GFACT Exam Review

Posted Dec 1, 2024 Updated Dec 1, 2024

By Abhishek Praveen

views 5 min read

GFACT Exam Review

SANS Institute Trainings and Certifications have always been placed in an elite league when it comes to industry recognition. This blog post details on how I was able to achieve my first SANS certification and strategies I used during the exam preparation. A friendly remainder that the course and certification contents are updated periodically, so please refer to the official websites also if you’re planning to appear for the same.

Backstory

Back in 2020 when I started learning about Cybersecurity, I came across the LinkedIn profiles of many Cybersecurity experts with multiple SANS certifications to their name. Upon researching further about SANS institute, GIAC certifications etc., I discovered the immense value this certification brings into your professional success. Considering the cost associated with each of those certifications, I wasn’t sure if I would ever be able to pursue any of them.

But yeah, the universe had its own way of doing things. Little did I know that was going to take my first SANS course and subsequently become a GIAC certified professional in 2 years time. I got a podium finish in a CTF sponsored by SANS and got access to the SEC 275 Foundations: Computers, Technology, & Security course along with GFACT certification attempt as the CTF Scholarship.

Overview of the Course and Certification

The terms SANS and GIAC have been used interchangeably across multiple places on the internet, and to get more clarity, let’s view it this way. SANS institute provides training courses on different domains in Cybersecurity, and GIAC is a certification entity founded by SANS in 1999 to provide vendor neutral certifications linked to SANS training courses.

SEC 275 Foundations: Computers, Technology, & Security is a foundational level course that provides fundamental cybersecurity knowledge and skills to students with no prior technical knowledge or work experience. It helps you gain real world understanding of various aspects ranging from the basics of Computer Components and Concepts to not so basic Offensive Security Concepts.

Exam Preparation and Tips

I got access to the learning materials during the last week of September 2021 and had around 4 months to learn and attempt the exam. I was in the final year of my bachelor’s degree and juggling GFACT preparation with a major project that focused on a completely different domain was a daunting task.

Listing down few preparation strategies which helped me:

Familiarize yourself well with the books and labs
Read all the text books at least once , watch the videos and work on the labs provided in the SANS foundations platform in parallel if you have access to the same.
Index , Index and Index
Though there are a lot of resources online about indexing, I would suggest you to pick one and tweak it according to your needs. Our objective is to know where information about a particular concept is located to verify our answers before submitting it.
I did indexing in the following way:
- Prepare a few columns in a sheet with the titles: Book, Topic, Subtopic, Page number, Comments, etc. These topics can be about a technology, tool, or technique.
- Map each concept to their respective books and page numbers in which they appear, and add one-liner comments as and when required.
- Use highlighter pens to mark important sentences and numbers on those respective pages in the textbooks.

Using sticky notes and attaching them alongside the edges of each chapter to highlight what all concepts are being covered in that particular chapter can come in handy.

Use practice exams well
2 practice exams are added along with the voucher and using this well can help you manage time and get good results during the exam.
1. After you go through the learning materials once, take the first practice test but take it as if it is the real examination.
2. Analyze where you went wrong, improvise your study notes, indexing sheets.
3. Now that you have reworked your weak areas, attempt the second practice exam.
1 2 3 4 5 6 if practice_score <= 71%: print("repeat point 2 AND you are good to go") else: print("be happy AND repeat point 2")
Reach out to people
Talk with people who have taken the examination previously and discuss with them about their study methods. I was very fortunate even to meet some super helpful people online who shared their tips and experience while preparing for the same, which undoubtedly helped me clear the same.

During the examination, it does feel intimidating, but trust the work you put in over the months and go ahead with a peaceful mind.

I was able to clear the examination with a 90% score and this helped me get a place in the GIAC Advisory Board that was an invite-only mailing list consisting of learner who scored high scores in GIAC examinations. This was a bit of a surprise as I wasn’t aware about this while preparing for the examination.

Conclusion

As a person who was just starting out in Cybersecurity, learning and passing this examination was a great confidence boost. I personally feel that the cost factor is something that might hinder new learners from appearing for this particular certification, but if you are being sponsored by your company or getting a scholarship, then this is a great choice. The whole scenario felt like a lucky accident to me, and life did throw in a lot of humbling experiences thereafter.

Getting a certification or not is purely a personal choice which has to be made depending upon various factors, but if you are preparing for GFACT and have any questions, feel free to reach out to me.

It would mean the world to me if someone is positively impacted by the content that I create.

Until then , See you …

Exam Review

This post is licensed under CC BY 4.0 by the author.

Backstory

Overview of the Course and Certification

Exam Preparation and Tips

Conclusion

Trending Tags