+ Reply to Thread
Results 1 to 16 of 16
  1. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,633

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #1

    Default Bombed first GREM practice test

    Got a 60%, I was kinda dreading taking the practice test, I found the course very tough.

    The good is most of the questions I used my index for, there was enough info I could answer the question without looking up the answer in the books, I used the books to look up about 5 answers where where wasn't enough detail in my index.

    The bad, despite how detailed I thought my index was (927 entries), I was still missing several keywords for some of the questions the exam asked, several I had no clue on or where to look them up and others not nearly enough details.

    Used index more than I would have liked, answered maybe 25 questions without looking them up. Made a couple some stupid answer mistakes as well.

    Scored one star on Win Assembly code concepts for reverse-engineering, 2 stars on malware analysis using memory forensics, analyzing web-based Malware and Common win Malware characteristics in assembly. I found myself rushing too much at the beginning of the exam, I had to force myself to slow down, finished with 2 minutes to spare.

    Exam is due Dec. 6th, seriously considering paying for a extend, since I'll be away on vacation for a week this month.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Dec 2015
    Location
    Philadelphia, PA
    Posts
    141

    Certifications
    GREM, GPEN, GCFA, GCIH, GSEC, GCIA, GCFE, CCNA Cyber Ops, ACE, MCSA
    #2
    GREM was a really tough course with a lot of information to take in. I scored a 71 or 72 on my first practice test and a 84 or so on my second. I ended up passing the exam with an 80. After the first practice test I really revamped my index and added A LOT of info. I think my index was around 1500 entries. This was definitely overkill but it helped me study more.
    Reply With Quote Quote  

  4. Senior Member kMastaFlash's Avatar
    Join Date
    Aug 2012
    Posts
    973

    Certifications
    A+,Network+,Security+,EMCISA,MCP,CCENT,CCNA R&S,C|EH,C|HFI,Linux+,LPIC-1,E|CSS,E|CES,GPEN,OSWP,Server+,LPT,GCIH,E|CIH,E|CSA,JNCIA,CPTE,CPTC,eJPT,GNFA
    #3
    Best of luck! I've been keeping my eye on the GREM certification. One thing I found with GIAC exams is read the actual text and make index entries on that not just the slides.
    2018: E|CSP,CCNA-Security,CSA+,CCNA Cyber Ops
    2019: CCSK,CISSP,CWNA
    2020: LPIC-2,eLearnSecurity Courses
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    1,109

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #4
    Good luck!

    It's a tough nut if you are approaching it without real work experience to back up your studies. I had such a backup so I scored 92 with no index because of the years of analyzing malware.

    Given the score and all the lookups during the exam, yeah, it looks like you may want to extend the time available for studies.

    Shouldn't be a surprise though, this course starts with 6 and SANS have only a few of them and only one toughest course that starts with 7. It's not a 4xx or 5xx easy course.
    Reply With Quote Quote  

  6. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,591

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #5
    Good luck mate! It is a tough one!
    Goal: MBA, March 2020
    Reply With Quote Quote  

  7. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,633

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #6
    I ended up coughing up the $360 to get a 6 week extension, my exam deadline is now Jan. 19, instead of Dec. 6. I plan to make good use of the extra time, by following along with the MP3 lectures, with the books and carefully doing the labs. In some ways it's better this way because I can pause the MP3 and do the labs along with variations I try to see what happens. Listening in the car does help, but it's as beneficial as having the material in front of me. Someone did comment in my rep why would I point out I'm an idiot, or something along those lines, I'm here to learn or get pointers in learning, not to brag how superior I may be to others.
    Last edited by TechGromit; 11-26-2017 at 03:04 PM.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    2
    #7
    Failed today GREM with 61% , had 60% on first attempt and 85% on second. Honestly I thought I passed the test, was shocker to find out I didn't. Couldn't believe it, debating on new strategy of retaking exam, did labs, all books 2X, index, CTF, I understand the material but still failed.
    Reply With Quote Quote  

  9. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,633

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #8
    Just took my 2nd practice GREM Exam today, scored a 69%, I carefully redid all of the labs and material from books 3 to 5, didn't get a chance to redo the labs for book 2, but I did better on that material than the Analyzing Web-Based questions. I have my exam attempt scheduled for Jan. 18th, not going to extend the date again. I firmly believe that the questions are pulled from a pool of possible questions, so what questions you get, is luck of the draw. So practice exams / certification exams can be easier or tougher, just depending on what questions you get. The 2nd practice test seemed way harder than the first exam I did, even though I did better on it. It did seem to have a more code analysis questions, I have two weeks to work on areas I'm weak on, but I give myself a 50/50 chance on passing at this point.

    I didn't reference my index as much as I did the first exam, I also pulled up my scores for Win Assembly code concepts for reverse-engineering 3 stars, 4 stars on malware analysis using memory forensics. I seriously considered the correct answer for at least two questions, and ended up picking a different answer, getting the question wrong when I had the correct answer the first time.

    I plan on consolidating my assembler notes into a few pages, One weakness I saw was say for example


    (Note: question I made up not on practice exam)


    Which choice is 32-bit architecture?


    A. byte
    B. word
    C. dword
    d. qword


    Assuming i didn't know the answer, I would have to flip through the index looking up each answer. While this is unavoidable some of the time, since Assembly is such a big part of the exam, I figured that having everything referring to assembler consolidated separately. Also doesn't hurt to go over all the material again.


