Hey all,

I thought i would post a quick guide on passing your SANS certification tests!

1) Read. No really, read the whole curriculum. The SANS books are the test. There are no questions on the test that aren't in the books almost verbatim. Even the "critical thinking" or "decoding" questions are modeled after examples in the book. If you have the audio lecture, listen through it at least once, on your commute or after the kids go to bed. Some of the humor and points the instructors make in the audio really help when remembering obscure topics.

2) Make an index. Make an index with page numbers for each book and tape/paste it to the inside cover.

I was meticulous and indexed every different slide heading, and then made extra marks for every command/executable referenced (even if they were on the same page) then i alphabetized the index and used it as a semi glossary and added it to a stapled big glossary.

3) Write on the front covers of your book. Write what that day contains, for example the GSEC the cover of day 2 (i think it was) said Internet security technologies, but really this book was NIDS, HIDS, NIPS, HIPS, Honeypots, Firewalls, etc . I cant tell you how much book shuffling you will do, but normally it is a lot. Not having to open the books to know where something is saves valuable time.

4) Take some cheatsheets with you Take the SANS cheatsheet they give you. I also used a port cheatsheet, nmap cheatsheet, *nix command cheatsheet, etc. Sometimes they are faster than the book.

5) Take both practice tests. You have 4 hours.... that's a lot. Try to answer all the questions but don't worry too much about the first practice test you take. The vital thing for me was screen-shotting each question and if i got it wrong the correct answer. Then i made flash cards out of the questions i missed. Then take the second practice test, do the same, and gauge your improvement.

6) Don't stress out. Seriously, pre-test anxiety is what will make you second guess your answers. You know the material, you've done it, seen it, you probably even enjoy it.

7) Prep for the day Get plenty of sleep, eat breakfast, and take a turn on the pot. These are test essentials. Make sure you have your indexes, cheatsheets, glossaries, etc.

Finally, go pass your test! Come back and gloat!


 

I did my practice exams without the index.  That makes it a lot harder.  Just did my test with creating indexs.  What I did was photocopy the introduction and tools for each sections.  I laminated them after that and then wrote with permanent marker on them each subsection down to page number.  This worked great for me, I was a little rushed in the end.  I procrastinated until the last week to finish the on-demand stuff so for my next one I will start from day one doing this.  I also put post-it tabs for the definitions in each section.

humv

Yes, the scoring is in real-time after each question so you will know before you finish whether you have passed or not. If  you have done a good job on the practice tests, you should be fine on the real test. It is very similar, just a little more in-depth.