GSE Roadmap

NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
I just got my GCIH (challenged the exam w/o SANS course) and am thinking I'm gonna continue down this whole GIAC path and do one cert each quarter til I get my GSE.

I'm thinking the following (in this order):
1. GCIH (DONE)
2. GCIA
3. GPEN
4. GWAP
5. GSEC
6. GSE

Should take just over a year. icon_thumright.gif

Anyone here have their GSE or have plans to move in that direction?
«1

Comments

  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    I haven't done the GSE or any SANS certs yet but I am interested to hear what you used to prepare for the GCIH and how long it took you? I would like to try and do the same!
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Pretty much followed the exact steps outlined by Dynamik (who also occasionally posts on here) in this post:

    https://www.ethicalhacker.net/forums/viewtopic.php?f=90&t=11757#p62170

    Took me 3 months. My bonuses with my current company are based on completion of quarterly objectives. So pretty much any cert I get is going to be done in a 3 month period.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    Thanks for the insight Nova, that guy has a crazy list of accomplishments via self study. I see he mentioned knowing PEN Testing is a huge plus for the GCIH. I am sure this probably applied to you as well since you mentioned that's what you do, and you also have the OSCP
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Yeah, Dynamik is a beast. We actually work for the same company. I asked him for insight into how he had tested out of all of his GIAC certs, and he pointed me to that post.

    And yes...pentesting knowledge is a definite plus in GCIH, as a large part of it consists of identifying attacks...usually by logs. Knowing the attacks helps a lot.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    I noticed his referenced study material for GCIH is a book titled "Real Digital Forensics" it sounds interesting since it comes with a DVD where you actually perform and follow along forensic investigating. However I was a little surprised to see the book is from 2005 and still considered relevant for the GCIH exam
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Actually, the book he recommended to me, which was quite helpful, was Counterhack by Ed Skoudis
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    Hi NovaHax,

    I am going into that direction.

    Here is the book list I recommended

    http://www.techexams.net/forums/sans-institute-giac-certifications/100210-giac-certifications.html

    And please read my godly plan to prepare GSE. I think its tough but if you use this method you will surely pass!

    http://www.techexams.net/forums/sans-institute-giac-certifications/100194-gse-practical-exam-preparation.html
  • CyberfiSecurityCyberfiSecurity Member Posts: 184
    NovaHax wrote: »
    I just got my GCIH (challenged the exam w/o SANS course) and am thinking I'm gonna continue down this whole GIAC path and do one cert each quarter til I get my GSE.

    I'm thinking the following (in this order):
    1. GCIH (DONE)
    2. GCIA
    3. GPEN
    4. GWAP
    5. GSEC
    6. GSE

    Should take just over a year. icon_thumright.gif

    Anyone here have their GSE or have plans to move in that direction?


    Do you plan to do self-study? Otherwise, this path cost you at least $30,000.00. I want to do some SANS expert certification, but GSE requires lot of junior, intermediate certifications. Therefore, I am only work on GXPN and GREM, these two costs me at least $2,500.00 for self-study and assume that I pass on the first try.
    [SIGPIC][/SIGPIC]
    Vice President | Citigroup, Inc.
    President/CEO | Agility Fidelis, Inc.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Yes, I intend to challenge them all. The cost for those SANS courses is ridiculous, and I will never pay it. Even the cost to challenge the exams is way too high. But the cost to challenge can be mostly covered by my training budget for work...so I'll got that route.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats on your successful challenge. I've followed some peoples challenge attempts here and also bookmarked Dynamik's thread. Aside from Dynamik's success doing it (God mode in real life haha), how realistic do you think it is for us mere mortals to challenge the SANS certs in that manner? I think the method of pulling the SANS/GIAC syllabus and learning all of the topics, then creating a fully indexed study guide of your own seems like a great way to learn the material inside and out, but will that adequately prepare us to have a good chance at being successful to challenge the exams?
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • Khaos1911Khaos1911 Member Posts: 366
    What'd you score on your GCIH?
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    JoJoCal19 wrote: »
    how realistic do you think it is for us mere mortals to challenge the SANS certs in that manner?

    JoJo, I think its a realistic option for me. GCIH went well. And I image GCIA and GSEC are probably about the same level of difficulty. So I guess the only real question is how bad the mid level certs are (for me, GWAPT and GPEN). Though in the end, they may be even easier for me...since these days, I do more penetration testing than incident response or analyst work anyways.

    I'm sure its largely going to depend on your exposure to different security issues and your ability to take tests. I get a lot of exposure to different stuff since I'm in consulting and I've also always been pretty good at testing.
    Khaos1911 wrote: »
    What'd you score on your GCIH?

    88% (72% was required to pass)
  • kanecainkanecain Member Posts: 186 ■■■□□□□□□□
    Silly question, but what does it mean to "challenge" an exam?
    WGU - Bachelors of Science - Information Security
    Start Date: Jan. 1st, 2012
    Courses:
    Done!!!
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    With GIAC exams, the only official study material for the exams comes from SANS. There is a SANS course that directly corresponds to each GIAC exam (example: the SEC504 course corresponds to the GCIH exam).

