Today I completed the GIAC GPEN certification. The test took approximately 2:30, was open book, and more difficult than I assumed! For those that have taken a SANS course and a GIAC exam, you know the importance of a thorough index! Since these tests are open book and open notes, knowing where to find the answer (quickly) is key for most test takers… However, GPEN was different.
I didn’t find my index (about 6 pages in very small font) very useful, which was common sentiment amount other students. The majority of the questions tended to favor hands on penetrating experience, deep knowledge of OS’s, and familiarity with open source tools. The best training I had was doing the SANS 560 CTF and Netwars Continuous.
If you are looking at taking the GPEN make sure you study heavily in the named domains, understand the business of penetration testing, and get plenty of hands on training with BOTH Windows and Linux security tools!!!
After all was done I received a 93%, so I still have room for improvement! Leave any questions below.