I am pleased to mention on here that I did pass the GSE in Orlando. The exam is pass/fail so I'm afraid I am unable to pass on any details other than "I passed." I know there were parts that I felt good about and parts that I was definitely shaky on. Overall I felt really good when I was done because I felt I did my best.
What would I do differently next time? Well that's easy: I really would have spent more time studying. As a matter of fact I would have spent a week or two going over the practical exercises from the SANS courseware I had. But that is about it.
So now you know that at least one person passed the exam without any reference material to speak of. Not that I am recommending that strategy, but keep in mind that in order to be able to extract information from your brain, you have to be in the right mindset. Relax!
The GSE is nothing to stress out about. It's a fair exam and it is made to separate people who just take tests well from people who have absorbed the knowledge being tested. If this is you - take the GSE.
24 May, 2011
23 April, 2011
GSE Part 2 - the (lack of) preparation
I had a (that is to say only one) person ask me about preparing for the GSE. I really wish I had more to say. I was working hard the month or so before I was scheduled to take the practical. So I really didn't have much time to study like I wanted to. My studying consisted of going through old courseware and my own notes, and tearing out sheets that I thought I might need.
So it was like this -
Flip, flip, flip, Snort rules *rip*, flip, flip, icat *rip*, rummage, rummage, shred.
I ended up with a stack of maybe twenty sheets that I took with me. I didn't have time to set up my vmware lab and get really proficient with things like metasploit. I had intended to, but my time was not my own.
I also took my tcp/ip header cheatsheet with me (though I ended up letting a re-certification candidate borrow it.)
So I am not a very good model to follow. I didn't end up studying at all, and I only brought a few sheets of reference in my backpack which sat on the floor next to me most of the time.
But, if I end up passing then you, the reader, will know that the exam is perhaps less scary than you thought. Knowing the fundamentals and the certification objectives is the highest priority. If you know them and can do the tasks, it shouldn't be too bad. If I don't pass then - well - do better than me!
So it was like this -
Flip, flip, flip, Snort rules *rip*, flip, flip, icat *rip*, rummage, rummage, shred.
I ended up with a stack of maybe twenty sheets that I took with me. I didn't have time to set up my vmware lab and get really proficient with things like metasploit. I had intended to, but my time was not my own.
I also took my tcp/ip header cheatsheet with me (though I ended up letting a re-certification candidate borrow it.)
So I am not a very good model to follow. I didn't end up studying at all, and I only brought a few sheets of reference in my backpack which sat on the floor next to me most of the time.
But, if I end up passing then you, the reader, will know that the exam is perhaps less scary than you thought. Knowing the fundamentals and the certification objectives is the highest priority. If you know them and can do the tasks, it shouldn't be too bad. If I don't pass then - well - do better than me!
10 April, 2011
My GSE Experience
One of the reasons I attended SANS 2011 in Orlando was to sit for the GSE. For those of you who don't know, the GSE is among the higher-level certifications offered by GIAC and involves a two-part process. First one must take a proctored, 150 question exam (multiple choice) then perform two days of practical, hands-on tasks. It's the hands-on portion that seems to frighten people. Most people, by the time they have taken several multiple choice exams, have a pretty high confidence level going into any MC exams. Hands-on, well, that is different; one has to know how to use different tools in order to complete a task. It's my opinion that, although the practical examination is open-book(s), knowing where to look up tool usage won't save someone who isn't familiar with performing basic security tasks. It doesn't seem like it when one is focused on reference material, but there is a world of difference between reading about protecting systems, or detecting attacks, and actually performing these tasks.
There is nothing in the practical portion of the examination that is surprising. I found it was all very well laid out in the Certification Bulletin exactly what it is I should know how to do. I have read about several different methods people use to study for the GSE hands-on portion. Personally, I looked through the requirements, and I tried to do the things I wasn't familiar with. I'd like to say there were more steps involved but that was about it. People sitting for the exam are allowed to bring pretty much whatever reference material they want. I have heard of some people bringing in suitcases filled with material. SANS courseware, books, notebooks, cookbooks, and whatnot. I went through some of my courseware and tore a page out here or there on things I wasn't very good at. A page or two on Metasploit (I am not an attacker) a page or two on SQL and that was about it. I think I ended up with probably 40 to 50 pages of reference material that I stuck in my laptop bag. Not exactly a cocktail napkin worth but it was considerably less than I had thought I would bring. My theory of test-taking with any topic is to take as little as I can in the testing center with me. I also never study last-minute. If I open the books before the exam I am bound to read something I forgot, didn't study, or never knew in the first place. That is just going to stress me out and I won't be able to think straight.
