Welcome to the one stop shop for studying and mastering the SANS GSE exam objectives.

The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.

The repo is a collection of directories and files (.md) that align to the GIAC GSE exam objectives and outcomes. For example, the GSE exam objectives align to 5 primary categories:

1. IDS and Traffic Analysis Domain

2. Incident Handling Domain

3. ITSEC Domain

4. Security Technologies Domain

5. Soft Skills Domain

Each of these primary categories are further broken down into specific sub-categories. For example, the IDS and Traffic Analysis Domain is broken down into the following: Capture Traffic, Analyze Traffic, Interpret Traffic, and IDS Tools.

The gse-study repo's directory and file structure aligns to the GSE primary and sub-categories.

The GSE is a behemoth. You should start preparing for the lab portion several months in advance. Also, it is important to note that everyone has varying levels of experience, strenghs and weakenesses, and as a result, the suggested plan should be evaluated and tweaked to match the study methodologies that work best for you:

1. Review all labs for 401, 503, and 504. Re-work the labs twice, making sure to pay keen attention to areas that you need to work on. It is recommended that you perform each lab with both approaches that are presented within the course lab books. (Approach # 1 (more hints) and Approach # 2 (minimal hints).

2. [For SANS STI Students] Complete NetWars Cyber Defense Continuous 2 times.

   • The first time in an expedited fashion (10-12 hours), in order to simulate the demands and stress levels of the actual exam.
   • The second time taking your time - making sure to master all questions, concepts, for every level.

3. Review and perform hands-on pcap analysis every day. Time management is critical for success. It's also a good to allot 30 minutes per pcap: for both analyzing and writing a quick report on what you've done.

There is a spreadsheet entitled, "study-log-template.xlsx" that sits in the repo's main directory. The spreadsheet provides a starting point for organizing and tracking all of your preparation.

For example, there is a tab called, "503 Lab Practice". Inside, there is a table that has every lab exercise broken down to the exact topic in which it covers. There are columns for you to track when you completed the exercises, and for you to capture how well performed for each exercise topic: