Passed the GIAC GCIA Exam…

Last month I passed the GIAC GCIA (Intrusion Analyst). I found the exam to be much more difficult than my previous GIAC Exams, primary for two reasons:

1) There were a number of tools that had been discussed in the class… There were a number of questions on the exam about these tools–Not “In what situation would you use this tool?” questions, but “What syntax would you use to get this output?” type questions. Most of the syntactical answers were esoteric switches that were neither mentioned in class, nor in my study books, which was why it was very frustrating to find it on the exam. I flagged these questions for review by GIAC, as I don’t think that they were legitimate.

2) The other reason why this exam was more difficult, was that a number of the questions requried a bit of actual work & calculation, instead of just looking up the right answer–Though this made the exam much more difficult, I thought it was a great change from my previous GIAC exams, as it took it one step closer to real life experience, rather than just “multiple-guess.”

I will be working on my GCIA Gold next.

 

-Josh

Tagged ,

3 thoughts on “Passed the GIAC GCIA Exam…

  1. Iman Khosravi says:

    Hi
    First of all i know its late but congratulation for passing GCIA!. hope to see your GCIA Gold.
    i studying for GCIA exam,i just wondering if you can help me finding good resources for the exam.
    i don’t have access to sans materials for GCIA, hope you can introduce me another third party resources.
    Thanks in Advance
    Iman

    Like

  2. Josh says:

    @Iman

    If you dont have access to SANS materials, I would suggest taking a look here at the bulleted list of topics that are covered: http://www.giac.org/certification/certified-intrusion-analyst-gcia

    Take each area, and do make sure you are very familiar with it. For instance:

    “DNS – The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes.”

    Start out on the Wikipedia DNS article, and then read the sources for DNS. Google “DNS Attacks” etc Setup you own DNS server Windows or Linux. etc.

    Hope that helps.

    -Josh

    Like

  3. Shankar says:

    HI Josh,

    First of all congrats on your GCIA exam. I found this book to be usefull for passing GCIA exams.

    Giac Certified Intrusion Analyst Certification (Gcia) Exam Preparation Course in a Book for Passing the Gcia Exam – The How to Pass on Your First Try (Paperback)
    by Tom Hopkins.

    But i am not sure about the contents of this book… Can you please suggest ?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s