    Challenging is taking one of the exams without ever taking the corresponding SANS course. Its an option that is significantly cheaper (however, still not cheap), but obviously takes at least a little more self-discipline and refined study and research habits.
  • Khaos1911Khaos1911 Member Posts: 366
    What materials did you use to prepare for the GCIH, Nova?
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Mostly just independent research I did from each of the questions from the two practice exams. Other than that, the only hardcover book I used was Counterhack by Ed Skoudis
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Update on progress:

    1. GCIH (DONE)
    2. GCIA (DONE)
    3. GPEN
    4. GWAP
    5. GSEC
    6. GSE


    Just finished testing out of the GCIA. I found this one to be a little more difficult than the GCIH...but still not bad. If you know TCPdump, Wireshark and are able to read packet hexdumps, you should be pretty good. My weakness on this was definitely Snort and Bro IDS.

    As far as resources that I brought in with me...by far the most helpful things that I had and used consistently throughout the test were:
    1. TCP/IP Illustrated Volume 1 (TCP/IP Illustrated, Vol. 1: The Protocols (Addison-Wesley Professional Computing Series): W. Richard Stevens: 9780201633467: Amazon.com: Books)
    2. And a simple hex/binary/decimal chart saved a ton of time (http://tonystrains.com/download/DCC_DecBiHex_Chart.pdf)
    3. Man page for TCPdump (even for someone who is pretty familiar with tcpdump and uses it a lot...I still referenced this quite a bit)
    4. Practice of Network Security Monitoring (http://www.amazon.com/Practice-Network-Security-Monitoring-Understanding/dp/1593275099/ref=sr_1_22?s=books&ie=UTF8&qid=1415493241&sr=1-22&keywords=wireshark"
  • cgrimaldocgrimaldo Member Posts: 439 ■■■■□□□□□□
    Awesome...Thanks for the update!
  • GAUDARDGAUDARD Registered Users Posts: 2 ■□□□□□□□□□
    NovaHax wrote: »
    Update on progress:

    1. GCIH (DONE)
    2. GCIA (DONE)
    3. GPEN
    4. GWAP
    5. GSEC
    6. GSE

    Thanks for the suggestions for GCIA, I would be interested in your study resources for GPEN. I took a look at this post: https://www.ethicalhacker.net/forums/viewtopic.php?f=90&t=11757#p62170 which has some resources I'm planning on studying, but I'll take any other recommendations I can get!
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    GAUDARD wrote: »
    I would be interested in your study resources for GPEN

    That's a good question. I haven't started gathering resources for GPEN yet, but I'll definitely make a post here when I do. To be honest, I think GPEN will probably be one of the easiest for me, since PenTesting is 95% of the work I do in my current job.

    For one, I'm sure CounterHack by Ed Skoudis (which I also used for GCIH) will come in handy for GPEN.
  • GAUDARDGAUDARD Registered Users Posts: 2 ■□□□□□□□□□
    I'm reading Hacking Exposed as recommended in that thread I posed, I'll be sure to read CounterHack next.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Another one down:


    1. GCIH (DONE)
    2. GCIA (DONE)
    3. GPEN (DONE)
    4. GWAPT
    5. GSEC
    6. GSE

    Just finished GPEN enroute to GSE. As always, did not take any SANS course for this. Completely self-study. For this one, I used my notes from the two practice exams and RTFM (http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/).
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats Nova! Now that I'm finishing up the GSEC and am facilitating SEC503 next month, I'm leaning towards working towards the GSE myself.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • Mike-MikeMike-Mike Member Posts: 1,860
    very impressive, Nova is in beast mode
    Currently Working On

    CWTS, then WireShark
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Another one down:




    1. GCIH (DONE)
    2. GCIA (DONE)
    3. GPEN (DONE)
    4. GWAPT
    5. GSEC (DONE)
    6. GSE

    All I have left to qualify to sit the GSE is GWAPT.
  • Khaos1911Khaos1911 Member Posts: 366
    Awesome, Nova!

    I want to do GSE, but I'm just so burnt out on certs at the moment.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    That's awesome man. You have the same list that I am planning on using for the GSE. Mine looks like this:

    1.GSEC (Done)
    2.GCIA (In progress)
    3.GCIH (1H 2016)
    4.GPEN (1H 2016)
    5.GWAPT (2H 2016)
    6.GSE (1H 2017)
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • rudegeekrudegeek Member Posts: 69 ■■□□□□□□□□
    Sweet, what has your avg rate of completions been so far? 1 every how many months?
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Finally finished all the pre-requisites.

    1. GCIH (DONE)
    2. GCIA (DONE)
    3. GPEN (DONE)
    4. GWAPT (DONE)
    5. GSEC (DONE)
    6. GSE

    Only thing left standing between me and the GSE is tons of lab time, a ridiculous $2500 fee, and a brutal 2-part test.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    rudegeek wrote: »
    Sweet, what has your avg rate of completions been so far? 1 every how many months?


    Well, I started this thread 2.5 years ago, and have updated every step of the way. So 5 certs down in 30 months...approximately a cert every 6 months.
Sign In or Register to comment.