Road to GSE

Successfully passing two GIAC exams and earning the subsequent certifications that go along with them feels very surreal. I remember when I first heard about SANS from a relative years ago. This led me down the rabbit hole of security certifications and SANS courses. Many sounded so interesting but the cost was ultimately a barrier so I did not pursue any. It was not until I participated in CyberFastTrack that I gave it much thought again. Even though I did not earn a scholarship from SANS it put me on a track to find another source of funding which thankfully I was able to receive. I know that cost is a barrier to many and I feel so incredibly blessed for this opportunity and in the future hope to give back to individuals who were in similar circumstances as me.

In October I earned the GFACT certification and then finally earned the PenTest+ certification in November. Both involved a lot of late night studying and sacrifices from all the fun things. The GFACT solidified a lot of foundational knowledge I had and also helped me prepare for the PenTest+ as well. Between studying for these two certifications and a lot of my day to day work activities, I felt like it was all finally coming together. Just in time for the disaster that would be log4shell. ;)

I started my studies for the GSEC in December but that went on the back burner until January when I could start in earnest. This course was definitely a step up in terms of difficulty compared to the GFACT. I really enjoyed the sections on cloud security for AWS as this was a subject I was wanting to learn more about. I also really enjoyed the PowerShell labs as I had not done any kind of scripting in over a year and it reminded me of how much joy I find in it.

I used the same general methodology for studying which is reading the course material and hand writing notes. I find video lectures to be really hard to pay attention to so I prefer reading the material instead. I also ran through the labs a couple times each to get comfortable with commands and syntax especially. I also used the same indexing method I came up with based on advice from numerous posts I read online. This definitely deserves its own post in the future. The aim of the game for me is speed, being able to quickly reference something if needed in the exam. With so many books for this course, speed referencing is an importantly ability.

The GSEC exam would be my first exam with the Cyber Live questions and I was nervous about what they would be like. Thankfully the provided labs and materials more than adequately prepared me for the questions. When exam day came I found myself really enjoying the hands on questions. It really tests your knowledge in a different way than multiple choice questions can. They were not too dissimilar from the labs and I look forward to more Cyber Live questions on future exams.

Due to funding reasons, I am taking some time off before pursuing the next certification in my program at SANS. Ever the avid learner I am using this time to complete coursework towards earning an MBA in IT Management at Western Governors University. It is definitely a change in thinking to go from technical subjects to business subjects but I am learning a lot. I have spent most of my career in government settings so the transition to a large multinational corporation has been nothing short of a culture shock. This degree is really helping me understand business processes and how IT can drive business initiatives. I am of course trying to put my own security spin on things as I go.

Just a little over a month in to this journey I find myself 20% of the way through the course material for SANS SEC 275 Foundations. Ideally I would have liked to be about a third of the way through the material at this point but I have found myself busy with work obligations and other studies instead. I am really impressed with the organization of the course and the content I have reviewed so far.

Having been in IT for ten years at this point the course feels like a nice refresher starting from the assumption of zero knowledge. A majority of the time knowledge is gained on the job or in an unstructured manner so gaps are bound to happen. Going through the material has helped fill in some of those gaps. For example, I have deployed and supported a handful of Linux servers and applications during my career and I never knew you could clear your terminal by pressing Ctrl + L. This entire time I have been typing out clear instead. It's the little things like this that I found to be the most worthwhile.

In addition to my SANS studies, I studied for my upcoming Pentest+ exam a little bit. It is the last exam between me and my Bachelor's from WGU. Without prior pentest experience, it feel's like one of the more challenging CompTIA exam's I have studied for. Although I find the subject interesting, I struggle to maintain the motivation to go through the learning material at times.

In the middle of July I had a week and a half between ending my then current role and starting the role I am in now. In preparation for my new job role I completed the Splunk 7.x Fundamentals Part 1 course. Then I took TryHackMe for a spin. I did some rooms in their Cyber Defense learning pathway ending up in the top 6% (woot woot!).

TryHackMe is an online learning platform that allows folks to try out different tools and techniques used in the cyber security space such as Splunk, Metasploit, OpenVAS, privilege escalation, and OSINT gathering just to name a few. Additionally, TryHackMe has learning pathways for general security and computing basics. Having tried a variety of learning platforms over the years, I like TryHackMe's mix of video/written content and hands on labs.

Another feature I appreciate about TryHackMe is the ability to complete all the labs within your browser. This is useful because it lowers the barrier of entry to learning. Not everyone has a spare computer they can use for labbing or even the time to set up a home lab just to try a few things out. Making it trivial to set up a lab machine allows for more effective learning to occur.

Lastly, I wanted to note that if you are a student and email support, they are able to grant you a student discount. You must do this before you subscribe and pay. I definitely recommend TryHackMe to folks who are looking to learn more about cyber security or those looking to upskill.

This morning I met with my assigned Undergraduate Student Advisor. I discussed my technical background and experience with SANS in the past. Previously I participated in Cyber FastTrack CTF events in hopes of getting a scholarship to their training. My advisor said that many students reported that these events really gave them the confidence to attend other CTF events and I agreed.

If you're new to the field it’s a great place to start. They also have their online training platform called CyberStart Game. Students can usually get a registration code for free or reduced price cost, otherwise it's  $80-$150 USD (depends on if there is sale running or not). Next, we set up my schedule for the next year and a half. I am going with the standard 13 week course timeline with 1 month breaks in between courses. This gives my third party funding enough time to get a check mailed off to SANS. I chose the 13 week option over the 8 week option because I wanted to give myself as much time as possible to learn the material.

After my meeting was over, I went to the registration site and signed up for my first course: ACS 3201 Security Foundations. My advisor reported that SANS has now added a certification for this course where previously there was none so I was happy to hear that. Even if it's new and relatively unknown, I'll take it. Since being a student at Western Governor's University I've developed a love for achieving certifications. As I like to say, "Catch certs not feelings". Below is the course description taken from SANS.edu:

Content: SANS SEC 275 Foundations

Assessment: GIAC GFACT Exam

3 Credit Hours

ACS 3275 Security Foundations is the best course available to learn core knowledge and develop practical skills in computers, technology, and security foundations that are needed to kickstart a career in cybersecurity. The course features a comprehensive variety of innovative, hands-on labs, and practical exercises that go far beyond what is offered in any other foundational course in cybersecurity. These labs are developed by leading subject-matter experts, drawing on the latest technology, techniques, and concepts in cybersecurity.

The course provides a level of sufficient theoretical understanding and applied practical skills that will enable you to speak the same language as industry professionals. You’ll develop fundamental skills and knowledge in key IT subject areas such as:

* Computer Components & Concepts

* Operating Systems, Containers, & Virtualization

* Linux

* Networking Fundamentals

* The Web: Search Engine & Servers

* Practical Programming – Python and C

* Windows Foundations

* Advanced Computer Hardware (e.g., CPU & Memory)

* Encryption

* Introduction to Basic Security Concepts

* Introduction to Forensics

* Introduction to Reconnaissance, Exploitation, and Privilege Escalation

* Introduction to Network & Computer Infiltration (e.g., Lateral Movement)