Category Archives: GSE

GSE Exam in SANS Network Security 2010

Posted on by
3

Been a busy few months in the real world with work, life and everything else.

Since passing the GSE written exam, I’ve been building up a lab, practical practice examples and a stock of reading reference materials. I’ll blab on about the books and what they are at some later point. An interesting aside, some of the operating systems used in the GSE exam have been updated. Backtrack 1 now becomes Backtrack 4 and Fedora 4 becomes Fedora 12 so a great time to master more current OS’s.

The two day practical part of the GSE exam takes place in Las Vegas on the 18th and 19th of September. This means I’ll finish two days of examination hell just in time for the SANS Network Security 2010 conference

As I’m in Las Vegas and SANS is running on of its biggest conferences of the year, I’d be remiss to not try to squeeze in a bit more training.

I’ve applied to be a volunteer as part of SANS work study program and crossing my fingers to be accepted. With forty courses on offer, my number one choice is Steve Sim’s Developing Exploits for Penetration Testers and Security Researchers.

This course is really out of my comfort zone and a huge challenge in itself, nevermind the GSE study that I’m doing. I’ve only really played with the skills the course has taught while studying for OffSec’s PWB exam, but the topic is compelling and will help lift the shroud of script kiddie tools that I use. With both Steve Sims and Jim Shewmaker teaching the course it, should be absolutely brilliant to be able to learn from both these guys and mature my understanding this complex piece of IT security.

I’ve noticed that some very smart cookies are taking this course, including Wesley McGrew. Great, real security researchers, coding gurus and me. Well,  at least I know I asking the person sitting next to me what this all means  should get a sensible answer  :-)

Passed the GSE written exam

Posted on by
Reply

Pretty pleased with myself after passing SANS’ GSE written exam.

The exam was very fair and tested knowledge and skills from all three courses. Had a few sweaty palm moments and a couple of “Doh!” when picking the wrong answer.

Now for the hard work and study to get ready for the two day practical. Will be charting the progress on the other blog to avoid insanity slip in here.

GIAC Security Expert (GSE) certification

Posted on by
1

I decided to take a very large leap and attempt one of the toughest, non-specialised, security exams out there, the GIAC Security Expert (GSE) certification

As of today only 16 people hold this qualification. I’ve meet a few of those that hold this certification and am in no doubt they know their security stuff.

I have to pass a grueling multiple choice exam comprising of 150 question from three SANS courses, 401, 503 and 504, in three hours. Pass mark is 75% – that’s 114 out of the 150 questions.

That’s one foot and a quarter of study and review. Roughly around five kilos of SANS books.

When (note the positive thinking and projection) I pass that then I get allowed to attempt the two day practical hands on lab and exam. This is currently only held in the States.

I’m going to chart my tears, sweat, study, practice labs and progress on here for what I hope to be many, many more folk to become GSE certified. 

Why do this to myself?

This is for me to see how much of the years of studying and training on the defensive side has actually sunk in. The two day practical will push me out of any comfort zone I’d like to hide in and give me a real experience of dealing with people a heck of a lot smarter than I am while explaining what I did to protect their systems while under fire. I want to see how I handle this type of situation and pressure.

To me this is more about the experience of those two days and proving I can survive them, than gaining the title of GSE.

A current GSE, Kevin Bong has written this piece on the GSE  and it’s well worth the time to read.