On the exam itself, I looked through the exercise(s) and selected the ones I could do. I didn't waste much time with ones I knew were over my head. I did the best I could on the ones I felt good about. And overall I feel good about my exam. Did I pass? Maybe, maybe not. But if I didn't I still feel pretty good about taking the exam.
There seems to be alot of anxiety among people who hold GIAC certifications when it comes to taking the GSE. I think that is unfortunate because it really is a great certification. Someone needs a broad base of knowledge to even sit for the exam, and the addition of the practical really makes a difference. One statement that has been consistently made about the GSE is that it is fair. I strongly agree. There is nothing in the MC or practical examination that is not clearly stated on the certification bulletin. No tricks, nothing from left field.
Part of me would like to build up the examination and tell everyone how grueling it was, but that just isn't true. It's comprehensive, but not all that bad. If you have looked over the tasks, have some real-world experience, and practice doing things you aren't familiar with, then you can expect to do pretty well. There was alot of feedback years ago when GIAC dropped the practical portion of their certification exams. The GSE is heavily based on applied knowledge.
So about the actual exam, well what I can say anyway. It was the Saturday/Sunday before the conference actually started. There was a two-day course next door taught by Mr. John Strand, otherwise the conference center was empty of SANS attendees. Each day had two sessions, morning and afternoon. It was two full days - Sunday I think we even started early. Saturday morning seemed to be the worst day for everyone. I can really only speak for myself but I definitely heard alot of paper shuffling going on. Another method I used during the exam was that I was graciously given permission to use my iPod. I am not a multi-tasker; everything distracts me. So listening to music definitely helped me take the exam. I wasn't listening to books thumping around, sighing, chairs moving, coffee slurping, or anything other than The Who and whoever else was on that playlist. I did take care that none of the other exam takers were distracted by me.
Saturday afternoon was better than Saturday morning, but Sunday afternoon was not for the faint of heart. It happened to be on topics that I was a little shaky on, so I did the best I could, then when there was about half-hour left, I decided I would call it a day. I got up, walked around outside and then sat outside the room on a bench until the exam was concluded.
It takes up to 30 days for the results to be distributed to the candidates so no news for at least a little while. Overall I had a very positive experience and the exam was actually really fun to take. The one thing I can definitely tell people who have not taken the exam is that I really enjoyed it. It was challenging, for sure. But there is something about getting handed a set of exercises and trying to poke your way through them that is enjoyable to me. The best part was seeing a task that I really didn't think I could do, and figuring it out. It was worth it just for that - and it by far outweighed the ones I couldn't do.
I reserve the right to go back and edit this more later!
There is nothing in the practical portion of the examination that is surprising. I found it was all very well laid out in the Certification Bulletin exactly what it is I should know how to do. I have read about several different methods people use to study for the GSE hands-on portion. Personally, I looked through the requirements, and I tried to do the things I wasn't familiar with. I'd like to say there were more steps involved but that was about it. People sitting for the exam are allowed to bring pretty much whatever reference material they want. I have heard of some people bringing in suitcases filled with material. SANS courseware, books, notebooks, cookbooks, and whatnot. I went through some of my courseware and tore a page out here or there on things I wasn't very good at. A page or two on Metasploit (I am not an attacker) a page or two on SQL and that was about it. I think I ended up with probably 40 to 50 pages of reference material that I stuck in my laptop bag. Not exactly a cocktail napkin worth but it was considerably less than I had thought I would bring. My theory of test-taking with any topic is to take as little as I can in the testing center with me. I also never study last-minute. If I open the books before the exam I am bound to read something I forgot, didn't study, or never knew in the first place. That is just going to stress me out and I won't be able to think straight.
On the exam itself, I looked through the exercise(s) and selected the ones I could do. I didn't waste much time with ones I knew were over my head. I did the best I could on the ones I felt good about. And overall I feel good about my exam. Did I pass? Maybe, maybe not. But if I didn't I still feel pretty good about taking the exam.
There seems to be alot of anxiety among people who hold GIAC certifications when it comes to taking the GSE. I think that is unfortunate because it really is a great certification. Someone needs a broad base of knowledge to even sit for the exam, and the addition of the practical really makes a difference. One statement that has been consistently made about the GSE is that it is fair. I strongly agree. There is nothing in the MC or practical examination that is not clearly stated on the certification bulletin. No tricks, nothing from left field.
