About: FAQ

Tips for Success and Where to Get Help

The GIAC certification program is challenging and we want to help you succeed! We offer the following advice when pursuing your certification:

1. Plan your time carefully. You have four months to study; take advantage of it. If you wait until the week before your exam to study you are not likely to do well.
2. Become familiar with the certification objectives for the certification you are attempting. For a list of objectives specific to the certification you are attempting, please review the Exam Certification Objectives listed in the Certification Information found in your portal account at https://exams.giac.org/pages/attempts
3. Especially for technical certifications, plan to spend some significant "hands-on" time with the technologies covered by your certification objectives. GIAC exams are designed to measure your ability to correctly analyze a situation and properly apply your knowledge.
4. After significant study time to ensure mastery of the material covered by the certification objectives, attempt your first practice test to gauge your progress. Practice tests serve to get you familiar with the types of questions you can expect to see on the certification exam, as well as the testing interface in general. When taking the practice tests, you should pace yourself and practice using any references you plan on bringing with you to the testing center to simulate the exam experience. They are more beneficial when they are used as a dry run prior to the real exam. You will have the option to display the correct answer for missed questions during practice. NOTE: The first practice exam is a more accurate gauge of your skills than any subsequent practice exams.
5. When you complete your first practice test, print out the report at the end of the exam. The report tells you how well you performed on each certification objective for your exam. If you have less than four stars for any certification objective consider refocusing your remaining study time in those areas.
6. Don't wait until the last minute to begin studying!
7. The exams are open book; take advantage of this.
8. According to a survey we conducted the average GIAC certified individual spends an average of 55 hours of study time over and above of any classroom training. If you are just learning the material for the first time it could easily take three times that much study to master the certification objectives or even more. Realistically assess your own skills for each certification objective, and be prepared to spend the time required for mastery.
9. Make sure you read the question and all answer options very carefully.
10. Before sitting for the exam, use on-line resources to help address gaps in your knowledge. Search by certification objective topic areas, or specific tools or concepts. If you are a candidate for a technical certification, completing hands-on exercises and lab work from any relevant training you may have received will be a benefit. There are on-line exercises, challenges, packet captures, and war games available for many technical subject areas. A search engine is your friend.
11. GIAC exams contain many application and analysis questions that require a person to apply knowledge and solve real problems relevant to the certification objectives.
12. Send any questions to info@giac.org. In order for us to provide faster service, include your curriculum User ID or your portal SD number and what certification you are attempting so that we can easily reference your account.

If you fail a GIAC Certification Exam, you may purchase a retake exam for by clicking on the "Purchase Retake" link in the Certification Attempts section of the GIAC Certification Portal. Once purchased, retakes are non-refundable and non-transferable. Please click here for current pricing.

Following any GIAC exam failure, you must purchase the retake within 30 days of your listed expiration date.

When purchasing a SANS training course, the cost for the corresponding exam is $579. You may purchase an exam without formal SANS training; it is called a GIAC Challenge Exam - The cost to challenge an exam is $999. The fee includes 2 practice exams and 1 proctored exam. Each exam will have an expiration date of 120 days (4 months) accessible from your SANS Portal Account.

Exams are still taken online, however, effective December 2007, we also require that a proctor be present when you take your test. For more information on the GIAC Proctor Program and its requirements, please visit http://www.giac.org/proctor/

Candidates may purchase a 45-day extension. Please click here for current pricing.

15 days before your exam expires, an extension option will appear in your portal account. The extension adds 45 days to your current deadline. A maximum of 10 extensions can be purchased per certification attempt. Once you have reached this limit, your attempt cannot be extended any further.

You may purchase and schedule GIAC exams simultaneously. Each exam will have an expiration date of 120 days (4 months) accessible from your SANS Portal Account. Test dates will need to be schedule prior to its expiration. Should you decide to train via the SANS OnDemand online slides, notes, and assessments, you may only register for one course at a time. This training venue will only allow you to purchase and gain access to the exam separately.

NOTE: GIAC exams are NOT given the day after the conference ends.

