On Friday, I sat for the GIAC Defensible Security Architecture (GDSA) exam. The certification is brand new (it just came out about a month ago) and is based on the SANS Sec 530 course.
The course is focused on the design and implementation of secure networks. It starts with the basics such as access control lists, and VLANs and then very quickly moves into cloud security and zero-trust. I took the course using SANS online delivery platform. This was my first time doing it and while it wasn’t bad, I didn’t love it. I really see two problems with the online format. 1st, just dedicating the time to sit down and focus on it without getting disturbed is very hard to do. I had originally planned on just working from home for a week and doing it during the day but work never had any free time. Instead I took it piece-meal over about 2.5 months. The 2nd reason is because one of the things I love about SANS training, is the fact that their instructors have a wealth of knowledge and that by doing it in person, you’re able to really tap into that (as well as your classmates).
When I took my two practice exams, not only did I pass both of them (for my other two certs I’ve always failed the first practice exam), but I did it without even opening the book. Unfortunately, this came back and completely bit me in the ass because I got overly confident. I figured that if I did fine on the practice tests, I would do fine on the real test. Because of that, I didn’t study the way I should, nor did I even put together an index. This almost proved to be a fatal mistake. Fortunately I did have my book with me so I could still do research, just not nearly as efficiently as I normally would.
In the end, I passed the exam, and got my piece of paper. I finished with about 15 minutes left (I’ve never cut it this close before). The exam was still very much inline with the class, and while difficult, was good. All and all, not a bad course to take and I’d recommend it.