Oh, it was only a "misunderstanding".

Anyway... What makes you think that I have "practice tests" to give away? For free?

I received a personal message from you, "sans2010".
The subject is "Need ur help!!"
I have good news for you - YES! I can help you. Please continuing reading carefully.


You asked me for a "dump to pass the Exam". Below is the message that you sent to me:




Firstly, I will NOT send you any exam questions (dump). The reasons are obvious:

I have several certifications previous to the GPEN (CISM, CISSP,Oracle Certified DBA, MCSE, and A+). If I start creating and distributing dumps I can lose my certifications. 

By today's standards, with all the copyright notices and Non-Disclosure Agreements that come with every exam, braindumps are illegal. And are unethical. Not to say highly harmful to the people who have the certification already.




Secondly, (and these are the good news) this is the help that I can provide to you:


I will prepare (on a separate post) a list of resources for people who want to honestly learn the material via self study. I hope my following post will help others that are genuinely interested in the subject, and passing the exam truthfully.

In any case, it is clear that you do not want to learn anything, but simply are trying to find a way to cheat the exam.



Sincerely,

Marcos Santiago

I’m back from the exam, scored 137 correct answers. It was the conclusion of a great experience.
http://www.giac.org/certified_professionals/fulllisting.php?n=marcos santiago

I really don’t know what to add, because others before me have already provided pretty much the same info. Anyway, here it goes.

Some background: I attended the SANS 560 course (in May 2010). I really liked it. The course objectives, the exercises, the instructor’s performance, everything was great. Huge amount of material, just as an example, the instructor took the time to show us topics that were not even in the book (how to use meterpreter encoders for IDS evasion just to name one).  The course was excellent, packed out with cool stuff, full of action, exercises that actually worked 100% of the time, real-life examples, etc. Recommended.

The exam:  Well worded concise questions for the most part. I really appreciate that. Some screenshots of tcpdump, I really like those questions, they made me think hard. The “open book” part of the exam? Well, for the GPEN exam at least, the candidate either knows his stuff or he will struggle and even fail, even with the open book policy, even with the SANS books. Realistically, when the question is “analyze the tcpdump output on the screen and select what tool / command would cause it”, you are not going to find the answer in the book.  The open book policy makes a difference, but only for so many questions. If it was an easy task, everybody would be scoring 99-100%.

Something I hated about the exam: You have to answer the first question in order to move on to the second question. Once answered, you cannot go back to the previous question. And you can only skip 5 questions to answer them later.

Something I REALLY hated about the exam: The counter on the right side telling you how many correct / wrong answers so far. I almost rather not know my score till the end.

One last thing - the exam is indeed harder than the practice runs

Conclusion: The course was really good. This was my first SANS course, and I can’t wait to do it again. And the exam was pretty hard, fair, and straightforward, I’d do it again as well.

Marcos Santiago
in Toronto

Hi there,

I attended SANS 560 recently (May 2010).
Before enrolling I noticed the NOTE below about the course, saying that it is a pretty technical one.  I have never had a chance to go to any SANS course before, so I really can't tell how it compares to others.

I have to say that I had problems keeping up with the course, not because I’m not technical enough, but because of the speed of it - lots of material, the instructor didn't stop talking one second, and my brain works in a particular way that goes against that, when I find something that interest me, I want to fully understand it before I move on.

Just to give you an example, when the instructor talked about Pen Testing methodologies, I was familiar with one he mentioned, but not with the others, so I wanted to read the descriptions in the text book, by the time I finished, the instructor was well into the next section of the course.  Basically I was playing catch up sometimes. But that is just me.

If you are asking which course to go to, I say 560, because I understand that it covers most of the material in 504 (overlap). These courses are very expensive, so there is no point attending 504 now, and later on 560, which will be mostly a repetition. Of course, if your employer is paying for the training, I guess it is a different scenario.

Just to give you some info about me, I work in Network Security and use some of these tools on a daily basis, but some were new to me.  I’m very strong in Windows, weaker in Unix. I have a few certifications as well.  The most technical course I have taken was "Oracle University" PL/SQL for Oracle 8, back in 1999, and I really got some grey hairs because of it, it was very difficult for me at the time. In comparison, SANS 560 was a very satisfying course.

As you can see, “technical course” or a “challenging course” depends on your own technical skills and where you are in your career. 


Marcos
in Toronto



SOURCE: http://www.sans.org/security-training/network-penetration-testing-ethical-hacking-937-mid

Hello all, this is my first post here. I am scheduled to take the GPEN certification exam on Sept 20 2010. I have a question about the $99 GIAC practice exam.

As you know, two online practice tests for the GPEN certification are included with the examination's fee, BUT you can take each practice test only ONCE.

Is it the same with the optional $99 GIAC practice exam? Only once and that's it?
Or can you take it multiple times?
Do you actually download and instal it, or do you take it online?


Sorry for the question, it may be common knowledge here, but I am new to SANS/GIAC certs, and I am not familiar with their products/services.


Thank you for your answers!

Marcos