I go straight into excel and type in any entries as I go through each book page by page and ask myself if I understand the concept good enough to explain it to someone else. You’re last paragraph made me chuckle. I recommend doing a self assessment on each concept. Those exams are costly to take and I would never want anyone using out of date materials that I provided as a guide. The main section consisted of both items and concepts. 3 0 obj Building an index for SANS is part of the whole experience for me and gives me another opportunity to go over the material. They wouldn’t look nearly as nice if I tried to bind it myself . I was at 93% after 15 questions but had only answered 20 after 1 hour. Gives quick confirmation whenever you have a doubt about a command, tool, plugin… Create your own additionnal cheatsheets if it can help. SANS course I cant afford . I’ve got my SANS 560 coming up, first SANS training I’ll be attending, so this is mighty helpful. I haven’t had a chance to read “Network Forensics: Tracking Hackers through Cyberspace” yet but I’ve heard good things from people who do that style of work daily. You should now have: Read the books. I feel confident I feel that I have done a pretty good job at indexing my books, but I get nervous about not doing well on the exam. Those cheat sheets from the SIFT kit belong, a page of common ports, a page of hex/binary/decimal etc. DF400ex Registered Users Posts: 2 April 2012 in GIAC. Seems like it would go both places, but would be a bit redundant. Passed through GCFE at 90% with training books from 2014. For the first course, I relied more on SANS index and barely made any edits. �O�;��NW���o����H{c>��w�q��͗�����_{ Y���H�w|�_��~�����hzo/����!��8�W\���sL���>�W$b�*����>P��Z��PHV�i=���ď�}~�%����;�42�|�{��b��%�w���1���G���ץ��Ȋ]��a����k������9��3��q��ӏ��3iB��I�g��B���!|�'�d"(t�_/B��0� J$�H�q��Q��gB�h��R^��b�Br�@��J�,$��. Same basic strategy of going through every page of the books and creating an index of ever topic, ever tool etc. SEC 504 is a very popular SANS … A lot of these people had more SANS certs than I have friends so their methods obviously worked for them. Great points! I have taken the course and got the cert. Many of their classes include the so called “Cheat Sheets” which are short documents packed with useful commands and information for a specific topic. When someone fails, they always say they ran out of time. )B��F� �O����� �|溜s Agree 100%. I’ll be taking the GCIH soon and need to prepare an index. You’ll be glad you did for many reasons. I had practice tests in the SANS course, practice tests in Conrad’s book, signed up for the cccure practice tests and bought the exam cram practice test book (not their study guide). Thanks in advance, I have worked closely with several GSEs, and have established relationships with several sans course authors. 2. I listed the commands, a brief description and sometimes a command line example. It worked great for me, I looked up many (probably more than half) answers in the books during the exam, mostly for verification. I’ve used Chris Crowley’s script for generating an index for several of them and found it helpful. The exam is tough, but if you study everything in the books, you'll be prepared for the exam. My index ended up being 31 pages I created plus a few pages I copied (IvP4 breakdown etc. I don’t know anybody who’s taken the GMON yet but when you register for an exam you’ll receive two practice exams which in my experience have been by far the best indicators of what type of questions the exam has. Voltaire is a web-based indexing tool for GIAC certification examinations. I started building my own index but my job keeps me very busy and my GCIH exam date is coming very soon. If you don’t understand the question, keyboard index time, hail Mary, brute force. Common ports, a dec-binary-hex conversion chart etc. If the answer is no then I need to get myself to the point where I could before I move on. Pingback: Passed GSEC 401, have an extra practice exam if anyone wants it. Can't wait to get the books and study hard ... How to Guide for making a SANS / GIAC Index with Pictures | Digital Forensics Tips SEC 505 isn’t on the top of my to-do list but it is on there. I am finishing up SANS 504 On Demand and am prepairing to take the GCIH. peter. No one book will cover the entire course but there are some great books out there. Still doable, but with 3 or 4 times the amount of work required with the SANS books. Also, since a lot of the material was new to me my learning went from exposure to concepts to specifics. Hello, Great class!! Also, remember you can print up cheat sheets like common ports or anything else and tack them onto the back of your index too. It should also be noted that when I took SANS 504, the instructor actually gives links to unvetted SANS 504 indexes by previous students. For the first course, I relied more on SANS index and barely made any edits. Would you be willing to sell copies (pdf) of indexes you have prepared? Always keep in mind you are required to give the correct/most correct answer, not the smartest-in-your-opinion one. Did you print out every page yourself, provide the tabbed dividers, and bring all of the loose sheets to Kinko’s just for binding? Also, the GMON is a new certification, thus I have not heard how difficult it is from anyone yet. For example, “503.1”, “503.2 + 503.3”, etc. I passed both, but wish I had scored higher. 