How to Pass Any SANS / GIAC Certification on Your First Try

The Cyber Mentor
25 May 202214:31

Summary

TLDRIn this informative video, TCM discusses strategies for passing the GIAC certification, a crucial step for becoming a Qualified Security Assessor (QSA) in the PCI industry. TCM shares personal experiences and study tips, including the decision to pursue the more expensive but practical SANS certification. He details a methodical note-taking approach using color-coded tabs and an Excel spreadsheet to organize information for quick reference during the open-book exam. The video also offers insights into the value of the certification materials for ongoing professional development and provides a candid perspective on the certification's cost and industry relevance.

Takeaways

  • 📚 The speaker is discussing strategies for passing the GIAC (Global Information Assurance Certification) on the first attempt, which is a certification for cybersecurity professionals.
  • 💼 The speaker took the GIAC certification as part of the criteria to become a Qualified Security Assessor (QSA) for PCI (Payment Card Industry), which regulates credit card payments globally.
  • 📈 The speaker chose the GIAC certification over other options like CISA because GIAC was more technical, hands-on, and open-book, despite being significantly more expensive.
  • 🔍 The speaker used a course called GSNA Audit 507, which included a variety of security tools and scripting languages, and found it to be up-to-date and well-taught, but not worth the cost.
  • 📝 The speaker recommends creating an extensive index of topics from the study materials, using color-coordinated post-it notes and an Excel spreadsheet for organization.
  • 🖨️ The index created in Excel is then printed out and attached to the corresponding books to serve as a quick reference guide during the open-book exam.
  • 📉 The speaker suggests that the time constraint of the exam makes it crucial to have a well-organized note system to efficiently find information.
  • 📝 The speaker also mentions using practice exams to familiarize oneself with the exam format and to further refine the note-taking process.
  • 📑 The speaker used additional cheat sheets provided with the course, although they ended up not needing them during the exam.
  • 🕒 The speaker emphasizes the importance of time management during the exam, given the large number of questions and the limited time available.
  • 👍 The speaker concludes by encouraging viewers to like, comment, and subscribe for more content, and shares a personal anecdote about taking the GIAC certification.

Q & A

  • What is the main topic of the video?

    -The main topic of the video is discussing strategies and tips on how to pass the GIAC (Global Information Assurance Certification) certification, specifically the GSNA (GIAC Systems and Network Auditor) certification, on the first attempt.

  • Why did the speaker decide to pursue the GIAC certification?

    -The speaker pursued the GIAC certification to meet the criteria for becoming a QSA (Qualified Security Assessor) for PCI (Payment Card Industry), which requires two certifications, one from column A and one from column B.

  • What does the acronym 'PCI' stand for and what is its relevance to the speaker's certification pursuit?

    -PCI stands for Payment Card Industry. It is relevant because the speaker needs to become a QSA for PCI to perform security audits related to credit card payments, which requires specific certifications.

  • What was the speaker's opinion on the cost of the GIAC certification?

    -The speaker mentioned that the GIAC certification was significantly more expensive than other options, such as the CISA, but chose it because it was open book/open note and seemed more technical and hands-on.

  • What course did the speaker take to prepare for the GIAC certification?

    -The speaker took the GSNA Audit 507 course as part of their preparation for the GIAC certification.

  • What resources did the speaker use to study for the GIAC certification exam?

    -The speaker used books provided with the course, an Excel spreadsheet for indexing topics, color-coordinated post-it notes, practice exams, and cheat sheets to study for the exam.

  • How did the speaker organize their study materials for the exam?

    -The speaker organized their study materials by creating an index in an Excel spreadsheet, color-coding topics with post-it notes, and stapling the index to the corresponding books for easy reference during the exam.

  • What advice did the speaker give regarding the use of the provided books and notes during the exam?

    -The speaker advised to use the books and notes as reference guides during the exam, as the open book/open note format allows for it. They emphasized the importance of indexing and organizing notes to save time during the exam.

  • What was the speaker's experience with the practice exams provided with the course?

    -The speaker found the practice exams to be very similar to the actual exam, which helped them understand what to expect and how to use their notes effectively during the test.

  • What is the QSA program and how does the speaker feel about it?

    -The QSA (Qualified Security Assessor) program is a requirement for performing security audits for PCI. The speaker feels that the program is somewhat like a pyramid scheme, but acknowledges that it is necessary for their career goals.

Outlines

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Mindmap

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Keywords

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Highlights

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Transcripts

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now
Rate This

5.0 / 5 (0 votes)

Related Tags
GIAC CertificationStudy TipsCybersecurityAuditingExam PreparationTechnical TrainingCertification StrategyOpen Book ExamProfessional DevelopmentSecurity Auditing