Cracking the SANS GSEC Certification

My experience and tips on the SANS GSEC certification exam and the SEC401 course.

Introduction

The SANS GIAC Security Essentials (GSEC) certification is for anyone working in the field of Information Security, whether you are a Software Engineer, an Information Security Engineer, or a Product Manager.

In this article, I share my experience of taking an online on-demand SANS SEC401 course, my preparation and tips for the certification exam, and why the course and exam could be useful for you.

General Info

Before the certification exam, I took the SANS course — SEC401: Security Essentials: Network, Endpoint, and Cloud. Due to the COVID-19 pandemic, the course was offered live online or online on-demand. I took the on-demand version, where I had access to pre-recorded training videos for 4 months. I started the course on February 6th, 2021. SANS mailed me the printed course materials before the start of my course. The printed materials included 6-course books and a workbook. When writing this article, SANS gives an option to attend the course in-person, live online, or online on-demand.

As a Software Engineer in a Cloud Security team, my objective in taking the course was to:

• Refresh fundamental concepts of Computer and Network Security
• Learn about Windows and Network Security
• Get hands-on experience with some security/network tools

Here are the high-level concepts covered in the course:

• Network Security Essentials
• Defense in Depth
• Vulnerability Management and Response
• Data Security Technologies
• Windows Security
• Linux, Mac, and Smartphone Security

If you take the course in-person or live online, those 6 concepts will be covered in 6 days of the training. Each concept has a theoretical and a lab component. The labs give you hands-on experience to apply the theoretical understanding in a controlled simulated practical setup. SANS provides a Virtual Machine image with all required tools and components for the labs.

I took and passed my GSEC certification exam on June 5th, 2021. The exam format was as follows:

• 5-hours long exam
• All Multiple choice questions
• Open book (you can take the printed materials provided by SANS to the exam)
• 180 questions

I enjoyed going through the topics in the course and doing hands-on lab assignments.

Tips and Tricks for the exam

Based on my experience, here are some tips:

• Take practice exams — the practice exams help you get an idea about the type of questions to expect in the exam
• Go through topics in the lab section a couple of times before the exam
• Label the course books so that it is easy to find specific topics during the exam

Drawbacks

This course and certification exams are really expensive. I would not have signed up for the course or the exam if my company had not paid for it. So, before you plan on signing up for the course and the certification exam, check with your manager or your company if they are willing to pay the amount for the course and the certification exam.

At the time of writing this article, the cost of the course was $7,640 USD. You have to pay an additional $849 for the GSEC Certification.

Final Thoughts

These are my thoughts on the course:

• Since I took the on-demand version of the course, it was up to me to manage my time to watch the recorded lectures, do the hands-on labs, and prepare for the exam.
• SANS provided as much help as possible if I had any questions on certain topics. I had options to either chat with an instructor during specific hours in the day or email them the questions. I received prompt replies on both options.

Here are my thoughts on the exam:

• The exam is not difficult, in terms of the concepts that are covered.
• If you have been working in the field of Information Security for a year or two, you will already be familiar with some of the concepts. Depending on your domain of work, you may have even used some of the tools that are part of the hands-on (lab) portion of the course, which appear on exam questions as well.
• Importantly, in my opinion, if you are patient, and have properly labeled your course books, then you can easily pass the certification exam.

Also published here.