1 0 obj The tools section is self-explanatory. One thing you will need though, any "**** Sheets" they provide. I 100% agree about needing to read the books and understand them in conjunction with an index. Thanks for you tips Matt. They often use a large keyword index to “brute force” the test. I created indexes for 408 and 508 that were 17 and 21 pages long. I am responsible for getting students through a very intensive that includes 3-5 GIAC certs in about 6-10weeks. I like to complete my index and print a rough draft before I take a practice test. <> Fortunately, the second part of the exam was more practical-oriented and thus I could answer a fair amount of questions without having a single glance at books/cheatsheets. I was starting to go through the books and adding their own tabs, but it struck me this it isn’t very helpful for finding items, especially under exam conditions. When I asked Neal how long he thought an index should be he replied “fifty pages” without blinking. Of course. The CISSP is definitely a different beast than a GIAC exam. Overall I'm not a huge fan of the SANS style brain dump/fire hose approach but if you are going to do it then indexing the text is a great way to reinforce the material. It was close to 50 pages and had been professionally bound at Kinkos. During testing, I recommend: You need to get familiar with the books by reading them, then create a basic index, oh and good luck. Studying : GPEN Reading : SANS SEC560 A bit tongue in cheek? Any tool related questions are usually quick and easy with a solid index. Thank you for sharing your tips! GIAC exam (obviously, being certified and depending on score eligible to Sans Advisory Board and Mentor Program I will discuss later.) Great advice too. I am a infosec professional, instructor, writer, sans mentor. How did you handle that sort of thing? Final thoughts : that exam would have been a total nightmare without the FOR508 training materials. Just signed up for SANS SEC504 with a GCIH attempt. Thank you for the kind words. I found that creating the indexes was an important part of the learning process. Pingback: Has anyone taken GMON exam yet? Vendor: SANS; Exam Questions: 328; Last Updated: November 14th, 2020; Go To SEC504 Questions . He said that whatever course/book you’re going to use to study (I used the SANS 414 and Eric Conrad’s book) go through that then instead of spending time studying other resources start doing as many practice exams as you can. book Abbr. The index REALLY helped a ton and if I second guessed a question I was able to quickly find the material/detail I needed to find the right answer. Label the first four columns with: “Page”, “Keyword 1”, “Keyword 2”, and “Keyword 3”. In similar fashion you cover one book per day, but the books are only “yay” thick (a welcome reduction compared to 401): Let me give you 5 reasons why this course is a must-do for any security professional. I followed up with a question on how he formatted his indexes and he offered to have his wife bring one of his when she came into town the next day. SANS Security 504 focuses on incident handling, addressing practical methods for preparing for detecting and responding to computer attacks. Agreed with the sentiment about learning the material rather than trying to ‘brute force’ the exam. Congrats on the pass!!! Password Cracking: protect from unauthorized disclosure, modification, removal Page 5-52 a. SEC504 will prepare you to turn the tables on computer attackers. This is very helpful, Thank you for your time to craft this article. I took the SANS FOR 508 Computer Forensics course in 2008. I’m glad you found it helpful . Thanks buddy I had to move the test to July but this gives me some time to tune my indexes. I recommend a short table of contents index, in book order, that outlines each concept. I’m kind of sloppy and would not want to attempt to three-hole punch everything and place into a binder, so a binding from a print shop would probably be best and look better. <> All stuff you would normally be fine without but after taking the GSEC, CISSP and GISP in a two-three month period my brain now fries early in the test process . I had four year old material from a course that had been completely revamped and no index. I have linked as many as I am aware of below. But if you have your first SANS/GIAC exam coming up and feel like you could use a little extra help, I would seriously consider taking the time to make a comprehensive index. <> Too bad I can’t attach the index here as an example. My books index was 4 pages (220 items, makes more sense), Tools index was 3 pages (115 items). Pingback: Tips, Tricks, and Traps When Prepping for a GIAC Certification Exam – Br0nw3n's World, Pingback: GIAC Certified Incident Handler (GCIH) – @n3tl0kr, Pingback: SEC560 penetration testing course and GPEN review - chosenhacks.com, Your email address will not be published. The steps below detail how to build an index that will help you pass your SANS GIAC exam. But I did know the material fairly well, I spent close to 80-100 hours reading the books and doing the on-demand video classes (+labs). %���� If you understand the concept, find the detail with concept index. Overall I'm not a huge fan of the SANS style brain dump/fire hose approach but if you are going to do it then indexing the text is a great way to reinforce the material. 