GIAC — TechExams Community https://community.infosecinstitute.com/ Wed, 16 Jan 2019 19:17:49 +0000 en GIAC — TechExams Community Spare GIAC/GCIH Practice Exam? https://community.infosecinstitute.com/discussion/134643/spare-giac-gcih-practice-exam Mon, 14 Jan 2019 12:55:02 +0000 GIAC sjrubenstein 134643@/discussions
Any chance anyone has a spare GIAC/GCIH Practice Exam please?  I used up both of my practice exams already....   :-(

Many thanks!
Stephen]]>
What is the Password for the Virtual Machines in the SANS Thumb Drive https://community.infosecinstitute.com/discussion/134460/what-is-the-password-for-the-virtual-machines-in-the-sans-thumb-drive Wed, 19 Dec 2018 08:56:19 +0000 GIAC hiranncs 134460@/discussions
I just have received my Thumb drive and books.
But i don't have the password for the virtual machine. 

Please advise on how to find them. Thanks for your help.

Best Regards,
Hiran]]>
SANS SEC566/GCCC https://community.infosecinstitute.com/discussion/134629/sans-sec566-gccc Fri, 11 Jan 2019 17:23:49 +0000 GIAC E Double U 134629@/discussions GWAPT Passed with an 84%. I have an extra practice exam available. https://community.infosecinstitute.com/discussion/134627/gwapt-passed-with-an-84-i-have-an-extra-practice-exam-available Fri, 11 Jan 2019 14:21:29 +0000 GIAC Jasiono 134627@/discussions @SaSkiller was kind enough to give me one when I failed my first practice exam. I thought I would need an extra and didn't expect a quick reply when I posted I needed one. I ended up using a second practice exam and not the third, so I have a practice exam available for anyone who might need it. 
Thanks again to everyone on this board with their helpfulness. ]]>
GSTRT Facilitation and Exam https://community.infosecinstitute.com/discussion/134610/gstrt-facilitation-and-exam Wed, 09 Jan 2019 19:46:15 +0000 GIAC scasc 134610@/discussions
will be facilitating the above next month in Zurich. Wanted to ask as this is my first time facilitating what to expect - have read guidelines. Also has anyone done this cert - feedback would be great? 

Br]]>
GCTI PASSED with 80% https://community.infosecinstitute.com/discussion/134605/gcti-passed-with-80 Wed, 09 Jan 2019 14:10:48 +0000 GIAC the1picard 134605@/discussions
When I first started the exam I just knew I was getting the answers wrong.  The questions were tough.  I was already thinking about how I would have to re-take the exam.  Then, I thought they gave me a "pity" question b/c the first quarter of the exam was so difficult. After that point, the exam became doable and I ended believing I had a chance at passing.

The one tip I will give is pay close attention to the practice exams and especially to the explanations for the questions you got wrong.]]>
FOR500 https://community.infosecinstitute.com/discussion/134590/for500 Mon, 07 Jan 2019 16:12:20 +0000 GIAC sticks89 134590@/discussions Spare GCFA Practice Exam https://community.infosecinstitute.com/discussion/134574/spare-gcfa-practice-exam Fri, 04 Jan 2019 22:43:09 +0000 GIAC lucky4life 134574@/discussions
Thank you in advance!

Respectfully,

Mike]]>
Work Study Course Choices? https://community.infosecinstitute.com/discussion/134475/work-study-course-choices Thu, 20 Dec 2018 22:40:09 +0000 GIAC belledern 134475@/discussions
First time poster here, so please excuse any mistakes I may have made making this post.

I signed up for the SANS work study program for 2 different events/conferences. In the application where you need to choose the courses you want to sit in on, I did what others have suggested to do and ranked them from 1-10 instead of choosing 1 and ranking the others 0.

The thing is that there's only one course (SEC401) that I really want to be present at (out of both events), and don't fancy spending ~$1600 on a course I'm not that interested/qualified for.

Do you think I should contact SANS to say I made a mistake on the applications, and re-enter with the 1 choice, or leave it as is and hope I get picked for my number 1 choice?

Just note that this would be the first SANS course I have been to, and have not gotten a GIAC cert before.

