Well, I did it! Today I sat for and passed the GIAC Certified Incident Handler Certification (GCIH). I am so grateful to have passed. It’s a great but also really challenging course.

Areas Covered:

• Incident Handling and Computer Crime Investigation
• Computer and Network Hacker Exploits
• Hacker Tools (Nmap, Metasploit and Netcat)

This course was a lot of fun and also pushed me out of my comfort zone. I’m really ready for new CTF! I want so much more practice!

I drive an hour to take my exam in Kokomo because they have a couple small rooms to take tests in, and this (and GSEC) was allotted 4 hours. I don’t take breaks, and I used all but ~3 minutes of the 4 hours.

One of the rules with regard to GIAC tests are not to share overly much, so I won’t do that. I will say that I studied a lot, I practiced labs a lot, and I had an incredibly robust index and STILL had things missing. That’s always frustrating. But, a win is a win, and should I be able to take more GIAC exams in the future, I have some more knowledge about how I need to study and index. If you’ve seen me ever on LinkedIn, you might have seen my posts about indexing: It’s crucial for some of us! I marvel at those who don’t need to use practice tests or heavy indexes. Mad respect.

One last thing I will say: if you sit for a GIAC exam, it’s open book, and you can take what you can carry. My advice is always to take more than you need, if you can (and if you have the luxury of a room to yourself as that’s key), because it’s better to have it and not need it, yadda yadda.

For now I’m taking a day or two to decompress, and then I’m on the hunt for my first entry-level cybersecurity role. Wish me luck! And, if you happened on this and we’re not connected on LinkedIn, please feel free to connect. I’m here to help and to learn.

-b.k