I passed the GSEC exam early last week and got my certificate in the mail today. It made me stop and think what a crazy eleven months it’s been.
Last May I was fortunate enough to attend a computer forensics course in Phoenix where we took the CHFI and CCFE tests at the end of the week. Those were my first two computer security certificates and I was hooked. I hadn’t seen my wife in a week and we met up at the Phoenix Comicon (yes my wife and I are that big of nerds) and my wife said that I was “glowing” and that she had never seen me so happy. I realized that I had spent the previous six days either in class or in my room studying yet I was unbelievably happy. It’s amazing how smooth things feel when you’re doing what you should be doing.
I had taken the SANS 508 course back in 2008 but never had a chance to put those skills to use but now that I had knocked the dust off my forensics skills I was anxious to put myself to the test and try my hand at the GCFA. I passed that last summer and felt fantastic. It was by far my greatest achievement in the field. The week after I took the Access Data ACE exam to round out my forensic skillset.
I decided to start filling in my many knowledge gaps by going through the certificate gauntlet. I knocked out my A+ first and while I was studying for the Net+ I got an opportunity to attend the SANS 504 course. The course was amazing and I studied for that thing like I had never studied before. I passed the test with a 94 and had a much better test experience than I had on the GCFA since I knew how to properly prepare.
I knocked out my Net+ real quick and then decided that I wanted to supplement my GCIH knowledge with some more hands on hacking knowledge so I signed up for the attack-secure.com “samurai skills” penetration testing course. In addition to some good videos the course came with 90 days of access to a student network of over two dozen boxes to try to hack. I learned a ton and a lot of the concepts from GCIH made a lot more sense when I was forced to put them to use. A great side benefit to this course was giving me a decent understanding of Linux command line usage.
When I got shell on the final box on the network and got access to the file that I needed to earn my “Attack Secure | Penetration Tester” cert I was very proud. I know the cert is very much an unknown and I’ve got a lot more to learn but it was a step in the right direction.
I went straight from my online hacking course to the SANS 408 Windows Forensic Course in Phoenix and learned a ton about examining Windows systems. Four weeks after that class I attended the 401 course and had a great week, learned a lot and met some great people. Now that I’ve knocked out my GCFE and GSEC certificates I’ve set my sights on the CISSP. I’ll be taking the SANS 414 course in a few weeks and I’ve scheduled my CISSP exam in late May.
In Eleven months I obtained a CCFE, CHFI, GCFA, A+, GCIH, Net+, AS|PT, GCFE and GSEC and hopefully I can add a tenth cert in twelve months by passing my CISSP.
It hasn’t been cheap or easy and there are absolutely times when I feel mentally drained but the feeling I get from knowing what I’m talking about is well worth it.