Thanks in advance]]>
SANS working on 700-level malware course https://community.infosecinstitute.com/discussion/134494/sans-working-on-700-level-malware-course Mon, 24 Dec 2018 13:58:14 +0000 GIAC EnderWiggin 134494@/discussions I recently went to SANS FOR610, and the instructor stated that SANS is working on a FOR710 course. He said a rough estimate for when it would be out is a year (but not to hold him to that, because it was a very rough estimate)

That should be a pretty fun course. I'm really interested in what the course will go over, as FOR610 seemed pretty solid already
]]>
Passed GCFE https://community.infosecinstitute.com/discussion/134496/passed-gcfe Tue, 25 Dec 2018 00:41:56 +0000 GIAC Donklander 134496@/discussions
Definitely had to prepare for this one differently, as most of my background was network related or high level concepts on systems.  This is actually the first time for anything SANS I had to go go through OnDemand or the books more than once.  However, I did learn quite a bit about how which interactions will create or modify artifacts.

Onto writing a whitepaper, which I've been dreading more than any class.]]>
GCIH/GSEC Study Materials https://community.infosecinstitute.com/discussion/134215/gcih-gsec-study-materials Wed, 21 Nov 2018 08:43:47 +0000 GIAC hiranncs 134215@/discussions
I am really interested in taking the GCIH or GSEC exam in the next year. I am CISSP certified and really worried that i might be flunking my GCIH/GSEC exam without the actual course materials. I cannot afford to go for the mad expensive SANS courses.  :(

Does anyone have it? Please advice. 

Thanks for your help. Really Appreciate it. ]]>
Anyone with a spare GPEN practice test? https://community.infosecinstitute.com/discussion/134486/anyone-with-a-spare-gpen-practice-test Sat, 22 Dec 2018 06:31:40 +0000 GIAC E Double U 134486@/discussions
Thanks in advance!]]>
Post your SANS/GIAC study material recommendations here https://community.infosecinstitute.com/discussion/68043/post-your-sans-giac-study-material-recommendations-here Sat, 09 Jul 2011 23:18:05 +0000 GIAC JDMurray 68043@/discussions this forum's FAQ sticky about SANS/GIAC certification study materials recommended by TE's members. But it occurred to me that such a list could grow to be quite large, and that topic really should have its own sticky. Because it will take me some time to sift through all 1000+ posts in this forum to locate and consolidate all of the recommendations, I thought that I would appeal to the members of this forum to post your study material recommendations here. For saving me the time, you will have my undying gratitude. :D


GSEC - GIAC Security Essentials
GCIH
- GIAC Certified Incident Handler

GCIA
- GIAC Certified Intrusion Analyst
GPEN
- GIAC Penetration Tester
GCFW - GIAC Certified Firewall Analyst

Other Resources SANS Security Training Courses SANS: Network, Information and Computer Security Training Courses SANS Information Security Reading Room SANS: Information Security Reading Room - Computer Security White Papers SANS Institute YouTube channel sansinstitute's Channel - YouTube]]>
Passed GCIH again, 90% https://community.infosecinstitute.com/discussion/134405/passed-gcih-again-90 Wed, 12 Dec 2018 02:41:57 +0000 GIAC mjs1104 134405@/discussions Had to recert GCIH by taking the test (for the masters program since my GCIH was more than 4 years old).  Indexed the books, scored 76% and 88% on the practice tests.  Scored 90% on the final exam, similar score to when I took it 4 years ago.  The material had changed so much that I had to re-index the books entirely and scrap my old index.  Didn't spend much time studying, just indexed and blew through the practice tests and took the final exam. After just taking GPEN it seemed pretty basic and straightforward.  Practice tests were very similar to the real exam. 

Taking 511 next. 
]]>
Passed GWAPT https://community.infosecinstitute.com/discussion/134466/passed-gwapt Wed, 19 Dec 2018 19:38:27 +0000 GIAC SaSkiller 134466@/discussions Sorry this probably won't be a full review like I may have normally posted.

I tested out of 542 GWAPT today. As always I got close to 90 but no cigar. This is actually my first GIAC exam taken since becoming a Pentester, and my first in quite some time. I will say that the course is good, it provides decent coverage of what you can expect to be doing as a web app tester, and of course I saw things in there that were new to me which is always nice. I will say I was not a fan of the python section as it's not something I use in my work outside of running scripts that others made and I don't think it's *necessary* for a WAPentester. Useful yes, but i'm not sure I would have included it as a testable subject. I noticed as well a few problems in the material that should have been caught in copyediting, no big deal though.

