Feb 20, 2023
Passing the GDSA exam
Recently, I challenged the GIAC/SANS GDSA exam. And I am excited to say, I passed and have obtained the GDSA certificate!
The course and exam concepts were a mix of things known to many experience cybersecurity professionals. While, at the same time, many new trending topics that a large portion of businesses are pushing towards (Zero Trust). There are many fun labs that challenge you to break into routers in very simple ways. The purpose of these types of challenges is to start thinking about of defenses that can be built to overcome weaknesses. On top of that, it sets a standard to always implement best security practices and keep them in mind for any architectural designs.
SEC530: Defensible Security Architecture and Engineering class
I had taken the full course related to this certification. If you want to read my review of the corresponding course, then check this blog post out ā> https://www.stealthbay.com/sec530-defensible-security-architecture-and-engineering/
Prepping for the exam
I highly advise everyone take the SEC530: Defensible Security Architecture and Engineering course. You can get more details from here: https://www.stealthbay.com/sec530-defensible-security-architecture-and-engineering/
The course will prepare you for the exam and cover topics and tools that you will be tested on. There is a lot of material to learn in the course. So, dedicate a good amount of time towards learning the course material and all the concepts. The class had some awesome learning lessons and knowledge towards planning and building out a Zero Trust and Insider Threat program.
After you take the course go back to each book and start building out your index. After this, it is a good time to make use of your first practice exam and see how you fair in it. Use the section at the end, which lists out relevant sections you were weak on and take the time to further study them some more. Take the second practice exam, and hopefully this time you see an improvement. If so, then book your final exam within the next week and go for it. This format always has worked well for me.
Making an Index
In my case, though I had a rather good index built up. I found I did not really use it as much as I thought I would. I spent a lot of time learning everything from the course ware material. So, I felt comfortable with most of the questions on the exam and being able to answer them with the knowledge I gained from the course.
If you are looking for an index guide, here is a great guide on making an excellent index for yourself -> https://tisiphone.net/2015/08/18/giac-testing/
I used a similar format to the index above and found it helpful when I did need to use it.
Lab work
The exam itself did NOT have a lab portion. Most of the SANS GIAC exams I have done all had some kind of lab section at the end. In the case of the GDSA exam there is no lab. However, I do urge you to work on the labs and understand them. Also, index your lab book and bring it with you to the exam *hint hint*
Practice Exams
If you have registered for the exam, you will have 2 practice exams to use. I highly recommend you make use of both and really treat it like as if you are writing the real exam. It will prepare you for the actual exam format, which consists of 75 questions, with a 2-hour time limit (which goes by very quickly!).
At the end of each practice exam, you will see a 5-star rating on each major topic and how you scored on them. Focus on the section where you are weaker e.g. (got less than 3 stars) This will make your study time either between the practice exams or the final exam more efficient and worthwhile.
The exam for me was done from home, and I had to try out their new remote setup via ProctorU. There are some key items you need, such as downloading and using Guardian Browser to conduct the test. I did not have any issues during the exam, the connection was great (make sure you have a good connection, and no one is video streaming while you are doing the exam!). My proctor was super attentive and explained everything well. The exam process remotely overall went well and smooth.
Future plans for the next cert
So far, I have been through several SANS courses in my cybersecurity career. I am debating on possibly moving over to try something different such as Offensive Security e.g., OSCP. I do also have plans to challenge an AWS and Azure certificate for 2023.
Have you passed the GDSA or have any questions? Post them below in the comments section!
4 Responses to “Passing the GDSA exam”
Trackbacks/Pingbacks
- SEC530: Defensible Security Architecture and Engineering - Zero Trust - StealthBay - […] Passing the GDSA exam […]
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as Iād like 
Hello,
Thanks for sharing your experience.
I have a weird question, Can I buy the study material from you?
If yes, please send me an email!
Hi.
Students that take the courses cannot sell or redistribute the course materials. It is against SANS’s policies and would get someone into a lot of trouble.
I would not be able to help out with the materials.
However, I would advise you look for SANS promo’s and discounts which are given from time to time throughout the years. It’s a great way to save on some costs for the courses.
Hi,
Sec530 is around 7-8k USD. My organization does not approve this. Any idea how can this be done otherwise?
Hi,
You may be able to use their Work Study option. It might help reduce costs: https://www.sans.org/work-study-program/
I would NOT advise you challenge the cert without taking the course and having access to the course materials. Much of the knowledge you will need requires you to have the course materials. As well as understanding the material and concepts.