+ Reply to Thread
Page 1 of 3 1 23 Last
Results 1 to 25 of 64
  1. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #1

    Default GCIH Preparation and attempt log

    There's hardly jack on the Internet about this course or the exam attempt so I'm going to chronicle my experience similar to what I did with the GCFW.

    I got a series of emails from SANS today proclaiming that they received payment and that my online access to self study materials was available. I also got an email with details on how to access the lab, which I was unaware existed. I didn't really READ much about the course before I signed up for it so it was a bit of a surprise. Apparently it's something new with the 3.0 beta exam. TY to Dynamik for pointing this out (I'm retarded ) Either way, I'm excited about it because hands-on was something I felt the GCFW was dreadfully lacking.

    Unfortunately, the wireless Internet access in the hotel I'm staying in is on par with access from Namibia so I can't enjoy audio or video. Ed Skoudis is the instructor so I'd really like to have that content as I go through this material so I'm going to hold off until I get home before I crack into it.

    Aside from that, I am very impressed with the significantly improved graphical layout between the GCFW online self-study material and what has been provided to me for this course. I'm talking Windows 3.1 next to windows 2000 difference. The GCFW material often did not have corresponding audio for the slides, was missing information for a small number of slides, and was generally not very user friendly. I can't really vouch for the content (and presence there of) regarding the GCIH material but hey, at least it looks nice.

    I'll probably get a chance to crack into this stuff some time on Thursday evening so I'll probably update this some time towards the end of the week. I hope to update this more frequently than my last thread because it looks like there will be a lot of fun stuff to talk about.
    Reply With Quote Quote  

  2. SS -->
  3. Cyber Ninja L0gicB0mb508's Avatar
    Join Date
    Apr 2005
    Location
    Teh Tubes
    Posts
    535

    Certifications
    GCIA, GCIH, MCP, Net+, Sec+, CCNA, Proj+, A+, CIW, AESA, CCNA:Sec
    #2
    Good luck Paul. I think this one might be on my list after GCIA and GCFW.
    Reply With Quote Quote  

  4. Coffee Addict coffeeking's Avatar
    Join Date
    Feb 2008
    Location
    WORLD
    Posts
    304

    Certifications
    BSIT from OIT, CCNA, CCNA:Sec, SECURITY+, MCITP: SQL SRVR 2008, CISA
    #3
    Paul,
    Appreciate your efforts on sharing your experience. Your posts for GCFW were excellent and provided a great overview of the course. I am interested in GCIH myself and would love to get an insight on it.

    Looking forward to your postings.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    702

    Certifications
    Most Recent: CISSP & CCDA
    #4
    The disk I got for GPEN is the same for GCIH so this course should be a walk in the park for you.
    Reply With Quote Quote  

  6. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #5
    Quote Originally Posted by GAngel View Post
    The disk I got for GPEN is the same for GCIH so this course should be a walk in the park for you.
    Which is the same disk I got for the GCFW haha
    Reply With Quote Quote  

  7. k-r4d l33t 1nf0s3c g33k unsupported's Avatar
    Join Date
    Jan 2009
    Location
    407
    Posts
    191

    Certifications
    CISSP, GCIH, GCIA, C|EH, Security+, Network+, MCP
    #6
    I did on demand for GCIH last year and I felt it was fantastic! Ed Skoudis is an entertaining and knowledgeable instructor. The material is easy to keep up with. You may want to also pick up a copy of Counter Hack: Reloaded. Some of the testing material is directly lifted from the book.

    Also, make your indexes! I passed with a 94%, but could have done 100% if I looked up ever answer.
    Reply With Quote Quote  

  8. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #7
    Quote Originally Posted by unsupported View Post
    I did on demand for GCIH last year and I felt it was fantastic! Ed Skoudis is an entertaining and knowledgeable instructor. The material is easy to keep up with. You may want to also pick up a copy of Counter Hack: Reloaded. Some of the testing material is directly lifted from the book.

    Also, make your indexes! I passed with a 94%, but could have done 100% if I looked up ever answer.
    Indexes got me through the GCFW with flying colors. I've actually got Counter Hack Reloaded so that's a plus. Thanks for the advice. Did you encounter any pitfalls in the exam that maybe was under-covered from the course material? There were a few instances with the GCFW where the provided coursework did not provide me with what I needed for the exam and I had to rely on past experience. While that's not a problem, it's good to know what the surprises are.
    Reply With Quote Quote  

  9. k-r4d l33t 1nf0s3c g33k unsupported's Avatar
    Join Date
    Jan 2009
    Location
    407
    Posts
    191

    Certifications
    CISSP, GCIH, GCIA, C|EH, Security+, Network+, MCP
    #8
    Quote Originally Posted by Paul Boz View Post
    Did you encounter any pitfalls in the exam that maybe was under-covered from the course material?
    I do not recall any pitfalls. I was able to find the majority of the information in my index. No surprises.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    May 2006
    Posts
    195
    #9
    Good to hear. I enjoyed the Skoudis Counter Hack book but have never looked into the certification. Interested in reading your account.
    Reply With Quote Quote  

  11. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #10
    I blew through book 2 on Saturday. I was surprised to find a table of contents but indexed and tabbed the book anyway. The material was rookie level but I know it gets tougher later on. I'm on the way to los angeles right now and brought books three and four. Id like to at least get through three by Friday.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #11
    Aside from the first book, it seemed like the majority of the content was a rehash of GPEN (or vice versa). It'd be nice if they gave you a discount for subsequent related courses since there seems to be so much overlap.
    Reply With Quote Quote  

  13. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #12
    Quote Originally Posted by dynamik View Post
    Aside from the first book, it seemed like the majority of the content was a rehash of GPEN (or vice versa). It'd be nice if they gave you a discount for subsequent related courses since there seems to be so much overlap.
    That would be nice... I swear everything I've covered so far has been either in the GPEN material or in the GCFW stuff I have. Book 3 is starting to get into some high-level application testing (web apps mostly) so I'm actually learning a hell of a lot now. The network-based stuff in book 2 and the first half of book 3 is for the birds though. I understand that SANS wants to cross-provide material because it's rare for people to obtain multiple sans certs due to the cost, but the volume of overlap is a little crazy. I feel that even though I got the material for 25% off ($3k total) I should have gotten some type of "second SANS cert" discount because I paid a few grand for the same stuff that's on the other courses. as you said though, once you've got two you can really (derogatory term for your mother) these things out.

    Also, Ed Skoudis is an excellent instructor. I can tell that he's got a strong programming background because he's very eloquent in describing programming and program functions to non-programmer types. It's also nice to hear the GCFW material in someone else's words.
    Reply With Quote Quote  

  14. k-r4d l33t 1nf0s3c g33k unsupported's Avatar
    Join Date
    Jan 2009
    Location
    407
    Posts
    191

    Certifications
    CISSP, GCIH, GCIA, C|EH, Security+, Network+, MCP
    #13
    Quote Originally Posted by dynamik View Post
    Aside from the first book, it seemed like the majority of the content was a rehash of GPEN (or vice versa). It'd be nice if they gave you a discount for subsequent related courses since there seems to be so much overlap.
    Well, if they ever decided to change their certification/re-certification structure, maybe taking the higher level certs will renew the lower level certs... instead of having to renew in all areas.
    Reply With Quote Quote  

  15. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #14
    Quote Originally Posted by unsupported View Post
    Well, if they ever decided to change their certification/re-certification structure, maybe taking the higher level certs will renew the lower level certs... instead of having to renew in all areas.
    It would only benefit me if the higher level certs renewed each other, similar to how Cisco works. If you take any professional level exam and pass it it renews all of your professional level certs for x number of years. With SANS, even if I have to renew every three years, I will have to re-challenge anywhere from two to four tests in a short period of time. I don't foresee renewing all of my prospective SANS certs because there just isn't enough time in the day.

    That's a bridge that I can burn down when I get to it though. I planned to work on a good bit of book 3 tonight but I've got a hell of a lot of work to get caught up on so I'm going to do that instead.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #15
    Hm, I responded last night, but my post didn't go through.

    The renewal is actually every four years: GIAC Information Security Recertification Overview

    However, I didn't know they allowed you to get new course materials on the cheap. I thought you needed to purchase a new course every four years or just take a stab at it. I'm much more inclined to go this route now (even though a single exam recert would be ideal) than I was when I was expecting to have to somehow come up with $20k every four years to keep five active. I'm back on the bandwagon to whoring GIAC certs
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    702

    Certifications
    Most Recent: CISSP & CCDA
    #16
    Quote Originally Posted by dynamik View Post
    Hm, I responded last night, but my post didn't go through.

