Passed GCIA

E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
What a tough exam. Either I am starting to feel some burnout from the continuous studying or GCIA is just a beast. Scored 72% with less than two minutes remaining on the clock and didn't take a break.. I am not good with time management on these open book exams. I want to make sure I look up every answer even when I am sure I know it.

My approach to this was different than GCIH. I took SEC504 live and started my index after going through all of the material. For SEC503 I did on-demand and built my index as I followed the course. There is a quiz at the end of each section so I made sure to have my index completed for that book before taking the quiz. I didn't have enough time to complete the first practice exam so I just rushed through it and took snapshots of the questions I didn't understand for review later. After that I went through all of the material again then took the second practice exam (scored 74% and used all four hours). My index went through several revisions. I had to go over some of the material multiple times including this morning before the test. Building the tcpdump filters, understanding everything in the headers, and the more fragments section took a while to catch on.

Feeling pretty good about the results considering the bulk of my studying was done later in the evening after the kids were in bed and during my train rides to/from work (50 minutes each way).

CISM is my other certification goal this year plus I really need to work on my Dutch. No rest for the weary icon_cheers.gif
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS

Comments

  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats on the pass!! GCIA is definitely a beast. I passed with a 72 or 73 myself. My study for the GCIA was similar to yours.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Nice work, congrats!
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    Well done. Congrats!
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    After taking GIAC exams with and and without the progress meter, I would prefer to have it. It would put my mind at ease towards the end of the exam if I see that I am in the passing range before I hit that submit button.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • rscrtrscrt Member Posts: 62 ■■□□□□□□□□
    Congrats! It is a cert with very useful knowledge.
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    rscrt wrote: »
    Congrats! It is a cert with very useful knowledge.

    Definitely! Came in handy when I had some work to do in our NIDS.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • FillAwfulFillAwful Member Posts: 119 ■■■□□□□□□□
    Congrats on your pass! GCIA is a beast of a test but now you can read The Matrix...blonde...red-head...brunette...
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    FillAwful wrote: »
    now you can read The Matrix...blonde...red-head...brunette...

    SANS should add that to the syllabus :)
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • IaHawkIaHawk Member Posts: 188 ■■■□□□□□□□
  • mjs1104mjs1104 Member Posts: 30 ■■■□□□□□□□
    Congrats! I just recently passed the GCIA with nearly an identical score. I have taken and passed the GSEC, GCFA, and GCIH, and found that the GCIA was the most difficult GIAC test I have taken by far. I also, like you, used almost all of my available time. I procrastinated studying for the exam. I took the course ONDEMAND and of course saved it to the last possible minute.

    When I hit the final submit button I was a bit nervous but relieved that I passed. My advice to anyone studying for this would be to take this exam seriously and start studying early. Ideally, have your first practice test done with plenty of time to shore up any weak areas. I also feel like a thorough index saved my bacon on this one. I don't have a lot of hands on experience with tools like Snort and Bro and really didn't spend nearly enough time getting comfortable with them.

    I'm on to the GREM now, and learned my lesson with the GCIA. I already started indexing the first book and just finished reading Pracitical Malware Analysis. I'd much rather pass with a comfortable percentage then to squeak by and give myself a panic attack.
    GSEC, GCIA, GCIH, GCCC, GCPM, GMON, GCTI, GCFA, GREM, GPEN, A+, Net+, Security+, Server+, C|EH, EnCE, ACE, CFCE, etc.
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    @ mjs1104 - Congratulations to you as well! I began studying in mid-January and kept studying up until the moment I entered the testing center lol. My index was much larger for this than GCIH. Going into the course I only had hands on with Snort (via Cisco Sourcefire) and Wireshark.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    congrats!!!! GCIA is awesome, and i've been slacking to no end on this one! no more!!

    I wish there was a practical way to practice the stuff in the GICA material in the real world! I deal with IPS everyday, but without access to Snort...just through a GUI

    I'm going to take this exam some time this year :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Just wondering where they are at on network security monitoring. Do they say that it is becoming less and less relevant as advanced malware more and more often encrypts its traffic and more often mimics legit protocols to get lost in noise, such as twitter traffic, etc?
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    @ UnixGuy - You don't need to be a Snort expert to pass the exam. You sure better know how to read a packet though. Stop slacking!!!

    @ gespenstern - The material doesn't say "less relevant", but does get into encryption and noise as issues. I'm actually interested in SEC511/GMON because I think it would take a deeper dive on the topic, but I could be wrong.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • billyr2009billyr2009 Member Posts: 120
    Congrats on your pass. I too will be taking this course on demand in the next few weeks. A little nervous but I plan to spend my summer with this class and hope to make it on the first try. :)
  • FillAwfulFillAwful Member Posts: 119 ■■■□□□□□□□
    E Double U wrote: »
    @ UnixGuy - You don't need to be a Snort expert to pass the exam. You sure better know how to read a packet though. Stop slacking!!!

    @ gespenstern - The material doesn't say "less relevant", but does get into encryption and noise as issues. I'm actually interested in SEC511/GMON because I think it would take a deeper dive on the topic, but I could be wrong.

    I'm looking at the GNFA as a more relevant approach to network forensics and monitoring especially when it comes to threat hunting and dealing with large amounts of data.
  • keane234keane234 Member Posts: 11 ■□□□□□□□□□
  • lostsollostsol Member Posts: 18 ■□□□□□□□□□
    FOR572 was a great class. Phil Hagen was a great instructor too. It definitely teaches you how to pare down the amount of data, and hone in on relevant clues and artifacts.
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    billyr2009 wrote: »
    A little nervous but I plan to spend my summer with this class and hope to make it on the first try. :)

    I was very nervous while going through the course. It just felt like I wasn't getting it. Might be fatigue, but this was tough.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Sign In or Register to comment.