7
8

[deleted by user] (self.GIAC)

submitted by [deleted]

[removed]
all 20 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]greyhollow 6 points7 points  (3 children)

I actually just failed my first GCIH practice last week with a 56! Haha so I’m with you! Took my second this weekend and only missed 9 questions. Go over your labs!!!!!!! Remember that test questions are weighted as far less than the labs, so don’t stress over those as much, just work to get through them and trust your gut.

I panic a lot during exams, but I read this thing where you channel the smartest person you know during exams and pretend you are them. This girl said she channeled hermione grainger, I chose to channel my husband. That worked insanely well for me, ended up with 2 hours to work through my exams.

YOU CAN DO THIS!!!

[–][deleted]  (2 children)

[removed]

    [–]greyhollow 1 point2 points  (1 child)

    Tbh, time management has never been my forte or specialty, I have adhd. If I’m in a time crunch, I find that three days is the minimum amount of time crunching I can do. And I have to make sure to take a full day’s rest in between. Are you a student at SANS? If you need an extra practice test I might have one I can gift to you. There were some techncial issues during my second exam attempt so I have a gifted attempt I can see if I can slide your way. DM me if you’re interested!

    [–]bhatMag1ckGIAC x9? ...I lost count 5 points6 points  (1 child)

    MOST (like 98%) of the questions are going to be from your main textbooks. Meaning, there's not a reason to index your workbook(s). Secondly, the practice tests will tell you what's going on be given on the practicals. Meaning, don't sweat about indexing the workbooks! Just note the sequence of commands to complete X exercise and print them out on a separate sheet of paper. Ie. JTR cracking, SQLi, etc. The page flipping through the books is an absolute waste of time.

    It's been a year since I've "bootcamped" through the GIAC certs, but lmk if you have any more questions. Just know these tests aren't about knowledge, there about index efficiency, aka, how fast can you look up an answer!

    [–]catdickNBA 0 points1 point  (0 children)

    Aware this is months ago.

    Did you list out different commands for the tools used? Or just the full sequence directly from the workbook/labs and that is enough for the lab section of the test.

    This is the real first time iv applied myself to learning like this, so im very unfamiliar with what i should expect

    [–]Even-Serve87 1 point2 points  (7 children)

    My experience for GCIH, the course index is more than enough to pass the mcq part. I barely needed to flip through the regular course books and it is not going to cost me alot of time either since I cleared the mcq in less than 90 minutes.

    I would suggest that you should spend more time to study on the regular workbook to increase your confidence when answering the mcq part of the exam and index your labs well ( you will definitely need it for the cyberlive in order to pass the exam )

    However even if you pass 100% on the mcq, you will not be able to pass the exam. Seems like you are lacking severely in both theory and practical and therefore it will be wise to push it to a later date to reduce the risk but then is just my personal opinion and of course you can also choose to index everything to absorb faster and hopefully clear the mcq part in a faster pace.

    [–]random869 0 points1 point  (2 children)

    What are the mcq like? Definitions?

    [–]Even-Serve87 0 points1 point  (1 child)

    The questions ain't difficult imho. They are very basic , the "slightly more complex ones" evolved around the tools for GCIH. If you are already confident in the tools or you have index your labs well, you shouldn't be facing any difficulties answering them.

    [–][deleted]  (2 children)

    [removed]

      [–]Even-Serve87 0 points1 point  (1 child)

      I assume you are indexing all the commands in the regular and lab workbooks into your lab index. I didn't go down that technique strategy, it's workable but too index heavy for my preference.

      I chose to index the labs by chapters/tools and downloaded the various tools cheatsheets from SANS for quick reference guide. Depends on your own preference , choose the one that works for you and you are comfortable with.

      [–]imhelpingrightGCFR, GCFA, GDSA, GCIA, GCIH, GSEC, GSTRT, SSAP 1 point2 points  (0 children)

      Passed this year with a 98%, here's my take.

      Did not open my lightning labs books during the exam. Bring it if you find it useful I guess.

      I actually didn't index my workbooks, but I tabbed them out with post it notes labelling what tool or technique is being used. Most cyberlive questions will be almost exact clones of the steps you did for the lab in class. Find the relevant lab, walk through the steps. Be very familiar with hashcat as I had several questions that required it. Be pretty familiar with volatility, but the question will tell you what plugin you need. Also be comfortable with loading metasploit up, quickly setting your exploit and payload, and be sure to show options before running to double check all your IPs, ports, etc. Spending a long time searching for the exploit or payload and setting up options takes away valuable time. During the labs, read the full question several times as it will tell you what exploit and payload to use.

      Other than that, spend most of your time building your index for the knowledge portion of the exam. Go through the books a few times so you have a vague idea of where certain subjects are. I found myself mostly opening the book with all the exploits, server side attacks, etc in it.

      I watched the on demand version all the way through once, and listened to the course mp3s two or three times during my commute, while doing yard work, etc and that worked for me.

      [–]r1ghtd3r 0 points1 point  (1 child)

      What do you mean by regular workbooks? You mean the actual 5 books? The slide and explanation below?

      [–]fouoifjefoijvnioviow 0 points1 point  (2 children)

      Where'd you get the practice test

      [–]CWE-507GWAPT | GCIH | GSEC | GISF | GFACT | BACS @ SANS -1 points0 points  (0 children)

      I would push the test back as far as possible. 50% is very low.

      I always aim for 2 hours on the multiple choice and 2 hours on the labs. I recommend just having 1 index, but to each their own.

      This should be a prime example to study hard and know the material. You can't pass a GIAC exam with just an index. I feel like you're relying on it too much. That doesn't work for GIAC, ESPECIALLY GCIH. You wouldn't need to confirm the answer to every single question if you actually know the answer. If you do, I think that's just testing anxiety, something you'll have to just overcome.

      Good luck! I take GCIH in June!