search
top

Passing the GCFA exam

Recently, I challenged the GIAC/SANS GCFA exam. And I am excited to say I passed and have obtained the GCFA certificate!

This was one of the more detailed courses I had taken in awhile. The IR and Threat hunting sections were not as new to me. However, the memory and forensics section were very deep and detailed. Normally, most organizations will contract out major forensic type of work to 3rd party external partners. So, the forensics section was something I do not work on as often. But I found learning and getting the knowledge of various ways malware can hide in memory, or how to detect Time stomping attacks from malware was extremely fun and exciting to learn. Feeling incredibly grateful to learn about all these new attack techniques and detection mechanisms.

Prepping for the exam

I highly advise everyone take the SANS FOR 508 course. You can read my review of it here -> https://www.stealthbay.com/review-of-sans-for-508/

The course will prepare you for the exam and cover topics and tools that you will be tested on. There is a lot of material to learn in the course. So, dedicate a good amount of time towards learning the course material and all the concepts. The class itself was amazing especially when you get into Memory Analysis, File system analysis and the Anti-forensics sections.

Read more of this post

Passing the GCIH Exam

I’m proud to announce that I have now obtained my SANS – GIAC GCIH certification. It was a long process, and I pushed myself to get it done before the start of the New Year – 2020.

New SANS GIAC changes to exams

One thing that was particularly new for me compared to the other 2 SANS exams I’ve done was the lab questions. SANS with GIAC now has added a section that tests your knowledge through a virtual lab. Now, I have to say I think it’s actually pretty awesome! It puts your real world skills to the test to see if you can actually can apply needed practical skills. It also gives companies assurance that their employees are also getting and being tested on real hands on work and not just theory based topics.

Read more Of This Post

Passing The GWAPT Exam

Passing The GWAPT Exam

So, I finally went for it and attempted the GIAC GWAPT exam and passed it! I’ve been conducting some pen tests prior to taking the SANS SEC 542 course and the GWAPT exam. The course taught me many new things, and gave me a new perspective, and insight when it comes to web application pen testing. This blog post is to share my experience on how to best prepare for taking the GWAPT exam.

Should I take this exam or challenge the GWAPT ?

Many people will ask themselves this very same question. The best answer really depends on what your career goals are for your future. If you plan on being a pen tester, then this is a must at least if you are new or an intermediate to web pen testing. These days the Internet is filled with web applications, and now with more data and applications placed in the cloud. WebApp pen testing is a skill in demand and will be needed to test anything open to the public via the cloud.

Studying

Read The Full Post

Passing The GSEC Exam

Passing The GSEC Exam

So, I’ve officially nailed down another Information Security certificate. And, this time a certificate from the SANS Institute with their GIAC- GSEC certificate. I thought I’d make a post for other people that plan to challenge the exam, and share my own personal experience through it all.

Is it Right For Me ?

The big question would be why are you thinking of obtaining this certificate? Does your work require it? Are you new to the information security field and want a better foothold into the industry? Do you wish to gain more knowledge and/or a higher quality of training? If it’s any of those reasons apply to you, then I would definitely point you towards getting your GSEC certificate.

Preparing For The Exam

So some may ask how they can best prepare for the exam? (more…)

top