GIAC certification attempts purchased without SANS training will be activated in your SANS/GIAC account within 24 business hours of purchase. GIAC certification attempts purchased with SANS training will be activated in your SANS/GIAC account 7-10 business days after the end of the conference. In both cases, you will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam. GIAC exams are delivered online through a standard web browser.

It may take up to 4-6 weeks for your certificate to arrive in the mail. Once you pass your exam, you will be asked to confirm your name and address. Please review this information carefully to ensure for accurate and timely delivery. If proof of certification is needed sooner, Certified Professionals can find their official listing by visiting http://www.giac.org/certified_professionals/.

Under the GIAC Proctor Policy, students are required to take their GIAC certification exams in a proctored environment. For detailed information regarding the proctor requirements, please see http://www.giac.org/proctor/.

A GIAC qualified proctor will verify the identity of the student and ensure that the student does not use a phone, instant messaging software, or speak with any person during an exam. GIAC exams are open book and the student is permitted to reference texts, notes, indexes, written reference materials.

Unfortunately, we can't provide a question-by-question breakdown of what you got right and what you got wrong. If we did so, it would reveal too much information about the exam and possibly compromise the exam's integrity for future students. If you had issues with specific questions, you can note that in your exam evaluation form or send an email to examreview@giac.org. We do review the exams regularly for quality and review any questions that a student flags as potentially problematic. For information regarding the Exam Feedback Procedure, please see http://www.giac.org/feedback.php.

The exam breakdown is listed in the Examination section of the "Certification Information - READ ME FIRST" page in your portal account.

GIAC has selected Pearson VUE as our primary partner to deliver proctored exams through their network of host locations. Pearson VUE is an industry leader and offers more than 3,500 testing centers worldwide. Please click here to find a Pearson VUE testing center near you.

If you will be taking a GIAC proctored exam in the future and do not see a testing center within a reasonable driving distance (1-2 hours), please fill out this form with your location specifics. GIAC will then contact you to help you set up an approved proctored environment. GIAC will also work with Pearson VUE to establish new testing centers where there are identified coverage gaps.

During the practice tests, each time you choose a wrong answer, you will receive the correct answer and an explanation that will help to reinforce the subject matter presented in the question. The practice tests also include a counter that shows the current number of questions that you answered correctly, wrong and how many questions are left in the test.

You won't be able to print or view the exam after it has been taken.

Students who receive a total average score of 90% or above on GIAC certification exams are invited to join the GIAC Advisory Board.

You can tell others what you have learned, however, you can not share the course materials, in either hard copy or electronic format of PDFs and MP3 files. A policy agreement is confirmed and accepted in the registration process that your training is not to be shared. You can not train anyone in your organization using any of our material for any reason, even as a back-up position to you.

An additional exam attempt can be purchased. Please click here for current pricing.

Following any GIAC exam failure, there is a 30-day waiting period before a candidate can sit for the exam again. Purchasing an additional exam attempt after an exam failure extends the final certification deadline by 60 days; this includes the 30-day waiting period. The 30-day waiting period provides candidates with additional time that should be used to master the certification objectives.

The option to purchase an additional exam attempt will be made available through the Certification Attempt section of the GIAC Certification Portal.

The courses and certifications are designed to be taken either independently, or in series. Students can pursue individual courses and certifications to focus on specific areas of interest or responsibility. Or, they can be taken sequentially, to provide a progressive education in information security, from basic concepts to in-depth technical knowledge. The certification listing is sorted by category to show areas of similar study. 300 level courses are the lowest level, going up to 700 level being the most advanced courses. The GSEC is intended to ensure that graduates have a strong grounding in the fundamentals of information security and are prepared for the more specialized, technical certifications.

GIAC certifications require one proctored exam. The exam will be delivered in a proctored environment through your portal account. For more information regarding the GIAC Proctor requirements, please see http://www.giac.org/proctor/. The exams are designed to test your knowledge of a subject and your ability to put that knowledge into practice. For specific certification requirements, please see the Certification Roadmap at http://www.giac.org/certifications/roadmap.php. For information on GIAC Gold certification, information will be posted at http://www.giac.org/gold/ as it becomes available.