2 weeks a cert. I always use practice exam questions to help me refine my index. The main thing is really to keep cool during the whole exam, and manage your time. 4 0 obj Tracked down your SANS course tool and software cheat sheets! Step 5: Edit SANS index at the back of book 5 (see below). One more question did you find any usr of the file system forensics book from brian carrier for the exam? I followed GIAC’s advice on how to prepare here: https://www.giac.org/media/exams/prep-guide.pdf If you need a 50 page index for a course like this then you’re doing something wrong, like maybe not reading the books before hand. When I took my GCFA my books were four years out of date so I took in my course books, some cheat sheets (log2timeline etc. For example, “503.1”, “503.2 + 503.3”, etc. The best advice I ever heard was from Eric Cole. SANS 504 book index. This post is meant solely to help students who have never seen an in-depth index get a feel for how they could design one of their own. https://www.giac.org/certification/certified-incident-handler-gcih Made an index you can quickly reference (if it’s over 8 pages you had better have bound and tabbed the index, too!) I am finishing up SANS 504 On Demand and am prepairing to take the GCIH. Excellent post and thank you for taking the time. The right length is the one with which you feel comfortable. So whether you used my index system or somebody else’s, let’s recap. Hopefully with this advice, I can boost my scores on future exams. 5 0 obj If you’ve taken a few GIAC tests and have had good results, then by all means keep doing what you’re doing. It would take longer to modify than it would to make one from scratch. It was way over my head but I had a great time and learned a ton. GCIH already breaks it down. Thanks for the review and suggestive comments on preparing an index for GIAC certifications, preparing to take SEC505 in the upcoming week with a prepared index of around 40 pages. This being my first GIAC exam I would highly recommend doing this for ALL exams and plan to going forward. Not at all. The SANS Institute provides some of the best security training in the industry. My index was around 8 pages + I made my own reduced materials … a “book” with most important parts from original book (100 pages). This means that they don’t understand the concepts, and look up keywords only to run out of time. All that said I usually get at least one message a week from someone telling me that my example and explanation really helped them with theirs and that is exactly what I was going for. Studying : GPEN Reading : SANS SEC560 SANS Exam Preparation Tips Ben S. Knowles BBST, CISSP, GSEC, GCIH, GCIA, ITIL, LPIC-1 Index. THC Hydra: Password guessing, dictionary … SANS Security Essentials curriculum consists of courses designed to help you gain the knowledge and hands-on skills you need to succeed as a security professional. That’s a really tough test and you should be proud. That helps me gauge how much time I need to spend studying that or if I can move onto the next topic. To stay on top you must have a strong foundation in the essentials of security. Create a spreadsheet with tabs labeled for each book in the course. SANS 504 book index. I went through the course via On Demand from Ed Skoudis and in person from John Strand. GIAC exam (obviously, being certified and depending on score eligible to Sans Advisory Board and Mentor Program I will discuss later.) On the basic it course part, basic to one person may very well be advanced to the person sitting next to them I know things that would seem basic now would have looked like a foreign language when I started down this road two years ago. The difference between having no index and 4 year old books to having current materials and a large index was night and day so I’m sure you’ll nail it. My recent indexes have been 8-12 pages of indexed book content then some extras (common ports, tool cheat sheets etc). Good GSE prep. Any tool mentioned in a book went in here. In the end I was very familiar with what is where in which book. Our SANS SEC504 exam material is good to pass the exam within a week. Will post back with any input I can following the challenge. This is all to focus,and save valuable time in a test. Please let me know! With this being my second SANS course and certification, I believe this is the area I improved the most. Putting together a comprehensive index proved to be an incredible time investment but as I was going book by book putting it together I was also learning. Thank you very much for posting your ideas. Any examples I made bold.
2020 sans 504 index