Are SANS training mandatory to take GIAC exams?

oudmaster · December 2022

Hi,

Are the SANS training SEC401, SEC503, and SEC504 mandatory to apply for GIAC exams; GSEC, GCIA, GCIH?

Or they are optional and recommended?

Thanks,

E Double U · December 2022

To my knowledge, SANS training is NOT mandatory for GIAC exam attempts.

JDMurray · December 2022

GIAC exams do not have SANS training as a prerequisite. Just select a GIAC certification, visit the certification's webpage for more information, and sign up to take the GIAC exam at Pearson VUE.

quogue66 · December 2022

The training isn't mandatory but the exams are based on the course material. You can get an idea of what the exam covers by looking at the syllabus but you won't know the exact details. It might mention that Metasploit is used in the class. Without taking the course you won't know which attacks are covered and what info you need to know. Most people usually agree that it's not worth trying to take a GIAC exam without taking the SANS course. The exams used to be close to $2000 without the course but when I looked recently I think it was closer to $1000.

SteveLavoie · December 2022

It is not mandatory but except for a few more common certs like GCIH or GSEC there is no third-party training material so better be fully prepared.

I have seen GIAC exam without the class at 2K$, that's prohibitive.. but at 949$ it is still expensive but it make me consider doing the GCIH in self study.

RichardOrtiz · January 2023

Thanks all for the suggestion. You made my day.

aldoilici1 · February 2023

training is optional, but highly recommended. If I'd be forced to challenge them, I might be ok with GCIA, maybe GSEC, definitely not for GCIH

SteveLavoie · February 2023

aldoilici1 said:

training is optional, but highly recommended. If I'd be forced to challenge them, I might be ok with GCIA, maybe GSEC, definitely not for GCIH

GCIH is defintely one that someone could challenge without taking the class. There is one third-party book available. The syllabus is published, and incident response is a rather well-documented subject. I plan to challenge this one this year without taking the class (I did the GPEN last year and there is a lot of overlap)

GSEC is basic infosec knowledge

GCIA is considered one of the hardest GIAC exam, there is no third-party books/video and it is on a more narrow subject.

E Double U · February 2023

SteveLavoie said:

aldoilici1 said:

training is optional, but highly recommended. If I'd be forced to challenge them, I might be ok with GCIA, maybe GSEC, definitely not for GCIH

GCIH is defintely one that someone could challenge without taking the class. There is one third-party book available. The syllabus is published, and incident response is a rather well-documented subject. I plan to challenge this one this year without taking the class (I did the GPEN last year and there is a lot of overlap)

GSEC is basic infosec knowledge

GCIA is considered one of the hardest GIAC exam, there is no third-party books/video and it is on a more narrow subject.

Definitely a lot of overlap between GCIH and GPEN. Took SEC504 in 2015 and SEC560 in 2018 and despite the years in between I was able to use much of my 504 syllabus for 560. It mostly covered the same concepts/tools just from different perspectives - 504/GCIH for blue team and 560/GPEN for red team.

SEC503/GCIA was brutal. Though I (barely) passed on the 1st attempt, I still consider it to be one of, if not the most difficult exams I have ever taken.

Are SANS training mandatory to take GIAC exams?

Comments