Actually, if you follow the link for GIAC certs offered by ucertify toward the top of the page, they offer over 20 practice tests from their site. I don't know that I'd trust the validity of them, though. I noticed at least three retired certs in their list, so it doesn't look like they update the material.

Why not pay a little bit more and get the practice exams from GIAC? At least then you know that you're getting as close to the real thing as you can!

Congrats, pizza1337!!!

One thing I will add. If you offend a manager or the manager feels that you are wasting his/her time by asking, you probably don't want to work for that person anyway.

The most effective way to get something is to ask for it...

Good luck! You sound like you don't really need much luck though.


--
Ziggy

I'm sorry if it came off as me saying that certifications weren't that important yet. What I was trying to point out is that not having the cert does not necessarily knock a person out of contention until the deadline which is Sept. 30 as BillV pointed out.

From my experience, though, your resume is less likely to be looked at if you do not have the cert. I know as soon as I got my GCIH, I got alot more response than I had previously.

--
Ziggy

I could be wrong, but I believe that DoD 8570 still has some time before certifications are required. What I mean is that you still have some time before you are REQUIRED to have the certifications.

Someone correct me if I'm wrong...


--
Ziggy

I would actually say that you have the order of importance backward. In preparing for the exam it is much more important to read the books word for word since the exam questions will come DIRECTLY from the books. The mp3's are just icing on the cake. As What90 points out, the nice thing about the mp3's is that you get another spin on the material which makes it more likely that you'll retain more of the material.

Look around on the boards and you'll find a number of people that have posted their strategy to studying for GIAC tests. The exams are not overly difficult if you are prepared for them. If you're not prepared, though, they can be brutal.

--
Ziggy

Good Luck!

I would recommend the Syngress book. Its the only study material I used other than Google.

--
Ziggy

I was curious if anyone here has taken the MGT 414 class from SANS and if they felt it was a good preparation for the CISSP.

I took a practice exam last night and did pretty well on it. However, I took the practice CISSP exam from the Shon Harris book prior to any concerted study and did not do as well as I would have liked. So, I'm trying to determine where I am in my studies before I put my study plan together.

I've taken 4 other SANS classes and thought they were probably the best training I've taken, but none of the SANS classes I've taken were trying to cover some other organization's material.

Any thoughts?

--
Ziggy

I cannot speak directly to the Carnegie Mellon training class other than to say that Carnegie Mellon is a very well respected University. I'm sure the training is top notch.

However, as a certified GCIH handler, I would highly recommend the SANS course. I took the class through vLive and thought that was the best way to attend. You get both Ed Skoudis and John Strand as instructors (I was lucky enough to have Bryce Galbraith as well because he filled in for Ed one night). The format gives you more opportunity to digest the material and you can read ahead since there is a couple days between sessions. The only downside to the vLive method is during the 6th day. It makes it more difficult to work in teams during the Capture the Flag event.

--
Ziggy

I can't believe I didn't think of Splunk. I use the free version of Splunk as well, but I love it!

We use it with syslog-ng on our Solaris/RedHat servers for our log server. We've also incorporated all our Cisco logging, and a few of our Windows servers (with Snare). We are soon to start incorporating Apache and Weblogic logs to our implementation.

Splunk is awesome!!! Its not so intuitive to configure, but its VERY intuitive to use through the GUI once setup. The commercial version is not that expensive (depending on how much throughput you need) to boot...

--
Ziggy

Have you taken a look at:

http://www.sans.org/security-resources/top5_logreports.pdf?ref=3766

Also, if your collecting network traffic, its always nice to see things like workstations/endpoints creating the highest traffic volume, workstations that are utilizing banned protocols, etc. etc.


--
Ziggy

I was in the Army. If you want to do Cyber Warfare/Security, the Air Force is the best place to be as far as the military goes. The other branches are lagging behind the Air Force in regard to Cyber Command.

Go check out http://taosecurity.blogspot.com/

Richard Bejtlich is a seriously smart person that spent a lot of time in the Air Force in that field.

--
Ziggy

http://www.sans.org/score/checklists/ID_Windows.pdf?ref=3826
http://www.sans.org/score/checklists/ID_Linux.pdf?ref=3831

These are very useful cheatsheets from our friends at SANS for intrusion detection on both Windows and Linux. That is, if it were your responsibility...


--
ziggy

You may also want to check out schools on this list:

http://www.nsa.gov/ia/academic_outreach/nat_cae/index.shtml

I believe there are Centers of Academic Excellence in every state, so there should be one close to you. If not, there are a couple with online degree programs. Having earned a Master's from one of the schools on the list, I will say that there are benefits to them. First of all, each of these schools has a scholarship program sponsored by the Federal Gov't. Some of the scholarship programs offer guaranteed federal placement upon graduating.


--
Ziggy

Hey, it seems you and I were certifying at or around the same time! I took my GSEC exam March 19 starting at 9am Central.

I know its a bit late, but here's my general approach to GIAC certs:

1 Listen/stay engaged during the class - this can be the toughest part as these classes seem to drag on forever after the second or third day!

2 read ahead - this doesn't work as well during the live events, but if your taking onDemand or vLive, make sure you've read the material before class!

3 take a break - I don't even start re-reading the material until 3 or so weeks after the class is over. This gives me a chance to digest what I've learned during class and to refresh my brain.

4 re-read word for word - around the time my practice tests hit my portal account I start re-reading all the books word for word.

5 take a practice test - I do my first practice test without the help of any of the books or an index.

6 index the books - After I have my baseline of where I stand with the material, I start indexing. I try to find something on every page, but I don't really stick to that rule hard and fast. I make sure I have key concepts, proper names, tools, etc. indexed. Basically I try to get the head of the test writers and think of what they might ask me. (I average about 1200-1400 entries in my indexes.)

7 take the second practice test - Two days before the exam date I take my second practice test with my index. This gives me a very good idea of what I will score on the final test.

8 rest the day before

9 take the test

I've taken three GIAC tests so far and scored above a 90% on each, so this works well for me. Everyone, though, has different ways of learning that work best for them.

As far as tricks for taking the test...Basically, I just take the test from start to finish without skipping any questions. I find that if you have a very detailed index, you shouldn't have any problems looking up any of the questions. I do, however, take my break at or around the 100th question mark. That way, if I do have to go to the bathroom or something urgent like that during the second part of the test, I am fairly close to the end of the exam.

Good luck on the GSE...maybe one day I'll get around to it as well...