I feel a little weird about it because these classes are not cheap, but hear me out.
I’ve been a SAHM (read: six kids and all the craziness that comes with running that crew) for more years than I like to admit. I mean, yes I’ve done a lot of things outside of that role over the years (volunteering with the HOA, the PTA, and BSA… and playing a major support role to the therapy practice my husband owns), and yes, I love my family and have worked hard to create a good life for my kids. But I realized recently that I want more to fill my desire to learn and connect and serve outside of just my family.
So I felt like it would be a logical next step to get a Master’s degree, since I already have a bachelor’s degree but it’s not in a field I want to pursue. Then as I explored options (statistics? data science? software engineering?) I learned about cybersecurity as a field and immediately knew: that’s what I want to do. But as I did my research, I was recommended to wait on a master’s degree for various reasons, and to pursue certifications instead. I’m sure either path would be fine, but certifications cost significantly less than a MS.
Lots of self-study for the CompTIA certs was great, and those certs were relatively inexpensive, but I wanted some kind of class. Something with people. Interaction. Enter SANS. Lots of content, a teacher, interaction, labs, and certification at the end. I decided to make the investment and feel that to me it was worth it.
I took SANS SEC401 (Security Essentials). I had really hoped to attend in person, but alas covid, so live online is what I got. They did a great job with the delivery, but I did miss the networking and comradery that could have been better in person.
The course materials arrived about a week before the class, and those books were a little intimidating! Six course books and a lab book, each about 300 pages long. I also downloaded the course content a few days before the class, which I’d definitely recommend since it takes a while to download even on a strong connection.
the short stack
Most people could probably have a great experience with this class at home, but as I was thinking through how that would go for me (the class was in a time zone two hours behind ours, and my house and kids tend to get very loud in the evening hours…) I decided that with as much as I was investing financially in the class, it would be better for me to find a way to make sure I could focus without distraction and without my normal day-to-day distractions (read: children, dinner, cleaning, work), so I flew to my parents’ empty house in San Francisco (they were taking their first post-covid trip) and it was the perfect venue for the class!
Now for my setup for the class. With live online, there’s a GoToMeeting for the class video, Slack for discussion, and VMs for the labs.
I used two computers: my MacBook for taking notes (I used Pages, then copied my notes into OneNote when I was finished so I’d have a backup), and my Windows laptop for the GoToMeeting, Slack, and the VMs. (I also had OneNote open on the Windows machine… when I occasionally took a screenshot I just dropped it into OneNote so it would be easy to add it to my notes on the MacBook.) I also pulled up the pdf course books on the MacBook, but found it was simpler to use the paper books.
My dad had this table set up for working from home, and it worked great as a home base for me as well.
The class itself was intense. 9am – 6pm for 6 days, with a 5 minute break every hour and a 45 minute break for lunch. Add a few more hours if you do the NetWars along with the class (for this one it was Thursday and Friday evening)–which I’d definitely recommend. I also learned that in 5 minutes you can’t do nearly as much as you might think!
The course content was great, which you can read about on the SANS website. I did put all the content from the course on a flash drive–including the digital course books, VMs, audio files, and my notes–so I can keep it as an archive in case I want to reference something from it after the download access expires.
Things that helped me throughout the week: drinking lots of water, some Dr Pepper for the afternoon lull (I know, so healthy); DoorDash (I think I used them twice, one on a NetWars day when I didn’t want to take a break to make something to eat for dinner); pre-prepared meals and snacks (thanks, Costco); and fresh air (seriously, take a walk at some point every day to clear your head).
I guess my big takeaway is this: if you can afford it, a SANS class is a great way to learn a lot of content in a short amount of time. If you can’t afford it, I’m sure you could get a lot of the information through free or inexpensive resources. The difference is the large amount of reliable information delivered in a neat little package. If you can get your employer to pay for SANS training, even better!
Now I’m ready to go through the course material again as I build an index to prepare for the GSEC Exam. But the exam prep deserves its own post!
I passed the Security+ exam yesterday! My hard goal was to finish before the SY0-501 exam version is retired this summer, but secretly I hoped to finish in March or April. Well, life got in the way of my March or April dreams, but I met my true goal so I’m definitely happy about it.
The resource that helped me the most was CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide by Darril Gibson. For A+ and Network+ I used the books as a resource to clarify concepts I didn’t feel like I understood fully from the videos, but when I started with the videos for Security+ I felt like I wanted a little more meat. So I picked up the book and started reading, which turned out to be a great choice. My strategy was to read each chapter, taking care to make sure I understood the concepts, highlight the main points in the chapter summary, then go through the practice questions at the end of each chapter. If there were questions I got wrong, I would figure out the correct answer and make sure I understood before moving on.
Once I finished the book I took the practice exams that came with the book, along with Professor Messer’s practice exam book, making sure to review each question that I missed to understand the concepts in them.
Last but not least, a review of the CompTIA exam objectives – this is a must for any CompTIA exam, they’re so detailed! I like to go through and check off each concept I feel comfortable with in green, marking in orange each concept I think would be helpful to review, and marking in red the things I really just didn’t know. (Markup on the iPad is great for this.) Then I reviewed all the orange and red concepts before the exam.
Honestly, it didn’t feel as difficult as I expected. I did have six performance-based questions, which surprised me because usually there are no more than five, so I got a little nervous when I clicked next after the fifth one and the next question wasn’t multiple choice. As I moved through the multiple choice questions I thought, I think I’m getting these answers, but maybe they’re trick questions? But finally I got to the end and was pleased with my score. (Yes, I know a pass is a pass but I’m an overachiever so I still like to see how high of a score I can get.)
The In-N-Out by the testing center has become my go-to celebratory post-exam lunch!
Time to complete the trifecta! I started studying for this one as soon as the holidays were over, and I’m excited to really dig in. Here’s are the resources I’m planning on using:
Professor Messer and Jason Dion both have great material, and in my opinion they complement each other well. I like the depth that Professor Messer goes into, and how closely his videos follow the course objectives. And I like how simply Jason Dion explains the concepts. My strategy for this one will be to listen to the Udemy videos in the car or other times when I want something to listen to, and watch Professor Messer’s videos at the computer while taking notes (because I’m very much a visual learner and taking notes helps my comprehension a ton).