    Another question I didn't trust my own index, looked up the four answers, but only one was on my index, but it didn't see right to me, so I picked one of the answers that wasn't on my index, the BOGUS answer was wrong, If your index is complete, trust it over your gut.

    The final thing I'm planning to do is go over all the code again in the books and pull out examples that i think may be on the exam into cheat sheets, I saw a question I immediately recognized from the books, I'm betting there are parts of other code examples from the books on the exams. While i didn't do too bad on this part of the exam, I just think I got lucky, with best guess answers.
    Last edited by TechGromit; 01-07-2018 at 09:22 PM.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Feb 2016
    Posts
    211
    #9
    --Based off the last two discussion posts I will mentally never consider this certification unless a job says take it or you are fired---

    Ok, back on topic. Stay in the fight TG. Thanks for not giving up. These courses are two expensive to give up on, especially with the added cost of certification re-attempts. I hope you and Hoosar prevail!

    I just did some quick math. You can miss at least 20 of the 75 questions. Without that every 15 question score that they went away with, I just honestly count in my head the questions I am not 100% sure in. Towards the end, I have a pretty good idea if I passed.

    My new technique is if I don't know or can't find the answer in less than a minute I skip it. I go for the low hanging fruit and the answers I can easily find in my index/book. That way, I am not pressed for time at the end and have to quick read and pick a letter between A-D that may or may not be correct. Yes, it has happened. Go for what you know first. That works for me, not really for everyone. It also only works if you are not one for taking breaks. Because if you have to take a break, you have to answer the questions you skipped first.

    GG
    Last edited by GirlyGirl; 01-07-2018 at 02:57 AM.
    Reply With Quote Quote  

  11. Member
    Join Date
    Dec 2017
    Posts
    94
    #10
    As long as your know your weakness you can maintain your strengths and improve upon the areas in which you lack. You still have time. You have time to make the best index and absorb the most information as possible.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Mar 2014
    Posts
    660

    Certifications
    Alphabet-soup
    #11
    I'm planning to challenge this one this year, but now I'm not so sure. Can I ask if the assembly was mostly x86 focused, or did they throw in a lot of 64-bit examples as well?

    How tool heavy were the test questions? I'm decent with IDA and I find it works well as a debugger as well, but I know there's a dozen ways to skin a cat. I've heard the GREM labs use x64dbg and ollydbg a lot. Concepts and basic usage I get, but if GREM is like GPEN, you need to know which keys are needed to access what features. x= cross references in IDA, but I wouldn't know the equivalent in x64dbg, etc.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Dec 2015
    Location
    Philadelphia, PA
    Posts
    141

    Certifications
    GREM, GPEN, GCFA, GCIH, GSEC, GCIA, GCFE, CCNA Cyber Ops, ACE, MCSA
    #12
    Quote Originally Posted by BlackBeret View Post
    I'm planning to challenge this one this year, but now I'm not so sure. Can I ask if the assembly was mostly x86 focused, or did they throw in a lot of 64-bit examples as well?

    How tool heavy were the test questions? I'm decent with IDA and I find it works well as a debugger as well, but I know there's a dozen ways to skin a cat. I've heard the GREM labs use x64dbg and ollydbg a lot. Concepts and basic usage I get, but if GREM is like GPEN, you need to know which keys are needed to access what features. x= cross references in IDA, but I wouldn't know the equivalent in x64dbg, etc.

    When I took it in September they barely touched on x64 based Assembly. The course is very technical. I thought it was much more technical than GPEN. You can look at the test requirements on the GIAC site for a list of tools but I'm not sure if they list every tool that is covered.
    Reply With Quote Quote  

  14. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,633

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #13
    Quote Originally Posted by BlackBeret View Post
    I'm planning to challenge this one this year, but now I'm not so sure. Can I ask if the assembly was mostly x86 focused, or did they throw in a lot of 64-bit examples as well?
    Other than larger address space for the 64-bit examples, assembly wise I don't see very much difference. If your good with 32 bit assembler, I don't think you'll have trouble with 64 bit assembler.

    Quote Originally Posted by BlackBeret View Post
    How tool heavy were the test questions? I'm decent with IDA and I find it works well as a debugger as well, but I know there's a dozen ways to skin a cat. I've heard the GREM labs use x64dbg and ollydbg a lot. Concepts and basic usage I get, but if GREM is like GPEN, you need to know which keys are needed to access what features. x= cross references in IDA, but I wouldn't know the equivalent in x64dbg, etc.
    He no longer uses ollydbg in the course, it's x32dbg / x64bdg. There are some tool related questions, so it's good to be familiar with what tools the author recommends, volatility is a big one, there's a good 20 pages in the book dedicated to this one tool. I printed out the full help screens for it and it served me well so far. Don't recall any what this key does or how to do that in such and such program, but anything is possible on the exam.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  15. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    2
    #14
    Passed my GREM finally, one advice for takers, read questions carefully.
    Reply With Quote Quote  

  16. Member
    Join Date
    Dec 2012
    Location
    Edinburgh
    Posts
    45

    Certifications
    Comptia a+, MCDST, MCP(70-270),MCSA(70-290,70-291) Comptia Security+, SSCP, CCENT, CEHv8
    #15
    Well done
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Apr 2018
    Posts
    11
    #16
    Well done!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks