+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 40

Thread: Gcih - sans 504

  1. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #1

    Default Gcih - sans 504

    Just signed up for SANS SEC504 with a GCIH attempt. Can't wait to get the books and study hard

    I will post with my progress and impressions for those who are interested.
    Reply With Quote Quote  

  2. SS -->
  3. Random Member docrice's Avatar
    Join Date
    Apr 2010
    Location
    Bay Area, CA
    Posts
    1,687

    Certifications
    GSEC, GCFW, GCIA, GCIH, GWAPT, GAWN, GPEN, GCFE, GCFA, GMON, OSWP, SFCP, SnortCP, Sec+; expired: CCNA (R&S, Security, Wireless), WCNA
    #2
    It would be interesting to hear your impressions of the class on a day-by-day perspective, although I know that's asking for quite a bit since each day covers a lot of ground with the resulting mental exhaustion at the end of each day. Seeing how things progress and reinforce the previous day's material would be great though.
    Reply With Quote Quote  

  4. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #3
    I'm more than half-way through. It's a great class.
    Currently working on: Resting
    Reply With Quote Quote  

  5. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #4
    I am excited and not near as nervous as I was with GSEC. I feel after going through one SANS class I have a good idea of what to expect and what I will need to bring attitude and energy-wise to do well. This way I can focus more on the material.

    Here is hoping GCIH goes into a little more detail than GSEC, which was a bit too broad I think.

    I am doing the OnDemand course, so doing a daya by day would be tedious. But certainly I plan on posting at times when I think I have something meaningful or helpful to post. Reading old posts by folks who have gone through an exam are always helpful, so I intend on leaving something for others.
    Reply With Quote Quote  

  6. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #5
    Funny that you mention that, I've come to think of the GCIH as an introduction to ethical hacking and network forensics.
    Currently working on: Resting
    Reply With Quote Quote  

  7. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #6
    Quote Originally Posted by veritas_libertas View Post
    Funny that you mention that, I've come to think of the GCIH as an introduction to ethical hacking and network forensics.
    So is your feeling that the GCIH is casting too wide a net in terms of material? I felt that the very nature and purpose of the GSEC was to be broad, hence the security essentials bit.
    Reply With Quote Quote  

  8. Random Member docrice's Avatar
    Join Date
    Apr 2010
    Location
    Bay Area, CA
    Posts
    1,687

    Certifications
    GSEC, GCFW, GCIA, GCIH, GWAPT, GAWN, GPEN, GCFE, GCFA, GMON, OSWP, SFCP, SnortCP, Sec+; expired: CCNA (R&S, Security, Wireless), WCNA
    #7
    I think 504 is relatively broad as it covers what would be considered a number of speciality subsets. It's definitely tailored to incident handling and wraps around that for sure, but that in itself covers a lot of different skill sets.
    Reply With Quote Quote  

  9. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #8
    Quote Originally Posted by laughing_man View Post
    So is your feeling that the GCIH is casting too wide a net in terms of material? I felt that the very nature and purpose of the GSEC was to be broad, hence the security essentials bit.
    No. It's definitely not GSEC. 504 is what it is: Hacker Techniques, Exploits and Incident Handling. I was expecting it to be mostly Incident Handling and Network Forensics with some hacking knowledge. In reality it's more like 25% IH and 75% Hacker techniques that also happens to cover how to prevent each attack.
    Currently working on: Resting
    Reply With Quote Quote  

  10. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #9
    Checking in with 90 days to go. Doing the OnDemand and self study with the texts. I agree with what veritas said, this course is definitely 25% IH and the rest hacking techniques, which is great for me! My boss wants to emphasize the IH, hence why he requested I take the course. In any event, I will find a way to make the experience beneficial.

    I got to say after slogging through the IH material, I am hitting my stride with the hands on. Truly a great course. I enjoy the work so much , I have to remember to keep making my index .
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Oct 2006
    Posts
    2

    Certifications
    Security+, MCA
    #10
    same just got the material, here we go!
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Apr 2013
    Location
    Wellington, New Zealand
    Posts
    697

    Certifications
    GSEC,GCIH,GSNA,GCCC, All AWS Certifications
    #11
    Its a great course covering a lot of areas. Best of luck for your exams !
    Reply With Quote Quote  

  13. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #12
    I can't remember where I read this, but someone recommended a method for indexing for GCIH: a general/traditional index, an "attack" index, and a tools index. The more I get into the material, the more this seems to make sense. I am still making my traditional index, but I think I will start creating these parallel indexes.
    Reply With Quote Quote  

  14. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #13
    Obviously do what works for you; however I would fear miscategorizing something, or being annoyed when a subject spans multiple categories and multiple indexes. I created my GCIH index with the same methodology as my GSEC index, and didn't have any issues with it.

    It's a fun course, good luck
    Reply With Quote Quote  

  15. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #14
    Getting down to the wire. I sit for my test in less than 3 weeks. I am going back and touching up my index. I plan to sit for my first practice test soon. Just getting a healthy dose of pre-exam jitters is all
    Reply With Quote Quote  

  16. Member
    Join Date
    May 2013
    Location
    Overseas
    Posts
    36

    Certifications
    CEH, GCIH, GCWN, GPEN, GSEC, GCIA, GSNA, CCNA, CASP, A+, N+, Sec +, MCSA, Masters in IT - Telecom from UMUC
    #15
    I am studying for GCFA. Good luck.
    Reply With Quote Quote  

  17. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #16
    Thanks! Good luck to you too!

    Just finished my first practice test. Scored an 81%, which is lower than I hoped. The GCIH material is proving to more difficult than I had expected, but still enjoyable.

    Anyway I have my printout with my results for each category on the test. I have 12 days to study hard on those weak areas and I have another practice test to use if I need it.
    Last edited by laughing_man; 03-15-2014 at 05:06 PM.
    Reply With Quote Quote  

  18. Member
    Join Date
    Oct 2013
    Posts
    39
    #17
    Quote Originally Posted by laughing_man View Post
    Thanks! Good luck to you too!

    Just finished my first practice test. Scored an 81%, which is lower than I hoped. The GCIH material is proving to more difficult than I had expected, but still enjoyable.

    Anyway I have my printout with my results for each category on the test. I have 12 days to study hard on those weak areas and I have another practice test to use if I need it.
    my 504 class begins tomorrow. i'm in virginia do you have any advice? i heard that creating an INDEX is helpful for the exam. do you feel you will pass this exam?
    Reply With Quote Quote  

  19. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #18
    Quote Originally Posted by bkhayes View Post
    my 504 class begins tomorrow. i'm in virginia do you have any advice? i heard that creating an INDEX is helpful for the exam. do you feel you will pass this exam?
    Best advice is read the books cover to cover, making your index as you go along. I have 4 columns in mine: term, book number, page number and description.

    I also make notes for each section, basically re-writing the material in my own words. I use that basically as a tool to help get the information in my head, not really as a study tool.

    I also listen to all the lectures, either in the car, on a walk or in the evening when I have time.

    After that I have read the books through once more, making additional entries or additions to my index.

    I feel confident I will pass. Honestly, I had about 10 questions on the practice test that were d'oh moments where I did not read the question and answers fully and I clearly knew the answer, but did not take my time.

    Having already done a SANS cert, I know the process and how the tests work. When I did my GSEC I tested in the mid to high 80s on my practice exams and got a 93% on my final. Basically again due to the fact that I rushed a bit on the practice tests but took my time on the actual exam.

    I think if you invest the time and effort to read and know the material, plus build a solid index, you will be fine. Its a lot of work yes, but then all good things are

    Good luck to you!
    Reply With Quote Quote  

  20. Member
    Join Date
    Oct 2013
    Posts
    39
    #19
    Quote Originally Posted by laughing_man View Post
    Best advice is read the books cover to cover, making your index as you go along. I have 4 columns in mine: term, book number, page number and description.

    I also make notes for each section, basically re-writing the material in my own words. I use that basically as a tool to help get the information in my head, not really as a study tool.

    I also listen to all the lectures, either in the car, on a walk or in the evening when I have time.

    After that I have read the books through once more, making additional entries or additions to my index.

    I feel confident I will pass. Honestly, I had about 10 questions on the practice test that were d'oh moments where I did not read the question and answers fully and I clearly knew the answer, but did not take my time.

    Having already done a SANS cert, I know the process and how the tests work. When I did my GSEC I tested in the mid to high 80s on my practice exams and got a 93% on my final. Basically again due to the fact that I rushed a bit on the practice tests but took my time on the actual exam.

    I think if you invest the time and effort to read and know the material, plus build a solid index, you will be fine. Its a lot of work yes, but then all good things are

    Good luck to you!
    okay my friend. when do you plan to take the GCIH? also do you mind if i post questions here for the next few days as i go thru the course? the exam is multiple choice and open book. yes?
    Reply With Quote Quote  

  21. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,818

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #20
    See my index tips and additional docs I created: Passed GCIH
    Reply With Quote Quote  

  22. Member
    Join Date
    Oct 2013
    Posts
    39
    #21
    Quote Originally Posted by cyberguypr View Post
    See my index tips and additional docs I created: Passed GCIH
    wow thanks man. i appreciate this very much. i have book #1 and the class starts in an hour. day 1 seems like an introduction day. should i take the primary terms there and index them?

    because this guy
    http://digitalforensicstips.com/2012...with-pictures/

    made he has things organzied according to "tools" "windows" "linux" and "miscellaneous" and it seems like -

    and day 1 seems like a general terms and processes ideas. Should i index and alphabetize terms in a "miscellaneous" section? because day 1 doesn't have any thing on the technical side. just the Linux commands in the appendix.
    Last edited by bkhayes; 03-17-2014 at 01:10 PM.
    Reply With Quote Quote  

  23. Member laughing_man's Avatar
    Join Date
    Feb 2012
    Posts
    83

    Certifications
    GCIH, GSEC
    #22
    I did the OnDemand training, not the boot camp. However, if I were you, I would spend this week taking notes on the lectures and doing the exercises and prepping for the hands on workshop for day 6. Doing those things will put you in the right frame of mind for the certification exam. Once home, I would focus on reading and indexing, taking the next few months to get familiar with the books.

    I indexed as I went and then reoordered my index alphabetically. I also would recommend doing 1 index, not 3. I toyed with idea, but it was too unwieldly.
    Reply With Quote Quote  

  24. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,818

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #23
    ^ I concur with that. I wouldn't focus right now on indexing for two reasons: 1) what laughing_man said, focus on the material and discussion, they are extremely valuable. Class interaction is priceless. 2) going over the books later, without the pressure of possibly missing something said in class, will allow you to refresh the material as well as give you an opportunity to lookup and expand on concepts/tools/processes that you may have doubts on.

    I liked the idea of of 3 separate index sections. In my eyes things flow smoother if your only focus is searching
    alphabetically. If you subdivide and then blank out at a term, you will have to spend extra tome looking up through the sections.
    Reply With Quote Quote  

  25. Member
    Join Date
    Oct 2013
    Posts
    39
    #24
    Quote Originally Posted by cyberguypr View Post
    ^ I concur with that. I wouldn't focus right now on indexing for two reasons: 1) what laughing_man said, focus on the material and discussion, they are extremely valuable. Class interaction is priceless. 2) going over the books later, without the pressure of possibly missing something said in class, will allow you to refresh the material as well as give you an opportunity to lookup and expand on concepts/tools/processes that you may have doubts on.

    I liked the idea of of 3 separate index sections. In my eyes things flow smoother if your only focus is searching
    alphabetically. If you subdivide and then blank out at a term, you will have to spend extra tome looking up through the sections.
    thanks for this information. i really appreciate it very much. i still feel it's important to build up my index after each session. thanks for information. i will post my progress here and ask generic questions as i progress thru the course for the next 6 days.

    i'm in a rush to be honest. and i'm gonna take the practice exam a week after the class is over and then if i do well on practice exam. i will attempt the real thing.
    Last edited by bkhayes; 03-17-2014 at 06:08 PM.
    Reply With Quote Quote  

  26. Member
    Join Date
    Oct 2013
    Posts
    39
    #25
    Quote Originally Posted by bkhayes View Post
    wow thanks man. i appreciate this very much. i have book #1 and the class starts in an hour. day 1 seems like an introduction day. should i take the primary terms there and index them?

    because this guy
    How to Guide for making a SANS / GIAC Index with Pictures | Digital Forensics Tips

    made he has things organzied according to "tools" "windows" "linux" and "miscellaneous" and it seems like -

    and day 1 seems like a general terms and processes ideas. Should i index and alphabetize terms in a "miscellaneous" section? because day 1 doesn't have any thing on the technical side. just the Linux commands in the appendix.
    okay every one. i just finished the bootcamp. i will post my entire index within the next 4 days. i have been working on it. thanks for all the help.
    any suggestions for making it better will be helpful. thanks everyone.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks