HOW I PASSED THE GIAC FOUNDATIONAL CYBERSECURITY TECHNOLOGIES (GFACT) EXAM
Following GIAC policies, I won’t be disclosing specific exam details.
In this article, I’ll share my journey towards obtaining the GIAC GFACT certification. I’ll discuss the challenges I faced, the resources that proved most valuable and offer tips to help you prepare for the exam.
WHOAMI.exe
My name is Elizabeth ekedoro | LinkedIn | X(Twitter)
I graduated with Second Class Honors Upper Division in Biology. In 2023, I transitioned into cybersecurity, dedicating myself to acquiring both theoretical knowledge and practical skills. Currently, I’m actively seeking an internship or entry-level Security Operations Center (SOC) Analyst role. This position will provide me with the opportunity to collaborate with esteemed professionals, enhance my skills, grow among colleagues, and contribute value to the organization.
GFACT is the first of the two exams that participants need to take as part of the Cyber Talent Academy. This accelerated cybersecurity program is sponsored by SANS and Allianz
THE GFACT EXAM OVERVIEW
The GFACT exam validates a practitioner’s understanding of essential cybersecurity concepts. Passing it demonstrates the foundational knowledge and practical skills needed for a successful cybersecurity career. The exam covers nine domains, including Linux Foundations, Windows Foundations, Computer Hardware & Virtualization, Networking & Servers, Operating Systems, The Web, & Data Storage, Logic & Programming, Security Concepts, Exploitation & Mitigation, Forensics & Post-Exploitation. For a comprehensive exam overview, visit the GIAC official website [link here: GIAC Foundational Cybersecurity Technologies Certification | Cybersecurity Certification]
EXAM FORMAT AND TIPS YOU CAN’T AFFORD TO MISS
While GIAC exams are open books and open notes, relying solely on the books in the room can be a trap (I felt awkward taking in books as I’m used to closed-book exams). The sheer volume of material necessitates a strong understanding of the course content beforehand as GIAC does not allow you to see past questions.
GIAC exams are constantly updated to reflect the latest SANS course materials, so using outdated resources is risky. You’ll receive two practice exams with your enrollment, and the actual exam is 75 multiple choice questions, 120 minutes long (about 1 minute 6 seconds on each question), requiring a minimum score of 71% to pass.
STUDY RESOURCES
1. The SANS Foundations learning platform: provided access to the comprehensive SANS SEC275 course, which was really helpful. This interactive platform for the course included engaging videos, audio lectures, and hands-on labs, all led by the experienced instructor James Lyne. His real-world examples significantly enhanced my understanding of most concepts.
2. The SANS training course: included three physical spiral textbooks (around 1,000+ pages) that complemented the online platform. These were a lifesaver during power outages when using my laptop wasn’t an option. I actively highlighted key sections and took notes for later review. The materials go quite in-depth to the point where I even question if I’m capable of completing them and passing the exam.
3. Index: I wasn’t familiar with building an index, so I learnt to build one during my preparation as GIAC research stated that the process of creating an index has a positive outcome on exam scores. There are two popular methods to help you build an index: the Pancakes method by Leslie Carhart [link here: https://tisiphone.net/2015/08/18/giac-testing/] and the Voltaire method [link here: https://voltaire.publickey.io/Indexes].
I opted for the one that best suited my learning style.
4. The Practice tests: were instrumental in testing my knowledge and identifying areas needing improvement. Thankfully, I passed both, which not only boosted my confidence but also helped me get comfortable with the exam format.
CHALLENGES I FACED
One of my biggest hurdles was grasping programming languages (C, Python) and relational database management systems like MSQL within a short timeframe. I still haven’t gotten a hang of them and to address this, I intend to leverage YouTube tutorials to enhance my understanding and solidify my skills.
Another challenge was mastering the art of indexing. While it initially felt overwhelming, the effort paid off significantly. I tested my index by practicing with questions from my second practice exam.
Finally, time management was crucial. The 120-minute time limit necessitated a strategic approach. To develop this skill, I practiced taking timed exams and improved on my ability to prioritize questions effectively.
PASSING THE EXAM
The exam is offered at test centers or as a proctored home exam. I opted for the latter, but on the scheduled day, I encountered technical issues that prevented me from starting. Thankfully, I had documented the problems with screenshots. This experience highlighted the importance of adaptability, and I was grateful for the Cyber Talent Academy team’s understanding and support. They rescheduled my exam, alleviating the initial frustration.
To pass the GFACT exam, I focused on understanding the exam objectives and the concepts covered in the SANS training course. I reviewed my practice exams, analyzing my mistakes to pinpoint areas for improvement. There were specific domains that required more focused attention.
During my second attempt, I successfully accessed the exam environment. Carefully reading the questions and strategically managing my time was paramount. I also employed a technique of skipping initially unsure questions and returning to them later.
CONCLUSION
The moment I saw the “passed” status, a wave of relief and satisfaction washed over me. It validated all the hard work and dedication I poured into the preparation. Following this accomplishment, I proceeded to request the official physical certification and badge.
The GFACT certification has equipped me with a solid foundation in cybersecurity fundamentals. This journey has been both challenging and rewarding, and I encourage anyone considering a career in cybersecurity to pursue the GFACT certification. It’s an investment in your future and a valuable stepping stone towards a fulfilling career path.
PASS THE TOUCH!
If you’ve passed the GFACT exam, drop a comment and share your experience! Your insights will inspire others to take this leap.
For those who didn’t on the first attempt, please don’t be disheartened! Review your study materials and focus on strengthening your areas of weakness.
If you are preparing to take the GFACT exam or any other exam, I’d love to hear about your study plan and how your preparation is going! Share your experiences in the comments, and let’s build a supportive community.
Thank you for reading my article, I hope it’s been helpful to those who are trying to take this exam and I look forward to your success stories.
Don’t forget to subscribe, follow me on LinkedIn [link here: https://www.linkedin.com/in/ekedoro-elizabeth] or X/Twitter [link here: https://x.com/Lizettle_?t=ikPzXlgEZL-B9NnEOp32ZA&s=09], and feel free to send a personalized message.
Until next time — Stay cyber-awesome!
