Site icon InfosecVidya

GIAC GPCS/SANS 510 – GIAC Public Cloud Security

With full-time employment in the Security domain, I have always tried to keep learning and wherever possible with either self-funded or employer-funded, have tried to supplement my learning with certifications. I feel whenever I subscribe for the certification and the exam is scheduled, a sense of disciplined is developed to safeguard the amount invested in the certification program.

With the organizations moving and heavily investing in cloud workloads, it is imperative to learn more about Cloud. I had started my Cloud journey in the year 2018 with basic learning. I attempted MTA 98 369 Cloud Fundamentals which has retired now. With other courses from Udemy and Linkedin Learning in 2018, I decided to prepare and write CCSK. I took approx. 3 months to prepare and successfully pass the certification exam on May 1,2019. Approx 2 years passed quickly while adjusting with fears of Covid and Work From Home mode.
My current employer SAP Labs India ignited to restart the certification journey by sponsoring SANS SEC 510.

Index Format

Overall, It took 4 weeks to complete the course. Each day, I used to put 60-90 minutes early in the morning and 30 minutes before going to bed to revise. Quizzes provided in the video helped me. I kept reattempting them. With each attempt, I used to at least 2-3/20 new questions, hence able to test myself with them. Followed descriptive indexing method where the last column captured the summary from the page of the book. The practice test helped to understand the level but there was a well-felt gap with the exam questions. Be prepared to put effort to understand Terraform and CLI basic commands. Create cheatsheet or index Terraform concepts for quickly referring. I would recommend not skipping the labs. I did skip when it started incurring cost as my study was spread across 4 months. I would recommend completing the course, deploying the environment with the script, and then going through the labs if you are going to spread the course over 15-20 days.

Expensive course for almost every one of us but worth a try, if your employer is nice and can sponsor the course. The course taught me well about some hidden misconfiguration and hardening approaches. Few of the scenarios are very generic and could be found in CIS benchmarks but the course is designed to compare AWS, Azure, and GCP on the same parameters. Hence it gives good visibility of concerns and fixes which could mitigate or remediate the configurations or vulnerabilities. The good part is the course provides an automated approach to create a lab environment and destroy the whole setup with provided script. Wherever Terraform does not provide support, native CSP CLI commands are discussed.

If would like to discuss more on this, please feel free to drop me a message on Linkedin or Twitter

Exit mobile version