The GIAC Certified Incident Handler (GCIH) certification was my second attempt at SANS training.  This time I had a much better idea of what to expect.  This experience was incredible.  I got to talk with many people in the industry and bounce ideas off of them, and I got to connect with several more senior security consultants, managers and penetration testers.  I was able to learn and practice more in these few days than I had in the entire year previous.

Once I returned and began studying, I knew how to do it right.  I built an index from the course materials, read through them over and over again and then start taking the practice tests.  Once I ran through the two practice tests and got an acceptable score, I scheduled the final exam and took it.  This time, I got a 99% (though I still don’t know why the one question I missed was wrong).  This score was high enough to let me into the SANS Advisory Board… which is when everything changed.

This group allows me to communicate, on a daily basis, with a wide range of security-minded professionals.  I get to practice my consulting skills with a group that knows enough to let me know when I get something wrong and I get to leverage their expertise when I need it.  More than any of the other (many) communities I am a part of, this is the most supportive and the most focused on education.  It was well worth all the work.

I intend to renew this certification by taking it to Gold as well.