I felt that having tabs for the sections is a great way to break up the book into readable sections, and it's great for the exam. Obviously SANS does a good job of making the material easy to understand.

On the exam, I felt that this was a weird GIAC exam, it's different than the others i've taken and speaking to others who've taken it, it seems to be i'm not the only one who says so. I felt that even though most of the material could be found in the books, it wasn't directly referenced, and there were a number of questions where I felt that the answers were inaccurate given the question. Overall however it tests well the material in the course. There weren't a lot of questions I could answer just straight off, most required at least some thought, and  I often found myself selecting an answer then verifying with the books. Some of those exam questions however were annoying.

Recommendations: I'm interested in reading a book by a friend of mine to see if it lines up with the objectives of the course, but that may be a while away. Read the books, then I took a test mostly without the books and noted areas where there were weaknesses. Make sure you understand where to go in the book to understand code snipets, related to various attacks. Make sure you understand how to read output and understand the tool or code in use.

I may have additional thoughts later, now its time for sleep. i'll answer any questions I can.
]]>
SEC542 - GWAPT - Does anyone have a practice exam they want to gift? https://community.infosecinstitute.com/discussion/134465/sec542-gwapt-does-anyone-have-a-practice-exam-they-want-to-gift Wed, 19 Dec 2018 17:44:46 +0000 GIAC Jasiono 134465@/discussions Questions for those who have the GSE :-) https://community.infosecinstitute.com/discussion/134045/questions-for-those-who-have-the-gse Fri, 02 Nov 2018 13:54:18 +0000 GIAC JGS 134045@/discussions First congratulations on the GSE achievement! I would like to obtain this certification at some point.

I am wondering:
1. Did you take the GSE written exam soon after taking GSEC, GCIH and GCIA or did you wait for a period of time? I am thinking that if you took the written portion soon after, the material might be more fresh in your mind and might require less restudy if SANS changes the course.
2. Did you use gold papers or courses for the prerequisites? It appears that there is an option to substitute courses for the gold papers.
3. What courses besides GSEC, GCIH and GCIA did you think helped with the lab portion?

Thanks in advance for your thoughts!]]>
*Update: Already Taken** Giving away GIAC Certified Intrusion Analyst Practice Tests( SANS SEC-503) https://community.infosecinstitute.com/discussion/134380/update-already-taken-giving-away-giac-certified-intrusion-analyst-practice-tests-sans-sec-503 Mon, 10 Dec 2018 01:53:39 +0000 GIAC promethuschow 134380@/discussions
As the header said, I do have an extra GCIA, SANS SEC- 503 practice test to give away. First come, first serve. PM me with your e-mail address.

Thank you all.

]]>
Which GIAC exams have labs? https://community.infosecinstitute.com/discussion/134414/which-giac-exams-have-labs Wed, 12 Dec 2018 18:30:23 +0000 GIAC JGS 134414@/discussions I know GCIA and GWAPT require doing labs on the GIAC exam.  What other courses do people know of which also have labs?  I am particularly wondering about GMON, but am curious as to any others.
Thanks!
]]>
Taking my GSEC exam in Dec; any advice? https://community.infosecinstitute.com/discussion/134095/taking-my-gsec-exam-in-dec-any-advice Thu, 08 Nov 2018 09:14:35 +0000 GIAC afob 134095@/discussions
Any advice on how the test is?

Any one have any spare GSEC practice tests? I still have my 2 but I want an abundance of practice before I step in the classroom.]]>
SANS GCTI for578 https://community.infosecinstitute.com/discussion/134379/sans-gcti-for578 Sun, 09 Dec 2018 23:38:37 +0000 GIAC fatboydad 134379@/discussions ]]> GCIA 503 https://community.infosecinstitute.com/discussion/134203/gcia-503 Mon, 19 Nov 2018 17:01:41 +0000 GIAC bsjj27 134203@/discussions

]]>
Passed GLEG 97.33% https://community.infosecinstitute.com/discussion/134338/passed-gleg-97-33 Wed, 05 Dec 2018 02:39:20 +0000 GIAC uksteveinus 134338@/discussions As everyone says it's all about the index and how you score on the first practice test. 

