HOW/WHY I CHOSE TO TAKE THE GSEC:
So the reason I chose to take the SANS GSEC is because my company pays for its employees to get certifications. So although, SANS carries a hefty price tag on its certifications, I did not have to foot the bill for it. (SANS does offer scholarships for some of their certifications if you meet certain criteria https://www.sans.org/cybertalent/seekers for more on this.)
I had heard of SANS and how reputable their certifications are through my company and through online forums.
I had just graduated from college and doing the degree coursework was the reason why I didn’t have much time to learn outside of work about cybersecurity so I felt it was the perfect time for me to dive in deep!
I also didn’t come from previous knowledge of cybersecurity beyond the basic requirements from my degree program. I wanted to do a certification that teaches and verifies foundational cybersecurity knowledge and I found that in the GSEC.
I chose to take the GSEC “package” which includes the class, books, two practice exams, and the actual exam.
I asked to have the class be virtual “On Demand” because the classes are usually 6 days, very long days, and I didn’t have the ability to commit myself to that schedule because of my son and his schedule.
HOW I STARTED STUDYING FOR THE GSEC:
GSEC is an open book, open note exam. That does not make it easy by any means. Some questions can be very specific and be found in one sentence in a sea of thousands of pages so you need to know exactly where you’re looking for what you’re looking for. It’s 180 questions and I believe a five hour exam and every minute counts. There’s an index included in the last book but this is not an all inclusive index and I only used it if I had NO idea and I didn’t index for what the question was asking me. This is why people create their own index for use on the test.
When I first got access to the videos and received the books, I was very slow to start. I think there was definitely a little fatigue from just graduating college and seeing as the exam was four months away, I started procrastinating a little bit.
I started with the videos and watched them for two to three hours at a time. A few weeks of that and taking light notes, I realized that I wasn’t learning as much as I should be and that a better strategy would be to read the books first, since there’s SIX, do the labs, and then watch the videos as a sort of “refresher” before taking the exam.
So I paced myself. Set a goal of reading 30 pages a night on weekdays and 50 each on weekends with some days spread out here and there to take the night off and enjoy a Netflix show or spend time with my son. I budgeted each book calculated with how many pages I read a night, when I should finish the book by and did that for each of the six SANS books. I read each book highlighting important phrases and sections through the more than 1600 pages of the combined SANS GSEC reading. I went through four highlighters doing this. I also would write down the main idea from some particularly wordy sections but later on stopped because it took a lot of time.
Next, I budgeted a week from when I was finished with the SANS reading and before I took my first practice exam to create an index all six books. (A lot of people index as they read but I felt it would slow me down so I did this last.)
For this, I used Excel and Lesley Carhart’s guide to indexing for SANS exams. You can find that here: https://tisiphone.net/2015/08/18/giac-testing/
So I would choose a color that would represent each book. go page by page and add words, commands, phrases, and ideas, literally “over-indexing” as much as possible.
I also used sticky notes and marked each new module in the book and correlated the color of the sticky note to the color I used in Excel.
When I completed the index, I made the first column alphabetical, and saved as a PDF to print and add into protective sheets and rings.
When taking the practice tests, I imitated the testing environment as much as possible. On my first practice exam, I failed with a 71%. I felt very discouraged but during the exam I took a lot of notes on what things weren’t included in my index. At the end, SANS even gives you a synopsis of what topics you knew well and which you didn’t. Using that synopsis and all of the notes I took, I added dozens of new index values and went back and read entire sections and modules of things I didn’t know well and kind of “ignored” the sections I knew well because I didn’t need to refresh.
The next weekend I took the second practice exam with the same mock test environment. I scored an 80% (I passed) Again though, taking notes on things I didn’t know and repeated module focused studying with the second synopsis.
A week later, on test day, I scored an 88%!
What I did wrong:
I would say I probably should have watched the videos, I never ended up going back to them and I think it would’ve been an excellent review before taking the exam. The teacher was great, very engaging. I think I just felt I wasn’t picking up what I needed to without looking at the words on a page (we all have different ways of learning).
I should have read and indexed. Probably could’ve included more if I was simultaneously indexing important ideas because I’m sure I missed some and could’ve had a better index.
What I did right:
Color coding. I think color coding saved me so much time on the exam. I could take a quick glance and know which was the right book. All of the books look exactly the same so when distinguishing which to grab to find the answer on the exam means you have to read the cover and make sure you grabbed the right one. Color coding gets rid of having to do that.
I think taking notes in the book and summarizing big ideas in the margins and bottoms really helped. I recalled it better. Sometimes the answer I was looking for was something I literally wrote down and it also helped me find what I’m looking for without having to look at the small print for an answer in paragraphs of sometimes, unimportant information.
Conclusion:
I loved taking the GSEC. It was a lot of hard work and a lot of information crammed into a small four month time span but I feel so proud of myself and genuinely feel like I know a lot more about cybersecurity than I did before.
I’m so appreciative to have been able to sit for this exam and even more grateful that I passed. This was a very encouraging certification as now I have the foundational knowledge of cybersecurity and know I can start building on that.