Part of me would like to build up the examination and tell everyone how grueling it was, but that just isn't true. It's comprehensive, but not all that bad. If you have looked over the tasks, have some real-world experience, and practice doing things you aren't familiar with, then you can expect to do pretty well. There was alot of feedback years ago when GIAC dropped the practical portion of their certification exams. The GSE is heavily based on applied knowledge.
So about the actual exam, well what I can say anyway. It was the Saturday/Sunday before the conference actually started. There was a two-day course next door taught by Mr. John Strand, otherwise the conference center was empty of SANS attendees. Each day had two sessions, morning and afternoon. It was two full days - Sunday I think we even started early. Saturday morning seemed to be the worst day for everyone. I can really only speak for myself but I definitely heard alot of paper shuffling going on. Another method I used during the exam was that I was graciously given permission to use my iPod. I am not a multi-tasker; everything distracts me. So listening to music definitely helped me take the exam. I wasn't listening to books thumping around, sighing, chairs moving, coffee slurping, or anything other than The Who and whoever else was on that playlist. I did take care that none of the other exam takers were distracted by me.
Saturday afternoon was better than Saturday morning, but Sunday afternoon was not for the faint of heart. It happened to be on topics that I was a little shaky on, so I did the best I could, then when there was about half-hour left, I decided I would call it a day. I got up, walked around outside and then sat outside the room on a bench until the exam was concluded.
It takes up to 30 days for the results to be distributed to the candidates so no news for at least a little while. Overall I had a very positive experience and the exam was actually really fun to take. The one thing I can definitely tell people who have not taken the exam is that I really enjoyed it. It was challenging, for sure. But there is something about getting handed a set of exercises and trying to poke your way through them that is enjoyable to me. The best part was seeing a task that I really didn't think I could do, and figuring it out. It was worth it just for that - and it by far outweighed the ones I couldn't do.
I reserve the right to go back and edit this more later!
01 July, 2010
Got the car back
The honest mechanic waved his magic wand and a small fortune later, we have the car again. Total walking the last week was about 20 miles or so. On looking back - I am surprised, well... not surprised. Dismayed, at how few people walk. The car is completely ubiquitous where I live. Every family but mine seems to have two cars at least. Consequently, things of my past like neighborhood grocery stores (and schools) are gone forever. No longer do my neighbors and I need to have a store in walking distance to get milk and vegetables or a fresh sandwich. We used to have about ten places one could get a fresh pizza, now probably four or so, mostly chains like Domino's or Pizza Hut. No offense, but those are pretty much the same everywhere. Even my own neighborhood is as dead as caesar. It's a ghost town where no one is ever home, or if they are, they never go outside. Up and away early and home late, kids too tired after a long day at the care providers to play outside.
24 June, 2010
No car - day four
Today was all walking in the rain, fog, and drizzle, which was a total drag. People drive by and make no effort to avoid puddles or ditches. Consequently I got soaked from the waist-down by the time I got home today.One guy actually splashed up a nice little stone that hit me in the neck with considerable force. "Hey guy walking in the rain! Here's something a little special for you!" It is when the weather is poor that I notice things like uneven sidewalks, missing sidewalks, and other issues pedestrians must face daily.
So to work (1.8 miles), library (.25), bank (.6) then to the sandwich store (.4) then home 1.9 so roughly 5 miles today. Walking home from the sandwich shop, I felt a strange melancholy approach me. I thought as I walked, what am I feeling and why? I wonder what should cause me to feel down? The weather? As I reached my street I realized what it was. A wet paper bag. The sandwich shop had put my sandwiches in a paper bag, which had gotten quite damp in the drizzle. The smell o the moist paper had instantly transported me to the long walk to school with my lunch packed and carried in a paper sandwich bag. Funny how things can spark memories like that. Although I would just as soon have passed on this one.
So to work (1.8 miles), library (.25), bank (.6) then to the sandwich store (.4) then home 1.9 so roughly 5 miles today. Walking home from the sandwich shop, I felt a strange melancholy approach me. I thought as I walked, what am I feeling and why? I wonder what should cause me to feel down? The weather? As I reached my street I realized what it was. A wet paper bag. The sandwich shop had put my sandwiches in a paper bag, which had gotten quite damp in the drizzle. The smell o the moist paper had instantly transported me to the long walk to school with my lunch packed and carried in a paper sandwich bag. Funny how things can spark memories like that. Although I would just as soon have passed on this one.
