3

I am planning for GPEN certification, although i have been extensively involved in penetration projects, still looking at the topics it seems a bit difficult.. what could be good study guide for preparation?

WhiteWinterWolf
  • 19,082
  • 4
  • 58
  • 104
Muhammad Suleman
  • 129
  • 1
  • 3

2 Answers2

2

I assume you're talking about a challenge certification; any other route would provide you with all the courseware you need.

As per the GIAC FAQ:

Please review the course descriptions at http://www.sans.org to gain an understanding of what material is covered in each course. Please be sure to look at each day of training. While we certainly recommend the SANS training as the best method of preparing for the GIAC Certifications since that is what they are based on, other resources can be purchased at most book stores.

The exams do track the courseware closely, so it really is the best guide. That said, I don't believe they sell the courseware alone, and selling used copies is likely against the license. I do recall that once upon a time they would sell off extra courseware in the bookstore at conferences - e.g., they ship in 100 copies of GPEN, 90 people show up, they have 10 copies to either sell to conference attendees or box up and ship back. So there was a legitimate sale method at least at one point. (I purchased the GCUX set at a conference intending to challenge, but never got around to it).

You do also get two practice exams if you sign up for the challenge, which gives you a chance to figure out what topics you should study but haven't yet. If you already hold a GIAC certification and are on any of the related mailing lists, people often give away practice exams they didn't need, maybe that would let you figure out if you want to try this before spending $1,050 to get your own practice exams.

gowenfawr
  • 71,975
  • 17
  • 161
  • 198
2

You won't find officially available course materials anywhere past general information. I can tell you the exams will be open book, meaning any printed material is fair game. However, having been though one GIAC exam after going through the SANS class challenging an exam would be exteremely difficult. I did well, and passed but I didn't do as well as I thought I would have given the work I put into studing, my index and my seeming familiarity with the material. I honestly wouldn't recommend challenging the GPEN.

There are cheaper alternatives available to GPEN in OSCP and eCPPT. Those alternatives are still very good and very practical as well be being around $1000 (includes the course material and the exam) if I remember correctly. Making them much more affordable than any SANS class at around $4500 + $500 for the GIAC exam.

If you're set on SANS, you could start networking with SANS instructors. If you can find a mentor session with a friendly mentor they can offer discounted seats. However, they're usually gone shortly after opening registration for the class in an effort to fill the class. I was able to get into my SANS class for a significant discount.

Paraplastic2
  • 460
  • 2
  • 7
  • Just and update: GPEN class is now a little over $6000 w/ no discounts. OSCP is still around $1000 for the initial material and testing--each additional test is $60, lab time increments start at 15 days = $150...60 days = $450. If you take the OSCP route, you should plan to test more than once, OSCP is one of the more difficult exams and based on other forum thread and VLOGs, most people don't pass the first time. The labs are a great playground though! – Chris Mar 12 '18 at 13:34