Cracking the Code: My Journey with the GIAC GFACT Exam

Cracking the Code: My Journey with the GIAC GFACT Exam

Last weekend, I achieved a significant milestone in my cybersecurity journey—I passed the GIAC GFACT exam. As I had mentioned in my previous blogs, those enlightening "aha" moments were not in short supply throughout the course, and they continued to enhance my learning experience until the very end.

The course spanned an impressive breadth of material. From the intricacies of computer hardware to the nuances of Linux foundations, it's safe to say that the GFACT course left no stone unturned. The labs were particularly engaging, offering a hands-on approach that I believe is instrumental in truly understanding such a diverse range of topics.

Taking the exam at a physical testing center was, in itself, a unique experience. Sneaking into the exam room and attempting to work comfortably on a small desk space was a tad awkward. Although I had only three books to refer to for this particular exam, I'm aware that other SANS courses can have double or even more. With that in mind, and as I embark on my next journey with the SEC301 or the GISF, I've decided to opt for a home proctoring session. Given my spacious Ikea desk setup, I believe it will serve as a far more conducive environment, especially when I might need to sift through six or more reference books.

For those interested in a deeper dive into the GFACT course, here's a breakdown of the materials covered:

  • Computer Hardware & Virtualization: Delving into key hardware components and their functions, this module also offers insights into the advantages and disadvantages of virtualization and containers.
  • Exploitation & Mitigation: A comprehensive look at exploit anatomy, methodologies, and the tools employed by attackers. It also covers crucial mitigation strategies.
  • Forensics & Post-Exploitation: From the tools used in forensic investigations to the intricacies of incident response, this section explores the world of post-exploitation, including objectives like persistence, lateral movement, and exfiltration.
  • Linux Foundations: A thorough exploration of the most frequently used Linux commands, permissions, access control, and key elements related to file systems, architecture, and networking.
  • Logic & Programming: This module emphasizes logical operations, programming syntax, constructs, potential errors, and delves into how programs execute and the intricacies of memory allocations.
  • Networking & Servers: Here, the focus is on core networking concepts, protocols, and an understanding of various server types.
  • Operating Systems, The Web, & Data Storage: A deep dive into the roles of operating systems, different file systems, web technology, and the pros and cons of cloud computing models.
  • Security Concepts: This section encapsulates concepts and terminologies linked with cryptography, the ethics and legalities associated with hacking, attack stages, and key defensive strategies.
  • Windows Foundations: A thorough exploration into Windows CLI commands, permissions, access control, and crucial elements related to file systems, architecture, and networking.

In retrospect, the GFACT course has been an enlightening experience. It has enriched my knowledge, honed my skills, and stoked the flames of my passion for cybersecurity. As I embark on further on the SANs BACS program, I'm eager to share more of these experiences with all of you.

Follow my journey