Review: GFACT (GIAC Foundational Cybersecurity Technologies)
Back in July 2020 I started SANS Technology Institute’s Undergraduate Certificate in Applied Cybersecurity. Back then the first course in the program was called ACS 2201: Technology Essentials and did not have an associated GIAC certification. However, as time passed the course was revamped into the new SEC275: Foundations — Computer, Technology, & Security course with an accompanying GIAC certification, in the form of the GIAC Foundational Cybersecurity Technologies — which I was lucky enough to beta test. Here I’ll talk a little bit about the course, what it covers, and what I felt about it.
Some Backstory
This course has an interesting history. According to some of the SANS representatives I have spoken to, this course was created to combat a problem that SANS was facing. In some of the different programs that SANS puts on across the glob, SANS has (or had) students jump directly into SEC401: Security Essentials (GSEC). While this sounds like a logical first step, being a ‘essentials’ course, apparently many students, especially those who came from absolutely no experience, would fail GSEC. This can be attributed to the sheer amount of information covered in this course, which created a massive difficulty spike. I mean there were over 2,000 pages of material when I took GSEC last year! To fix this a new course was developed in order to lay the most basic of foundations so that students handle the learning curve a bit better.
Out of this initiative ACS 2201: Technology Fundamentals was born and placed directly in front of SEC401. Spear headed by James Lyne, SANS’ Chief Technology Officer, ACS 2201 was originally 100% web-based instruction. In fact, I didn’t even receive a hard-copy of the material like every other SANS course. The vast majority of the course was comprised of videos of James explaining topics, and written material. I believe there were some web-based python labs (forgive me, my memory is fuzzy), but other than that it was simple note taking and listening. Some of us ultra-nerds actually just copied all of the material off the web-pages and built our own book(s) in Word. Then we just had them printed off at a store like Staples! But, there is no longer a need for that as just a few months ago the overhaul to the course included adding hard-copy books to the list of materials that students get access to.
The Material
The breakdown of SEC275 is a bit easier to list compared to the other courses I’ve done, which can be attributed to it’s 100% OnDemand presentation and more fluid structure. The course covers a wide variety of topics, but stays at a very high level in almost all. Examples of topics includes computer hardware, operating systems (both Linux and Windows), networking fundamentals, computer services, programming concepts, and security concepts. So let’s break some of that down.
The two most in-depth topics covered in this class are hands-down computer hardware and operating systems. When it comes to the hardware portion think of CompTIA A+ level of knowledge. You learn everything from different I/O ports and peripherals, to motherboard components and advanced storage concepts — both volatile (RAM/stack/heap) and non-volatile (HDD/RAID/Cloud). If someone had absolutely no experience with computers this would be an absolutely fantastic start, James explains the information extremely well.
In terms of operating systems SEC275 goes into quite some detail. This covers everything from core concepts of how an OS works, all the way to virtualization and containers. Further than that there are dedicated lessons on both Linux and Windows. These lessons include respective user/file administration, command lines, logs, and configurations. The Windows lessons were definitely more in-depth, spanning into topics like the registry, scripting, and how to work with different Windows versions.
As far as the other topics identified (services, programming, security), the course introduces them but just enough to get you going. That is to be expected though, keep in mind this is the one and only 200-level course in the entire SANS catalog. You are definitely not going to be an IT professional, much less a security professional, with this course alone, but at least you’ll know the basics of how computers work plus a few cool tidbits of information.
My Thoughts
I really appreciate the fact that SANS recognized a problem, and then did their best to fix it. Obviously, I had already been in the IT field for almost three years when I took this course and so did not really get a whole lot out of it. I mean I finished the final exam in under 30 minutes with a 98%. But that doesn’t mean I didn’t enjoy it. James is a phenomenal teacher, and I definitely think that it was a great starting point before diving into SEC401. If someone was going into the SANS TI Undergrad or Bachelors programs (SEC275 is required in both) I’d recommend to just relax and enjoy it for what it’s worth. The lessons are easy to listen to and follow along. I think it took me like 20 hours or less to complete the whole course, which is about 1/4–1/3 of the amount of time that GSEC took me.
So yea, I think the course was good and I’m glad I got to take it. Especially glad to have beta tested the GFACT exam!
