I Passed the SANS GSEC in 3 days, here’s how.
Table of contents
Introduction
You didn’t read that wrong, I got my SANS GSEC Network, Endpoint, and Cloud in 3 Days, 2 if you count my break from studying, but still listening to the material.
My story starts long long ago, and by long long ago, I mean in December of 2023. I had always participated in Cyber Events, and when I was in High School, I discovered CyberStart America (RIP Cyberstart, you will be missed). Cyberstart was an intro-level, 6-month-long CTF that taught the fundamentals of Cybersecurity and Hacking. I fell in love with this event and began taking it more and more seriously, soon, I placed within the top 5 in my state.
Flash forward a few years, and being in College, heavily involved with extracurriculars, my classes, scholarships, and more, I found myself with minimal free time. When Christmas break rolled around, I tried to do CyberStart again. I lost my progress since I wasn’t a part of my district anymore, but who cares? :(
Within 2 days, I got 76,000 points, and at that point, responsibilities took over. I stopped and wasn’t expecting to win anything, but I was sitting in a CS class of mine when I got the email. For the third year, I was a National Cyber Scholar with Honors. I was overjoyed, and my certification wasn’t until June 6th! I had plenty of time to focus on my studies, everything was going to be alright! Right?
Time went on, the seasons changed, and I was so burnt out from my classes that I just wanted to be done, so I finished my academic year, and went home. “Of course, I was the most studious student ever! I went home, and hit the GSEC right away!” I sure hope someone said that because I didn’t. I went home, slept, ate, and relaxed. That’s all I did!
On May 23rd, 2024, I got the sudden urge to be productive, and where better to start than the GSEC! I sit down, crack my fingers, and get to work. I looked at maybe 5% of the material, and I took a practice exam in April to test my base knowledge with no books. I got a 65%, which I was relatively happy with considering I had no material guiding me. With a baseline, I began, I had some time this week, and nothing could go wrong! (that is foreshadowing…)
When I sat down to look at the material again, I realized a little counter on the top right that said “16 days of access remaining.” I, at the time of writing this, had a trip booked out of the country for 2 weeks, so I was under the belief that I could study the GSEC on the flight, and have my exam be after. So I went to ProctorU, thinking that the exam would be after, and that is when I realized the last day I could schedule the exam, is the last day I have access to the course June 6th. I won’t be back, and while I can take it overseas, I promised my S/O that I wouldn’t be working at all, because on vacation, vacation is for family.
I went into full panic mode. How am I going to do this cert? Am I going to pass? What do I do? Do I cave and buy the extension? No. I couldn’t buy the extension, so my options were not to get one of the most well-respected certs in the industry or put my nose to the grindstone, because of the title you can see which one I chose. Here is what I did, to pass the exam with an 87%, with roughly an hour left on the clock.
Part 1: Buy thousands of Sticky Notes, you are going to need them.
Lucky for me, I walked into this exam having my GFACT already. What made that experience go so smoothly (other than giving myself tons of time to study) was this article by Lesley Carhart, a SANS-certified instructor that talked about the Pancake Method. It is much more well thought through and executed than what I did, but than again, I had three days so give me some grace.
Essentially, important subtopics or topics I didn’t feel comfortable in were marked first. I didn’t go in order of book (Book 6 -> Book 4 -> Book 1 etc.) and bounced around a lot, however, when I started a book, I made sure to finish it before moving on. I went in order of section. On the top of the book, I marked where a new module, and on the sides, I marked the subtopics of that module, all with the same color sticky notes.
It isn’t pretty, but doing this allows you to read the material, review it, and know which book contains what. I used this, and I think singlehandedly, this was the reason I passed. I spent $70 on Sticky Notes, and thank goodness I did.
Part 2: 2x Speed is your friend.
When I started, I had 5% of the course done, and by the time I finished, and by the time it was test day, I finished around the 70% mark. That’s about 30 Hours of Material in three days. How did I do that? Yes.
Bryan Simon was the course instructor, and the beauty of the way he talks is that you can still retain the info at 2 times the speed. As I was working on the sticky notes, I was watching the accompanying video to hear what he was saying, while reading the info on the book. This tactic saved me the most time, and allowed me to get this done.
Part 3: Labs, who needs ‘em?
I don’t advocate for anyone to do a SANS cert in 3 days, take some time, and absorb all the information. I was in a very different situation then a lot of people, where I had the knowledge of all of the labs from CTFs, personal studies, and my work, teaching others the same material. I saved dozens of hours because I skipped the labs, but please don’t do this. Learn the material, then move on!
(The workbook is helpful though, make sure to review that)
Conclusion: What You Put In Is What You Get Out.
Over those 3 days, I did nothing else but read, watch videos, and study. I took breaks, spent all of Friday not studying, and made sure to stay plenty hydrated, take care of you and your needs first, the cert will follow, I promise you. But put in time, stay dedicated, make sure that you are keeping up with your labs and material. I am so proud that I am certified through SANS, and who knows, maybe I’ll be a part of their university soon. Go Sentinals! :)
Thank you for the read, and good luck on getting that Cert!