October 1, 2010 at 11:29 pm #5647Bushman4uParticipant
Need help and couching on how to pass this exam. I just attended the live training in Vegas and have registered for the exam and the OnDemand Bundle which gives me access to the same training material and mp3s for 4 months.
But I am still nervous about this cert and would appreciate any help/tips on how to be well prepared to pass this exam. If you would like to share your indexes, tips, cautions, etc, please feel free to email me at firstname.lastname@example.org
Thank you in advance.
October 2, 2010 at 1:44 am #35523COm_BOYParticipant
cant help in SANS case but I can tell you that your email box is going to receive a lot of spams !!! ;D
October 2, 2010 at 3:11 am #35524tturnerParticipant
You should be fine. At the time I sat the exam I had not done any pentests on a professional level, just dorking around in my home lab and whatever meager skills I had picked up over the years. Thankfully that is no longer the case for me but I don’t know if the cert has anything to do with that or not.
I facilitated the class so missed some material, threw the mp3 files on my Zune and bombarded my ears with Skodotunes for about 60 days of commute, and worked through the Ondemand sections once, making sure as I did the labs that I wasn’t just typing commands. Make sure you understand what you are doing and why and could modify the techniques accordingly to fit the target environment. Then I flipped through the books to create an index on front cover of each book (I just wrote in the white space on cover) so I knew what topics were in which one. The table of contents is pretty good once you flip the right book open. Took the 2 practice tests and aced the exam. Just use the materials and you will be fine.
October 2, 2010 at 3:48 am #35525impelseParticipant
December 3, 2010 at 7:55 pm #35526Bushman4uParticipant
Just wanted to drop this thank you email for those of you who have taken their time to answer my concern and I do appreciate your humble advise.
I am gearing up for this and becuase of you honest encouragement, I feel better.
I will keep you updated.
December 3, 2010 at 9:19 pm #35527eccodomParticipant
I just passed the GPEN. As mentioned above, an index helps a bunch. I created a spread sheet with the following categories and printed it out. Book #, Category Topic, Sub Category, Tool, Page #. For example;
Book 4 – Password Attacks – sysinternals -psexec, sc, net use, schtaks, wmic – 5. I know a lot of people that use colored page labels and go through the book and label every 10 pages or so, I’ve found a printed spreadsheet is quick and less time consuming. Good luck.
December 3, 2010 at 10:34 pm #35528tturnerParticipant
Yeah I did the colored Post-it notes as tabs when I did GSEC and it was a lot of work and really screws up how they sit on the shelf. It worked for me but the last few certs I’ve gotten lazier and lazier with the indexes. The key is whatever you do, create your own index. I know guys who tried to use someone elses and it just didn’t make sense. You can’t index every single topic or tool so people tend to document the areas they are less strong on so you might not have the entries you need. Even if you find a really good index, making it yourself does a good job of helping you remember where stuff is and what’s important for the exam.
For the most part, most of the GIAC exams are pretty easy if you understand the material and have a good index. Something else I’ve done that is helpful is printing out man pages for commonly used tools. These exams like to ask questions about which switch you use for command syntax stuff.
December 6, 2010 at 10:12 am #35529caissydParticipant
@Bushman: Have you tried the practice exams? They are pretty representative of the “real” one. They will tell you if you are ready. These practice exams will also give you confidence…
- You must be logged in to reply to this topic.