]]>
Certification Effective Date https://community.infosecinstitute.com/discussion/134325/certification-effective-date Mon, 03 Dec 2018 19:49:50 +0000 GIAC esea 134325@/discussions ]]> Passed GCIH https://community.infosecinstitute.com/discussion/134258/passed-gcih Tue, 27 Nov 2018 06:06:57 +0000 GIAC 9xxxxx 134258@/discussions I passed GCIH 2 week ago and before I take the exam I had came here for reading the recommendation. I am busy so I just studied only 2 week and taken the exam immediately after 2nd practice test. I am lucky with 78% score. I had experience more then 6 years.
I want to say thank you all for the suggestion.
cheers!
]]>
Doing GCIH exam without official training https://community.infosecinstitute.com/discussion/131628/doing-gcih-exam-without-official-training Thu, 22 Mar 2018 15:48:53 +0000 GIAC CyberCop123 131628@/discussions
I have an OSCP certification and I hope to have CISSP in about 2 months.

My employer won't pay for GCIH but I want to do it so I can move on and have another certification.

I'm guessing you can sit the exam without any training? People here mention tests they're doing but I can't see any that are available. Any suggestions as I'm not sure how much I need to study.]]>
GCDA - First SANS Test https://community.infosecinstitute.com/discussion/134266/gcda-first-sans-test Wed, 28 Nov 2018 05:04:49 +0000 GIAC esea 134266@/discussions ]]> Passed GMOB 91% https://community.infosecinstitute.com/discussion/134110/passed-gmob-91 Sat, 10 Nov 2018 14:09:16 +0000 GIAC markmorow 134110@/discussions
Practice test 1- 80%
Practice test 2- 91%
Exam-91%

I actually thought this exam was really tough. Probably on par or a little bit harder than GWAPT but not as bad as the GCIA. I finished with about 5 mins to spare.]]>
SEC487 - OSINT ANALYSIS - Comprehensive Review https://community.infosecinstitute.com/discussion/133803/sec487-osint-analysis-comprehensive-review Wed, 03 Oct 2018 10:18:10 +0000 GIAC Randy_Randerson 133803@/discussions
COURSE: SEC487 - Open Source Intelligence Gathering and Analysis
Syllabus: https://www.sans.org/course/open-source-intelligence-gathering
Method: Live
Additional Resources: https://inteltechniques.com/

Day 1: This day is predominately like any other day for SANS. Introduction to the material itself. Things that are gone over are a vast majority of the links to things like Mind Maps, Note Taking initiatives and then getting into the importance of using alternate accounts for things like social media. You learn very quickly that sites like Facebook and Twitter are basically impossible to register for without a valid cell number nowadays.

Day 2: Probably my second favorite day out of the class. You spend the vast majority of scouring the internet on public facing websites for personal information. Things like Phone Numbers, Addresses, Real Estate Records, etc. Other things that were fun to learn and work through were reverse image searching. Things like Avatars and Usernames. This is the day you start using tools like Recon-ng.

Day 3: Social Media Day. It is a ton of fun, but frustrating if you couldn't get the social media accounts up and running.

Day 4: Geo-location. Lots of goodies for how to tie in measuring distance on Google Maps and the use of other open source map sites. You start digging into tracking a high value person through political contributions and other things to build out their dossier.

Day 5: Kind of a mash of all the concepts and topics that couldn't fill in a day. First half of the day is on Dark Web and using Tor. Second half is government/international issues. Then you get thrown to the wolves and put into a single-user investigation (meaning no teams, that is Day 6 CTF).

Overall Impressions: I've been doing this type of work now for the better part of 4 years. This is a foundational course (hence the 400 level) and it really does show. Lots of hand holding and you really don't get very deep in the weeds. However, that is most likely by design. Also many of the sites that were included in the material were useless by the time the class happened because they either went down or went to a pay model. Course Author did the best they could to update on the fly, but if you plan on taking the cert whenever it goes live -- I would strongly suggest not using someone's books. My guess is this class is going to be one of those that gets updated very frequently.

I do think the material is worth while though. The links themselves allow a person to steer away from pay model sites or companies that charge to do the same thing. That in itself can be helpful if you are working Insider Threat or just investigations in general at your company. It is pretty darn scary what you can find out just by simply searching. I do think the additional resource I linked to (and the subsequent book) may be beneficial in-lieu of this training. Biggest benefit from this training are Resources (e.g. the links) and the Mind Maps that you can then use to build out your fake persona and for your future investigations.

Overall score out of 10 --- 7/10]]>