Finally, I remember to provide my feedback regarding the SANS 301 that I took five months ago. After few years without taking any IT certification due to different career. I have to say that SANS certiification is the worst exam taking experience that I ever have. It is more like indexing and finding the answer from the book. It had nothing to do with the course. As experience IT professional, so I didn't take any extra materials notes, or index my study at all. It was a challenging exam in general perspective because of so many materials that specific addressed on the SANS training course. However, I have to say SANS did provided good instructor. Since it wasn't my intent to take the course or exam, and I have to say that I wasn't well prepare for the exam. I thought I did OK, but the result was a little lower than I expected, but I passed.

Here are few things that I will recommend to 1) If you new to IT security, then take the 301. 2) Be prepare to take the exam the week after or take the on-demand course. 3) Your experience only matter if your mentor have SANS before, otherwise you are newbie. 4) dedicate yourself to the course and time to take the exam. 5) If you can't afford to take the training course, then don't bother. 6) If you can find study guide within six months, then you can use that to study GISF (It is doable because I have a discussion with the other taker who didn't take the SANS training).

Good Luck. I am taking 401 next.