There are no official prerequisites to take the GIAC certifications. Any candidate who feels that he or she has the knowledge and ability to pass the certification requirements may take the certification. However, students should be aware of the technical level of the course they wish to take. The 500 level courses are more advanced than the 400 and the 400 more advanced than the 300. Be certain you are not starting at a level that is more difficult than you are prepared for. Some class descriptions provide a "quiz" to make sure you are prepared for that level course, such as Sec-502 and Sec-503 which assume that the student has a working knowledge of the technology in question and a firm grasp of TCP/IP. Please note that currently, some GIAC certifications are only offered in conjunction with a corresponding SANS training course. This is a temporary measure intended to allow us to fine-tune our certification process - to make sure that the exams are fair and objective, and that the courses themselves are comprehensive. A number of certifications are available for challenge; you can find a whole listing on the Challenge Certification page at http://www.giac.org/reginfo/challenge.php.

No. Security Essentials, Operations Essentials, Audit Essentials, and Management Essentials are all good starting points for the given area of study if you want a broad overview of security topics as opposed to focusing on a specific technology.

The requirement for earning GIAC certification is one proctored exam, which demonstrates the candidate's knowledge of the subject matter. If a candidate wishes to further distinguish him or herself, GIAC Gold is a second level of certification which requires completion of a technical paper. Technical papers will cover an important area of security related to the certification the student is seeking. After completing the exam necessary to pass the GIAC certification, students will have the option to apply for GIAC Gold Certification through their portal account. Candidates will work closely with an adviser through the process of developing their technical report. Once complete, the technical report will be reviewed for acceptance into the SANS Reading Room and the student earning GIAC Gold.

Information on GIAC Gold can be seen at http://www.giac.org/gold/. Further information will be posted as it becomes available.

Current or prospective employers recognize GIAC certification as an indication of your demonstrated knowledge and skill in computer security. There are two basic differences between a GIAC certification and any other education or certification program. First, no one else covers this material! We have gone to extreme effort to fill in the gap, to identify the skills and knowledge that organizations wish their employees had and to find the faculty that could produce those courses. Second, you must master this material to pass. The "certificate suitable for framing" is not the purpose of the program. You are going to know the information and possess the skills that your employer desperately wants you to have. In fact, to earn a GIAC certification, you must prove you know how to do the tasks required. Employers who have reviewed the materials and the requirements have been unanimous in saying: "People who have this certification are exactly what we are looking for in our organization." In other words, the certifications will have the most valuable recognition of all - they'll be used to select employees for hiring and promotion.

No. Earning a GIAC certification is a separate process. Simply completing the course does not mean that you are GIAC certified.

No. SANS Training and GIAC Certification are separate programs (though GIAC certifications are based on SANS training). SANS Training is intended to provide students with the best available education in the key areas of information security. GIAC Certifications are designed to provide an objective "benchmark" to show that an individual meets a minimum standard of skill and knowledge for people who want to demonstrate this ability for themselves or for a current or prospective employer. You do not have to take the certification if you take the course, though you have the option to do so.

To receive honors status, a student must hold a GIAC certification in which they have received a 90 or better on either of their exams

By submitting your paper to GIAC, you are giving us the right to post it on our web site. We are also giving you the opportunity to be published. All certified students can find their papers posted under the appropriate certification listing. Naturally some papers are stronger or hold more community value than others. The best of the papers will also be placed in the Reading Room. It is an honor to be posted there, beyond the listing of all students.

The GIAC Security Expert (GSE) is intended to represent the elite of the information security field.

Before a person can attempt the GSE, they must successfully complete the following prerequisites.

GSE pre-requisite baseline is: GSEC, GCIH, GCIA with two gold.

GSEC pre-requisite is unique because of dual windows and unix coverage.

