Course Review: SANS SEC401 Security Essential (GSEC)

The first course for the SANS Master of Science in Information Security Engineering program is SEC401 Security Essentials. I have read so many great things about SANS material and how their certification exams are open book, so I was very excited to get started and see what all the fuss was a about.


I opted to go with the OnDemand option, which came with the following:

  • Official courseware books (sent via USPS)
  • 25+ hours of video training
  • Labs
  • Two practice exams

There are six books, one book for each day of their in-person training.

  • 1: Network Security Essentials
  • 2: Defense-In-Depth and Attacks
  • 3: Threat Management
  • 4: Crypto, Risk Management and Response
  • 5: Windows Security
  • 6: Linux Security

Studying Strategy

I pick up material faster by reviewing new topics via video. Once I comprehend the basics, I can pick up material faster through books. I knocked out the 25+ hours of video within the first week (tip: play the video at x1.25 or x1.50 to save you some time). A goal of mine was to study at least 3 hours a day.

Once the videos were done, I moved onto the courseware books. I decided to go with a new approach which included going through the material three times. My first run through of the books was solely reading with no note taking. From my past experiences, when I would take notes right away, I found myself taking forever to get through the material because I wanted to write down everything. During my second run through, I only highlighted information I found hard to grasp or topics I thought would for sure be on the test. Finally, with the third run through, I didn’t necessarily read every word, but I reviewed what I highlighted and decided if it was worth writing down.


The famous SANS index! This idea of an open book certification test is brand new to me but also super intriguing. It’s especially intriguing because with the exams being open book, they are still highly regarded in the information security arena.

What I liked was that SANS provides an index in the back of book 6 so you don’t need to start from scratch. What I decided to do was take the first practice exam with the index SANS provided and tune-it, depending on how I did. I received an 87% on my practice exam, which was good but I was spending too much time looking up topics, so I decided to add to the index.

Practice Exams

The practice exams are of high quality and are similar to the real test, but you won’t see any duplicate questions. If you are scoring in the 80’s on your practice exams, I believe you are definitely ready to take the real thing. One thing I did not like about the practice exams, is that once it was over, you are not able to review the test…you will need to write down what you got wrong while taking the test. It would be more useful if the students could review the questions after the practice exam was over, so we don’t feel rushed trying to write down why we got the questions wrong but still trying to take the test.


Like I mentioned in the last section, the practice exams are very similar to the real test, so you should not be caught off guard in any way. I passed the exam with an 87%.


If you are new to security, then I would definitely recommend this course if your company is going to foot the bill. If you are paying out of pocket, I would suggest self-studying for CompTIA’s Security+.

Besides the amount of the information in the courseware, I found the real-life experiences and stories from the instructor to be super valuable and interesting. It’s one thing to read the material and understand the topics, but it’s another to have an information security expert tell you stories that involve what you’re learning…it really drives home the point.

You may also like