HandsOnKB

My Experience Taking the GX-CS Exam (And Not Passing)

kibrettsige

I’ve taken a lot of infosec and IT exams since first passing the Security+ in 2019. After that first exam I’ve taken the CISSP, CCSP, AWS Solutions Architect, the qualifying evaluation for the SANS Master’s Program, GSEC, GCED, GCIA, GCIH, GSTRT, SSAP, GPEN, and now GX-CS.

Before today I had only failed the AWS exam, mainly because I lost interest after realizing it wouldn’t actually matter for the role I was in at the time (in 2023). I didn’t study for it in the days leading up to the exam and ended up 20 points short of passing (somewhere around 690). Now I get to add the GX-CS exam to that short list. Eleven out of thirteen exams isn’t too bad.

Taking the exam and working through the 25 lab questions felt fine for the most part, and now that I’ve experienced it I’m confident I can pass a retake, but I feel conflicted about a few things. The first would be the technical issues it seems like I had in my exam. There were a few questions where virtual servers I was supposed to interact with or credentials that were gained in the way I was told just didn’t work properly.

It also feels like the exam objectives on the GIAC site are intentionally vague in order to catch people off guard. For example, with the GSEC exam, which I had to pass without the course, I was able to use the exam objectives and outline on the GIAC site to prepare my own notes. Then with the notes, one practice exam, and my experience in infosec I was able to pass pretty comfortably.

The GX-CS exam, and all the other “Applied Knowledge” certification exams, only provide broad topic areas but make no mention of tools, tasks, important files, etc. Maybe this is just a result of trying to take the “Jack-of-All-Trades” exam of the group as my first one, but it feels a little absurd to expect a person to be adequately prepared for all that while not allowing access to electronic materials, which would be more realistic in terms of infosec and IT jobs. Being able to use the electronic course books would make far more sense, but I digress.

Moving forward, I’ll definitely be using some practice questions before taking the exam. That and I’ll be brushing up on some Linux administration tasks and working through some HTB Academy modules based on the questions I struggled with.

Sound off in the comments about anything InfoSec or InfoTech.