Substitution options:

1.GCWN & GCUX combined can act as a substitute for GSEC

2.Higher level certifications can act as substitutes for gold papers examples: GCFA, GCFW, GCUX, GCWN, GCED, GPEN, GWAPT, GAWN, GREM

GSE pre-requisite list (including substitution options):

(A) GSEC, GCIH, GCIA with two gold
(B) GSEC, GCIH, GCIA with one gold and one substitute
(C) GSEC, GCIH, GCIA with no gold and two substitutes
(D) GCWN, GCUX, GCIH, GCIA with one gold
(E) GCWN, GCUX, GCIH, GCIA with no gold and one substitute

Further information can be found at http://www.giac.org/certifications/gse.php.

At this point in time we are unable to give out geographical information on certified students. That may change, but for now, it's the case.

GIAC certification exams are non-transferable and non-refundable after you receive access to the exam material.

GIAC Certification can be obtained separately from SANS training. Challenge Certifications are the same certifications available with SANS conference or self-study training, but without the training. When you register for a Challenge Certification, you will receive access to the certification exam(s). With registration for full certifications, you will also receive two sets of practice exams. You do not receive access to any course materials.

Practice tests are currently available for most certifications. When purchasing the certification exam, whether adding it to your training or challenging the exam, you will receive two practice tests and one proctored exam. The practice tests will assist the student in preparing for the GIAC certification exam. The practice questions are written by the actual exam writers so you can be confident that the practice exams will be of the same quality as the actual exams.

An additional practice test can be purchased for $129 at http://www.giac.org/exams/practice.php.

No, they are exactly the same. The exam is identical whether you challenge the certification or take it in conjunction with SANS training.

A certification attempt allow students 120 days (4 months) of access from the date it is place in their SANS Portal Account to complete the 2 practice and 1 proctored certification exam.

An extension can be purchase to extend access for 45 days. Please click here for current pricing.

Registration for challenge certifications can be completed at the following url; http://www.giac.org/registration/challenge

The GIAC certifications must be completed within the specified time frame. Once you register to take the certification, your certification fee is non-refundable. Be sure you carefully consider the time commitment involved in completing the certification and plan accordingly.

There is an alumni rate for students that have previously taken the specific SANS training for the certification they want to challenge. For example, if you previously took SANS Security Essentials through any of the SANS training programs (conference, online training, Local Mentor program, or Online Training) you would be eligible for the discounted fee for the GSEC Challenge. The alumni rate for full certifications is $849 USD.

Please email info@giac.org to obtain a discount code for registration. You must include the information on when, where, and through what venue you participated in the previous training. Please be sure to obtain the discount code before you register. Discounts cannot be applied to registrations that have already been submitted.

Challenge certifications are non-transferable and non-refundable after the certification material has been activated in your account.

If you challenge the certification now, you have to start over from the beginning and complete the current certification requirements. If you take the exams, you will earn GIAC certification. If you want to obtain GIAC Gold certification, you can apply to do so. Your previous practical assignment will not count towards GIAC Gold. Information on GIAC Gold can be seen at http://www.giac.org/gold/

Please review the course descriptions at http://www.sans.org to gain an understanding of what material is covered in each course. Please be sure to look at each day of training. While we certainly recommend the SANS training as the best method of preparing for the GIAC Certifications since that is what they are based on, other resources can be purchased at most book stores.

No, candidates will not have to pay additional fees to use an established Pearson VUE testing center. However, if you miss a scheduled exam appointment or need to change your exam appointment within 24 hours of your scheduled appointment, you will be charged a $150 seating fee. (If you have an exam appointment still scheduled through Kryterion, you will be charged the $150 seating fee if you miss or need to change your exam appointment within 72 business hours of your scheduled appointment.)

GIAC has selected Pearson VUE as our primary partner to deliver proctored exams through their network of host locations. Pearson VUE is an industry leader and offers more than 3,500 testing centers worldwide. Please click here to find a Pearson VUE testing center near you.

If you will be taking a GIAC proctored exam in the future and do not see a testing center within a reasonable driving distance (1-2 hours), please fill out this form with your location specifics. GIAC will then contact you to help you set up an approved proctored environment. GIAC will also work with Pearson VUE to establish new testing centers where there are identified coverage gaps.