    The renewal is actually every four years: GIAC Information Security Recertification Overview

    However, I didn't know they allowed you to get new course materials on the cheap. I thought you needed to purchase a new course every four years or just take a stab at it. I'm much more inclined to go this route now (even though a single exam recert would be ideal) than I was when I was expecting to have to somehow come up with $20k every four years to keep five active. I'm back on the bandwagon to whoring GIAC certs
    It's $325 to re-cert and if you're re-certifying more than 1 in a year they're $200 each. I THINK.
    Reply With Quote Quote  

  18. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #17
    Quote Originally Posted by GAngel View Post
    It's $325 to re-cert and if you're re-certifying more than 1 in a year they're $200 each. I THINK.
    I believe that's accurate. It still doesn't solve the problem of having to sit multiple exams every several years to stay current. A "re-cert one and you're done" policy would be ideal.
    Reply With Quote Quote  

  19. Junior Member
    Join Date
    Feb 2010
    Posts
    7

    Certifications
    CEH,OSCP,GPEN
    #18
    Just passed the SANS GCFW (GIAC Certified Firewall Analyst), got a 89%. About five seconds after passing the exam I got an email from SANS congratulating me on the pass. They've already updated the GCFW portal with my name/number/score. It looks like I'm analyst #3038, one of 1344 GCFW's globally. It was definitely the most challenging exam that I have ever taken and was very heavy on practical application of the material. I'm pretty excited about the pass. Rather than asking you abstract questions about a firewall log, for example, you might be presented with a traffic flow and be asked to describe what's going on.
    Either way, I'm excited about it because hands-on was something I felt the GCFW was dreadfully lacking.
    Not sure I follow ???
    Last edited by _Dark_Knight_; 02-11-2010 at 11:16 PM.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #19
    While the material was heavy on practical application, the exam was multiple choice. Newer exams have virtualized exercises that amount to something like 5-10% of the exam.
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    702

    Certifications
    Most Recent: CISSP & CCDA
    #20
    Quote Originally Posted by dynamik View Post
    While the material was heavy on practical application, the exam was multiple choice. Newer exams have virtualized exercises that amount to something like 5-10% of the exam.
    Mine was 5%. It was just unfortunate they didn't work

    Far too simple i found though for the material covered. I want them to bring back the two part exams where you have to do a paper as well. Assuming they knock off some of the price.
    Reply With Quote Quote  

  22. Junior Member
    Join Date
    Feb 2010
    Posts
    7

    Certifications
    CEH,OSCP,GPEN
    #21
    Ahhhhhhh I follow
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #22
    Quote Originally Posted by GAngel View Post
    Mine was 5%. It was just unfortunate they didn't work

    Far too simple i found though for the material covered. I want them to bring back the two part exams where you have to do a paper as well. Assuming they knock off some of the price.
    I'll let you know how mine goes. It was scheduled for next Thursday, but I've been writing reports every night while on-site, so I haven't had any time to study. I'm out two weeks after next, so I guess I'll take a stab at it in early March. I also have to do CCNA:S, and my CISSP has been booked for mid-April. Busy busy busy!
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    702

    Certifications
    Most Recent: CISSP & CCDA
    #23
    I got the work study offer to do the GCIH in march. Not sure if i'll do it as i've got a ton of other stuff going on but i'm thinking about it. Being so similar to GPEN i'm just not sure.
    Reply With Quote Quote  

  25. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #24
    From a salary perspective there's no reason not to do the GCIH. It's a lucrative cert and if you can whore out the SANS stuff you're golden. Do you think I have any interest in challenging the GPEN? Heck no. But I'm going to, because I can challenge it for like $800 and tack on another SANS cert. I've even considered the GSEC just to make the GSE a possibility (that is, if Dynamik buys the Linux/Windows courses). I'm not really learning a hell of a lot from these SANS certs but they do validate what I know and that's the point.

    To that point, I actually completed the on-demand material last night. It was very quick to get through because Skoudis is very entertaining and keeps you on track. He's a heck of an instructor. I do like how every single attack vector which gets covered is presented in a way that promotes incident handling. The general format is "High level explanation followed by details about how it works, followed by how to actually do it with specific tools, followed by how to apply incident handling techniques using all of that information. It's an effective way to present the material. I've actually learned how to be a more effective teacher to be honest.

    Last edited by Paul Boz; 02-25-2010 at 03:57 AM.
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #25
    Quote Originally Posted by Paul Boz View Post
    I've even considered the GSEC just to make the GSE a possibility (that is, if Dynamik buys the Linux/Windows courses).
    The GCWN and GCUX are only necessary if you want to skip GSEC. GSEC, GCIA, and GCIH are all you need. That's why I'm planning on the GCIA.

    You also need to be gold in two of the three or you can use other SANS certs as a substitution. Your GCFW and future GPEN will satisfy that requirement. And yes, I have every intention of whoring out gold status as well.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 3 1 23 Last

Social Networking & Bookmarks