@sphynx you missed hashtagging #SANS and #GIAC in this.
The digital documents were completely worthless to me when I did the #GCIH. True, it was the only way to see tables and images in color, but was more static and immovable than the hardcopy.

• Can't highlight
• Can't cross-reference
• Can't label
• Can't add notes

For the record, SANS used to send out unprotected PDFs. They had to stop after discovering a thriving market of SANS material being sold by other companies as their own training material.
"Welcome to DANS!" (tm)

#chatGPT haiku to conclude a weekend preparing for #GCIH exam

@AstraKernel #sans #gcih #powershell
I picked up a new trick from the SANS GCIH certification around PowerShell.

Get-CimInstance -Class Win32_process | Format-List -Property ParentProcessId, ProcessId, Name, HandleCount, WorkingSetSize, VirtualSize, CommandLine
The ParentProcessID and CommandLine Properties aren't shown by default.

Since Get-NetTCPConnection returns the owning PID, you can combine these two and get something like netstat -ban on steroids. And since it's PowerShell, everything is an object you can feed into another command.

This isn't very pretty, and I"m sure there are better ways to format the output, but it gives you a neat set of output that is easy for a human to examine.
Get-NetTCPConnection -State Listen,Established | ForEach-Object { $_; $OwningPID = $_.OwningProcess; Get-CimInstance -Class Win32_Process | Where-Object -Property ProcessID -eq $OwningPID | Format-List -Property ParentProcessId, ProcessId, Name, HandleCount, WorkingSetSize, VirtualSize, CommandLine }

やった！

I'm GCIH certified!

Now to take a nap...

#GIAC #GCIH #sansinstitute #SANS  #cybersecurity #cybersec #cyber #infosec #hacking #hacker​

Just finished my Index for the GCIH. The exam is this Tuesday, and hopefully I'm prepared enough for it. I really struggled on the practice tests, but I'm feeling more confident than I did before. I'm also taking it in the morning when I have more energy--I took the practice tests in the afternoon and was exhausted 2 hours in. 😵‍💫

Once I pass, then it's on to the GWAPT next.

#GIAC #GCIH #sansinstitute #SANS #cybersecurity #cybersec #cyber #infosec #hacking #hacker

Just paid for and about to start my first GIAC certification course - SANS 504 for GCIH. Any advice (other than using the pancake 🥞 method for the index)? #sans #giac #GCIH