But, as some of you know, I am not a great expert at this. I have been studying non stop for about 2 years in IT security, but previous to that, I was just an humble web app developer.
So I manage to write two SANS certs WITHOUT taking their courses. In fact, other than for PWB, I have never taken a course in IT security. I did ok for GSEC and pretty good for GPEN.
I am posting on this topic because I was looking at certified GWAPT people. I was astonish by their marks (see attached picture)! Maybe a lot of them failed and we don't know about it, but the average mark seems to be around 90%!!
So the fact that I don't have much experience, I passed two of them without taking a course and that the average marks are pretty high make me wonder if it shouldn't be a close book exam...
But that being said, I worked pretty hard to get ready nevertheless...
What are your toughts on that?