+ Reply to Thread
Results 1 to 6 of 6
  1. Senior Member
    Join Date
    Apr 2014
    Posts
    281
    #1

    Default GPEN Cheat Sheets?

    Im preparing to take GPEN next week, and I've never brought in anything other than my index and the books.

    Seems like most people in my office bring in all sorts of things, and definitely cheat sheets / posters.

    Which cheat sheets have you all used when taking GPEN. I think I'll be fine with what's worked for me, but if it's allowed, and produced by SANS, why not?
    Reply With Quote Quote  

  2. SS
  3. Reticulating splines... iBrokeIT's Avatar
    Join Date
    Jul 2013
    Location
    Twin Cities, MN
    Posts
    1,087

    Certifications
    GCIH, GSEC, VCAP5-DCA, VCP5-DCV, MCITP:EA, MCSA 2003/08
    #2
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Apr 2014
    Posts
    281
    #3
    Duh. Thanks
    Reply With Quote Quote  

  5. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,668

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #4
    Maybe it's just me, but I've never found those SANS quick cheat sheet of any value on the exams, I have used them Analyzing malware, to give me help what program to use to analyze a specific type of malware.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  6. Member
    Join Date
    Sep 2015
    Location
    Dallas, TX
    Posts
    54

    Certifications
    GCTI, GNFA, GCFA, GCIH, Sec+
    #5
    Quote Originally Posted by TechGromit View Post
    Maybe it's just me, but I've never found those SANS quick cheat sheet of any value on the exams, I have used them Analyzing malware, to give me help what program to use to analyze a specific type of malware.
    In GCFA, both "Finding Evil.." and "Evidence of.." posters were a tremendous help to me honestly.. finding normal processes and services and their parent process, Execution path, number of active ones .. etc. Also files timestamp and what gets modified and when..etc.

    Wireshark one was also helpful in GNFA..

    I mean all of that were in the books, sure.. but it was faster, cleaner and just easier to get the information from poster/cheatsheets. Now i know I'll, definitely, rely on them at work

    Here's the link to DFIR posters and cheatsheets, if anyone were also looking for them. https://digital-forensics.sans.org/c...y/cheat-sheets
    Last edited by al88; 03-10-2018 at 06:24 PM.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Apr 2014
    Posts
    281
    #6
    Good stuff, thanks.

    Sidenote, reading the gpen books, i find myself reading them in the OSCP videos voice subconsciously
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks