GCIH Passed - This is my terrible (or maybe not so terrible?) approach

cynicbeardcynicbeard Member Posts: 15 ■□□□□□□□□□
Passed the GCIH exam yesterday! Figured I would post to give a little insight and sound off my thoughts.

After souring web and reading a ton of post on TE, I felt that the GCIH would be the best starting point for me on my SANS cert path. I wanted to take an exam where I was knowledgeable in all domains based on my work experience, so the GCIH seemed to be a good fit.

I challenged the exam. SANS training looks awesome, but I am a consultant, which means the bill is on me. I decided that I would roll the dice and see how things went.

Originally, I scheduled the exam for the end of July after getting my attempt approved on Monday of this week. After taking the practice tests and scoring in the 80's without cracking a book, I decided to jump the gun and change the date (to yesterday). Not to mention my hectic schedule always changes, so scheduling it far out was a stretch for me anyway.

This is what I took away:
  • The actual exam IS HARDER than the practice tests. Here is why... the exam questions are scenario driven and more experience based ("What are you looking at...", "How would your respond...", "What is the next step...") etc. I am not going to lie... it was tough.
  • I was comfortable with the challenge based on my experience. I think many people invest time in the index, because the content is very fresh to them? I don't know, but I didnt have an index for the exam. I know my test taking habits, and I burn up time and second-guess everything if an exam is open book. However, I brought three things with me just in case:
    • The Blue Team Handbook: IR Edition (IR Lifecycle)
    • Red Team Field Manual (To supplement the SANS **** sheets)
    • ALL Tool Related SANS **** sheets and the IR **** sheets from Lenny Zelster.
  • The fact that the exam was facilitated in the way that it was... very impressive. The content was realistic and I felt that it was a true-test of one's understanding of IR and the accompanying technical skills. I truly see the value in SANS and why they are so respected after this experience.
All in all, I scored a 76 and I am very happy with my score. I went in completely cold-turkey, with minimal reference, and nothing but years of working knowledge. Onto GPEN!

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Congrats on the pass!
  • cynicbeardcynicbeard Member Posts: 15 ■□□□□□□□□□
    cyberguypr wrote: »
    Congrats on the pass!

    Thank you!
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Gz! So how much did you pay for it? $999?
  • cynicbeardcynicbeard Member Posts: 15 ■□□□□□□□□□
    Gz! So how much did you pay for it? $999?

    $1,099 icon_sad.gif

    So ridiculous.
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    Congrats!

    I completed SEC504 weeks ago so I hope to join you soon in the GCIH ranks.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    Impressive! thanks for sharing your experience!
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • renacidorenacido Member Posts: 387 ■■■■□□□□□□
    cynicbeard wrote: »
    $1,099 icon_sad.gif

    So ridiculous.

    Aaaaaaaaaaand THIS is why my sec analysts most likely get C|EH + E|CSA vs GPEN + GCIH + GCIA icon_sad.gif

    Congrats on passing! If my company pays for it I'll give it a rip. But as I'm NOT a consultant and don't need the GIAC badge for marketing purposes, I'm not paying for it myself.
  • cynicbeardcynicbeard Member Posts: 15 ■□□□□□□□□□
    E Double U wrote: »
    Congrats!

    I completed SEC504 weeks ago so I hope to join you soon in the GCIH ranks.

    Good luck!
  • cynicbeardcynicbeard Member Posts: 15 ■□□□□□□□□□
    renacido wrote: »
    Aaaaaaaaaaand THIS is why my sec analysts most likely get C|EH + E|CSA vs GPEN + GCIH + GCIA icon_sad.gif

    Congrats on passing! If my company pays for it I'll give it a rip. But as I'm NOT a consultant and don't need the GIAC badge for marketing purposes, I'm not paying for it myself.


    Yeah it's a bit obnoxious. However super addicting. I am now prepping for GPEN. Again... I challenged it. The training is just too steep for me and this exam I am pretty confident regarding the material. After this is done I am going to pay for Netwars Continuous and possibly 660.
  • Mike-MikeMike-Mike Member Posts: 1,860
    cynicbeard wrote: »
    $1,099 icon_sad.gif

    So ridiculous.


    when I read this my eyes got as big as that animal in UnixGuy's avatar icon_eek.gificon_eek.gificon_eek.gif
    Currently Working On

    CWTS, then WireShark
  • ansel1261ansel1261 Member Posts: 24 ■■□□□□□□□□
    Congrats, Impressive - I was thinking of challenging the GCIH (I think it would have been tough). I ended up changing jobs and my current employer is willing to pay for SANS training. I took the SANS GCIH course On-Demand with a focus on preparing for the exam. Hopefully the class and materials will help me pass the exam.
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    cynicbeard wrote: »
    I challenged the exam.

    Forgive my ignorance. What does this mean?
    Still searching for the corner in a round room.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    @TechGromit to challenge means to attempt a GIAC cert without taking the corresponding SANS training.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Sign In or Register to comment.