GIAC certification exams are open book format, but not open internet or open computer. Candidates are allowed to bring one arm full of books and notes into the testing room, leaving all other personal belongings outside of the testing room. An erasable noteboard and pen will be provided for you. Workstation space is limited, so please plan accordingly.

Electronic devices (laptops, PDAs, thumb drives, software applications, phones, calculators, cameras, etc.) are strictly forbidden. You will be provided with an onscreen calculator, should you need one during the test. Candidates are not able to access anything stored electronically during the exam (.pdf or Word documents, Internet websites, etc.). The testing process only allows one connection out to the GIAC Exam Engine. It will not allow connections to private web pages, so any material posted to private web pages is not accessible during GIAC exams. We recommend that you print any study guide materials and bring them as hard, paper copies.

After careful consideration, GIAC determined that there are benefits for both the candidates and the GIAC program by moving to a single exam format. Some of these benefits include:

• More streamlined and efficient grading, which helped the certification-granting process run smoother
• Compliance with industry standard practices
• More convenient schedule for exams and proctors, which helped reduce the time and effort both GIAC and the candidates need to expend

Part of what makes a credential valuable is the differentiating point regarding who is able to achieve a passing score and who is not. Another part of what makes a credential valuable is the amount of work that individuals put into attaining it. GIAC exams are based on Certification Objectives that are derived from knowledge that holders of the certification must possess. The amount of study that individuals put into attaining certification prior to their exam date is valuable and often a deciding factor. Careful review of materials and preparation in advance of your exam will be a key to success.

We strongly advise all certification candidates to schedule their exam appointment as soon as possible to avoid this problem. You can always reschedule your appointment through your SANS/GIAC account if your availability changes, as long as you do so at least 24 hours in advance of your originally scheduled appointment. Please note that if you need to cancel or reschedule your exam less than 24 hours in advance, you will forfeit your appointment and be charged a $150 seating fee. (Exam appointments scheduled through Kryterion must be canceled or rescheduled at least 72 business hours in advance of your originally scheduled appointment, or you will be charged the $150 seating fee.)

When starting the exam, if you see the error message stating that Javascript is disabled you will need to enable Javascript in your browser and/or disable any script-blocking plug-ins that are running in order to start your exam.

During an exam you occasionally get pages that take a long time (more than 30 seconds) to load while other pages load normally.

This can be caused by a number of different things. They are all generally related to a lack of available bandwidth. This is generally a greater problem for dial-up and lower speed broadband users. Some things to check include:

▪ Ensuring that you are not concurrently downloading large files or multiple files from different locations.
▪ That you do not have any file sharing or peer-to-peer applications running on the desktop.
▪ That you do not have any additional browser windows or tabs open, especially to streaming audio or VOD sites.
▪ If you have a low bandwidth connection ensure that it’s not being used by other people, especially for any of the items listed above
▪ Remember that VoIP, VPNs, and items of that nature can be extremely bandwidth intensive.

Getting "The page cannot be displayed" error after submitting an answer may happen consistently or occasionally.

"The page cannot be displayed" indicates that your browser cannot connect to our exam engine. This could be caused by anything from temporary loss of Internet connectivity to improperly configured proxies and firewalls. If you get this error in the middle of an exam you will need to click the refresh button to reload the page.

Verification: Go to the following sites:

http://whatismyipaddress.com
http://whatsmyip.com
http://ipaddressworld.com

If the last octet of your IP address changes for any of the sites this is a likely indication of a load balancing firewall or proxy issue. Some organizations use multiple load balanced firewalls which makes it appear to our servers that the client machine has rolling IP address. Requests going out one firewall are routed back in through a different one and the connection is dropped as a result.

Solution: Add a persistent rule for sans.org and giac.org so that the same firewall would be used all the time.

SANS Training provides a core set of educational courses designed to help you master the practical steps necessary for defending your systems and networks against the most dangerous threats - the ones being actively exploited. The courses were developed through the community consensus of hundreds of administrators, security managers, and information security professionals, and address both security fundamentals and the in-depth technical aspects of the most crucial areas of information security. The SANS Training courses can be taken on their own, or to help you prepare for the GIAC Certifications. There is more information in the SANS FAQ at http://www.sans.org/faq.php and the SANS Training Roadmap at http://www.sans.org/conference/trainingroadmap.php.

A certification attempt sets an objective standard or measurement of ability. Candidates who successfully pass a given certification are assumed to possess a minimum level of knowledge and skill. How well a given certification sets and measures that standard, whether the certification has value or is considered a "paper" certification, depends largely on how that certification is designed and administered.

We feel that there are a number of factors that set GIAC apart from other certification programs:

• Emphasis on the practical application of knowledge. While GIAC places importance on the theories and best practices behind information security, we also place a very strong emphasis on the practical application of that knowledge to "real world" situations. GIAC ensures that not only do you "know the stuff," you can also "do the work."
• Demonstrated ability. Students who complete technical research papers are publicly posted to the GIAC web site, both to demonstrate their ability and to help to educate others in the security field.
• Community focus. Both SANS and GIAC place a strong emphasis on the security community as a whole. We all must share information and learn from each other if we are to successfully protect and defend our networks and systems. There is a strong emphasis on "giving back to the community", through SANS Consensus Projects, incidents.org, student papers, and the Information Security Reading Room, to name a few.

The primary difference is that the CISSP focuses on concepts, which is of course essential. GIAC covers concepts, but focuses more on the practical skills needed to apply those concepts on the job. Another difference is that you must be a security professional with a minimum of three years of experience in the field before you are even allowed to sit for the CISSP. There is no experience requirement to sit for any of the GIAC certifications. Additional information on GIAC can be found at the FAQ link, above, or the GIAC home page at http://www.giac.org

GIAC Certification provides an independent method of assuring that security professionals meet a minimum standard of technical competency. Individuals who hold a GIAC Certification have demonstrated both that they know what needs to be done to secure and administer systems, and have demonstrated that they can put that knowledge into practice.

For information on SANS training, registration, and portal accounts, please visit the SANS FAQ at http://www.sans.org/faq.php.

We can be reached by e-mail at info@giac.org. If you are currently enrolled in the GIAC certification program, please include your username and the email address with which you registered. Please be sure that you can receive email from giac.org, giac.net, and sans.org to ensure that you receive all correspondence from SANS and GIAC.

The URL for the SANS Technology Institute is http://www.sans.edu

We accept credit cards, checks, wire transfers, and USA and Canadian federal government Purchase Orders. For credit cards, we accept American Express, MasterCard, Visa, and Diners Club.

Select GIAC certifications are available for VA reimbursement for Chapter 30 and Chapter 35 veterans and eligible dependents. Please note that VA reimbursement is only for GIAC certification and does not include SANS training. The following certifications are eligible for reimbursement under the GI Bill:

• GIAC Security Leadership Certification (GSLC)
• GIAC Security Essentials Certification (GSEC)
• GIAC Certified Firewall Analyst (GCFW)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Windows Security Administrator (GCWN)
• GIAC Certified UNIX Security Administrator (GCUX)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Forensics Analyst (GCFA)
• GIAC Information Security Fundamentals (GISF)
• GIAC Assessing Wireless Networks (GAWN)
• GIAC Certified ISO-27000 Specialist (G2700)
• GIAC Legal Issues (GLEG)
• GIAC Information Security Professional (GISP)
• GIAC Reverse Engineering Malware (GREM)
• GIAC Certified Penetration Tester (GPEN)

Veterans can apply using VA Form 22-1990 or by sending a letter to the VA Regional Processing Center that handles their state. To request reimbursement of the exam fee under LACAS, you must submit a copy of your exam score, receipt for payment of the exam fee, and signed statement authorizing the VA to verify test results with GIAC. Information about the program is at the VA website at http://www.va.gov/ under Education benefits.

Many employers are willing to cover the costs of GIAC certification directly as part of an existing training program for their employees. In addition, some employers offer tuition assistance programs (where you (as the employee) pay the cost of the program, and the employer reimburses you in whole or in part; reimbursement may depend on your performance in the program) as a fringe benefit. Check with your employer for information.