GCFA Study Resources

grahowlergrahowler Registered Users Posts: 4 ■□□□□□□□□□
Hi

I've registered to do a GCFA exam and I've got just under three months to complete the exam. I'm experienced enough to know roughly 40-50% of the content but obviously that's not good enough to go in to the exam with.

I can't do a SANS course so I started looking around for material online. It wasn't long before I discovered just how many "Pass Guarantee or Money Back!" offerings out there. I'm sceptical about this kind of stuff but, probably stupidly, I bought the *********.com testing engine, without realising that it didn't include PDFs. The testing engine is good practice, but I no know there are a heap of "pass guarantee" offers out there with PDF downloads.

I see that the GIAC exams are open book, you can take in written material. Does this mean that you can just print out these PDFs and you've basically got all the material?

Regardless, what do you think is the best study material is?

Thanks.

Comments

  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    Yes, you can bring in any printed material with you, whether it be Official SANS books, other books, printed or handwritten notes, etc. Writing materials or computers are NOT allowed. My recommendation for taking the exam if you do not have the official books, is to try and get other books on the topic, and build an index of topics covered on the exam, so if you get a question like what is the FBI, and don't know what it is, you can look at your index and see that book 2, pages 104 has the exact definition of what the FBI is. Of course Computer Forensics InfoSec Pro Guide and Guide to Computer Forensics and Investigations are not going to be labeled book 1 and 2, but you can label them as such to make identifying them easier during the exam. Do not depend on the table of contents or the index in the books, your not going to have enough time to search for the answers, an index will tell you exactly what book and what page (or tab # like I use) to look up if you don't know the answer.

    As for "Pass Guarantee or Money Back!" sites, usually they give you questions from the exams to study, so your "Guaranteed" to pass the exam. This is considered cheating. Generally organizations giving the exams have have wised up to this practice and it really doesn't work anymore, but good luck getting them to pay up if you don't pass. As for passing the exam using one of these sites, SANS updates there exams at least once if not several times a year, so chances are the questions you studied for will be outdated and not be on the exam. Cisco exams I believe randomly pulls the questions from a pool of 5,000 possible questions, it's probably easier to just study for the test, then memorized 5,000 possible questions.

    Note: I'm not recommending the Computer Forensics InfoSec Pro Guide and/or Guide to Computer Forensics and Investigations they were just used to make my point, I'm not qualified to make any resource recommendations for the GCFA exam.
    Still searching for the corner in a round room.
  • grahowlergrahowler Registered Users Posts: 4 ■□□□□□□□□□
    I notice these books are a little older now, published 2013/2014. Do you still think they're relevant to the exam material now?
  • grahowlergrahowler Registered Users Posts: 4 ■□□□□□□□□□
    Sorry... one other thing, where you get
    TechGromit wrote: »
    the official books
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    As I said I never took the GCFA, so I don't know if these are a good resource or not. The problem with asking people that taken SANS training for resource recommendations is SANS material is updated often, far more often than any text book you can get off of AMAZON. So we tend to no go back and read outdated text books that you can get from Amazon, because it's like taking a step back. Sometimes other sources do offer additional information not in SANS materials, for example there are several additional books available for Malware analysis, they may offer additional information on specific types of malware that SANS training covers too broadly, but generally most SANS alumni doesn’t buy outdated materials for additional study, research papers and online materials offer a far better source of developments in our areas of expertise.
    Still searching for the corner in a round room.
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    grahowler wrote: »
    Sorry... one other thing, where you get

    The Official books? They are only available from SANS when you take one of there low priced affordable discounted course's for $6,000.
    Still searching for the corner in a round room.
  • Janne4Janne4 Member Posts: 29 ■□□□□□□□□□
    My advice would be to go to the SANS web page and look at the course content for this course and then gather information (Google) on these specific areas and tools.

    I would also look at the SANS Forensic Blog and look on their Youtube channel for webcasts about FOR508.

    Finally I would register at the SANS webpage and do the SANS FOR 508 course demo.

    After this you should have a pretty good idead what to study before the exam.
  • grahowlergrahowler Registered Users Posts: 4 ■□□□□□□□□□
    Thanks so much, very helpful.
Sign In or Register to comment.