying.
READ ALL THE BOOKS
When you have done that, read them again!
Give yourself plenty of time. I used all 4 months for study time and put probably over 100 hours into studying.
I think if you read the books through, make an in depth index and go over the ins and outs of the attack methodologies, you will do fine.
Thats all for now. I will be prepping for the CISSP next and then who knows