22 June, 2010
No car, day three
This morning, I walked to work as usual. 1.8 miles, so far so good. I ended up taking a half-day off to deal with the car, so I walked home around 11, stopping to buy a birthday present for a boy who is turning 5, and for whom my 4yo is attending a birthday party to-morrow (ride pending) I couldn't find a kazoo so I had to settle for a Toy Story 3 Pez dispenser and some kind of a sticker book. Everything is too expensive to get really cool stuff, besides, every dollar counts especially when I don't know what the repair bill will be.
So then I get home (1.8 miles) and walk to the local tow truck driver (1/4 mile), whom I had called in the morning. He was nice enough to give me a ride to pick up and deliver the car. Well, small SUV I guess. It's amazing how far please and thank-you will get you. He gave me a ride and offered to wait for me at the garage to take me back home, which I kindly declined. Now my wife would argue that I am a perpetual potential crime victim due to being too trusting and friendly. Even giving people a ride when I probably ought not. But sometimes simple human kindness must win.
They gave some words of encouragement at the garage. Perhaps it won't be so bad. We shall see.Then walked home (2 miles) for a grand total of 5 miles on foot today. To-morrow I get to walk to the insurance company to take my receipt from the tow truck driver. Luckily we have roadside assistance as part of our car insurance (Thank you State Farm) so we can be re-imbursed. But it will be a long walk and in the sun it will probably be a drag.
So then I get home (1.8 miles) and walk to the local tow truck driver (1/4 mile), whom I had called in the morning. He was nice enough to give me a ride to pick up and deliver the car. Well, small SUV I guess. It's amazing how far please and thank-you will get you. He gave me a ride and offered to wait for me at the garage to take me back home, which I kindly declined. Now my wife would argue that I am a perpetual potential crime victim due to being too trusting and friendly. Even giving people a ride when I probably ought not. But sometimes simple human kindness must win.
They gave some words of encouragement at the garage. Perhaps it won't be so bad. We shall see.Then walked home (2 miles) for a grand total of 5 miles on foot today. To-morrow I get to walk to the insurance company to take my receipt from the tow truck driver. Luckily we have roadside assistance as part of our car insurance (Thank you State Farm) so we can be re-imbursed. But it will be a long walk and in the sun it will probably be a drag.
21 June, 2010
No car, Day Two
So this morning, we need some things at the grocery store. Had this been June 20th, 1977 instead of 2010, I would have had several neighborhood grocers from whom I could choose. Some less than a hundred yards from me. But alas, good riddance to 1977, but I am envious of the convenience of shopping for someone on foot in that day, which I certainly was.
The sidewalks are uneven, broken, and missing in many parts of town. We have some new traffic lights which blast out in a frighteningly loud electronic voice "WAIIIIITTTTTT!!!!!!!!!" when you push the indicator signal. Then when this brand new pedestrian-protection device cycles through, THEY STILL DO NOT GIVE YOU TIME TO CROSS THE STREET.
I purchased canvas bags from the grocer instead of the normal plastic, they promptly packed them unevenly and successfully talked me out of thinking my milk had a hole in it. (It did! :-{ ) These recycled material bags, or burlap, or whatnot, are not made for smaller people. When I hung them from my arms, they scraped the pavement and eventually had holes in them by the time I made it 1.74 miles back home. Round trip 3.5 miles, total time shopping and walking - about 90 minutes or more.
Tomorrow I need to call the insurance company because I think I can get a free tow. I also need to call the garage to find out what it could be, how much it will cost, and whether they want to do it. This summer could be hardcore.
The sidewalks are uneven, broken, and missing in many parts of town. We have some new traffic lights which blast out in a frighteningly loud electronic voice "WAIIIIITTTTTT!!!!!!!!!" when you push the indicator signal. Then when this brand new pedestrian-protection device cycles through, THEY STILL DO NOT GIVE YOU TIME TO CROSS THE STREET.
I purchased canvas bags from the grocer instead of the normal plastic, they promptly packed them unevenly and successfully talked me out of thinking my milk had a hole in it. (It did! :-{ ) These recycled material bags, or burlap, or whatnot, are not made for smaller people. When I hung them from my arms, they scraped the pavement and eventually had holes in them by the time I made it 1.74 miles back home. Round trip 3.5 miles, total time shopping and walking - about 90 minutes or more.
Tomorrow I need to call the insurance company because I think I can get a free tow. I also need to call the garage to find out what it could be, how much it will cost, and whether they want to do it. This summer could be hardcore.
Subscribe to:
Posts (Atom)