How I prepared for my GIAC GPEN exam

In: Security
Published on 2016-12-06
Written from the perspective of a computer security analyst.

Last month I took the GIAC Penetration Tester certification exam as a conclusion to the course in Network Pentesting & Ethical Hacking I took with SANS in september. At the final exam, I ended up with a score of 86%, with which I am quite content. :)

In this short article I want to share with you why I chose this certification and how I prepared for the exam.

Why the GIAC Penetration Tester certification?

The GIAC GPEN certification is my first infosec certification. Before taking the course and the exam, I made sure that my chosen certification was valued within the infosec community (and not just by HR people or C-level managers). What has helped me to decide which course/certification to take was reading other people's opinions and experiences.

Lesley Carhart has discussed the value of certifications in this blog post, which is part of her infosec career series.

Eventually I decided to take the SANS course and GIAC exam since the SANS courses consist of both theory and practice. I specifically decided to go with the network pentesting course for two reasons. After leaving university, it turned out that my networking knowledge could definitely use some improvement. Secondly, I find that the offensive side of security interests me tremendously.

Exam preparation

I followed these steps to prepare for the GPEN exam:

1. Read all official exam information from GIAC
2. Read about other people's experiences with GIAC exams
3. Schedule the exam
4. Make an index
5. Use your practice exams
6. Take the exam
7. Celebrate

1. Read all official exam information from GIAC

GIAC has a nice overview of the certification process. They also have a page about exam preparation. Needless to say, it is a good idea to read these before you start preparing for your exam!

2. Read about other people's experiences with GIAC exams

Many people have written down their experiences with taking a GIAC exam. A bit of smart Google-ing goes a long way. The following blogposts have helped me prepare for the exam:

• JDMurray has described his study plan and exam experience in great detail.
• Josh Armentrout has written multiple posts on how he took the GSEC and GCIA exams.
• Lesley Carhart has included a page with tips for taking GIAC exams on her website. She holds 5 GIAC certifications, so she's had a lot of experience taking these exams.

3. Schedule the exam

When picking a date for the exam, make sure you have plenty of preparation time. If you are planning to make an index of the SANS lecture notes and you have a busy day job, a week is not enough!

You have to take the GIAC exam at a proctored exam center. On the website of Pearson-Vue you can check the location and availability of the exam centers. When you have selected the center of your choice, you can pick a date and a time slot. When I tried to schedule my exam, the scheduling website failed multiple times. Be sure to set some time apart for booking a time slot with Pearson. ;)

4. Make an index

Every person has their own way of studying for a test. Since GIAC tests are open book, the most common way of preparing for a GIAC exam is making an index for the books you want to bring. Most people will use the SANS course books. For my GPEN certification, this meant indexing over 1000 pages of lecture notes.

I took a month to make my index, taking one day a week to go through one of the books. After a whole day of cramming powershell commands, tackling the stack of SANS books can feel a bit overwhelming. Taking some time between study sessions was a good way for me to let the theory sink in for a bit.

My index was fairly simple and consisted of a spreadsheet with columns "concept", "book_nr", "page_nr" and "description". I tried to put as much information as possible in the description field, since this saves you a lot of time during the exam.

I brought two copies of my index to the exam: one with the concepts in alphabetical order, and one in the original page order of the SANS book. I did this because related terms are often mentioned in the same part of the same book, which makes it easier to find a term if you don't know the exact name.

5. Use your practice exams

When you register for a GIAC exam, you get access to two practice exams. You can take these online via the GIAC website. The practice exams are a great way to prepare for the real exam. The format and time limit is the same as you will get in the proctored exam center and the practice exams will also give you feedback about the different exam topics. During the practice exams, you can also get immediate feedback about incorrectly answered questions. Taking one of the practice exams with your index and books only (no internet) is also a good way of checking the quality of your index.

6. Take the exam

Don't forget to bring two forms of ID and your books + index, and don't worry too much. :) Just do it!

7. Celebrate

When you have passed the exam, it's time to celebrate! Don't forget this step! It's very important. ;) After I passed the exam, I treated my colleagues to traditional Dutch oliebollen.