Getting a little nervous I haven’t studied enough for the GSE written – you know, 20+ hours a week for 3 months and change. Looked at a few sites dealing with the multiple choice portion here: https://www.infosecblog.org/2011/01/gse-multiple-choice-exam/ (yes, it’s from almost 5 years ago) and here (http://www.giac.org/certification/security-expert-gse – the ‘official word’ on the matter). There is also a helpful post from Courtney Imbert to the giac-study google groups e-mail list (dated 10/15/13? I don’t tend to delete e-mails very often.), although it seems directed more to the lab portion of the exam. For those who don’t know, Courtney is the GIAC tech director and has a GSE, so her advice merits close attention on two counts.

 

Oh, and I caved and started printing man pages. Couldn’t find a good one online, so I went into the SANS 503 virtual machine, did a ‘man snort | col –b > snort.txt’, then used netcat to move it to my OSX box (repeated for syslog, tcpdump and nc). Pro-tip: if you do this, use narrow margins to prevent occasional wordwrap in MS word.