About: FAQ

About:

GIAC Certification Exams

Tips for Success and Where to Get Help

The GIAC certification program is challenging and we want to help you succeed! We offer the following advice when pursuing your certification:

  1. Plan your time carefully. You have four months to study; take advantage of it. If you wait until the week before your exam to study you are not likely to do well.
  2. Become familiar with the certification objectives for the certification you are attempting. For a list of objectives specific to the certification you are attempting, please review the Exam Certification Objectives listed in the Certification Information found in your portal account at https://exams.giac.org/pages/attempts
  3. Especially for technical certifications, plan to spend some significant "hands-on" time with the technologies covered by your certification objectives. GIAC exams are designed to measure your ability to correctly analyze a situation and properly apply your knowledge.
  4. After significant study time to ensure mastery of the material covered by the certification objectives, attempt your first practice test to gauge your progress. Practice tests serve to get you familiar with the types of questions you can expect to see on the certification exam, as well as the testing interface in general. When taking the practice tests, you should pace yourself and practice using any references you plan on bringing with you to the testing center to simulate the exam experience. They are more beneficial when they are used as a dry run prior to the real exam. You will have the option to display the correct answer for missed questions during practice. NOTE: The first practice exam is a more accurate gauge of your skills than any subsequent practice exams.
  5. When you complete your first practice test, print out the report at the end of the exam. The report tells you how well you performed on each certification objective for your exam. If you have less than four stars for any certification objective consider refocusing your remaining study time in those areas.
  6. Don't wait until the last minute to begin studying!
  7. The exams are open book; take advantage of this.
  8. According to a survey we conducted the average GIAC certified individual spends an average of 55 hours of study time over and above of any classroom training. If you are just learning the material for the first time it could easily take three times that much study to master the certification objectives or even more. Realistically assess your own skills for each certification objective, and be prepared to spend the time required for mastery.
  9. Make sure you read the question and all answer options very carefully.
  10. Before sitting for the exam, use online resources to help address gaps in your knowledge. Search by certification objective topic areas, or specific tools or concepts. If you are a candidate for a technical certification, completing hands-on exercises and lab work from any relevant training you may have received will be a benefit. There are online exercises, challenges, packet captures, and war games available for many technical subject areas. A search engine is your friend.
  11. GIAC exams contain many application and analysis questions that require a person to apply knowledge and solve real problems relevant to the certification objectives.
  12. Send any questions to info@giac.org. In order for us to provide faster service, include your curriculum User ID or your portal SD number and what certification you are attempting so that we can easily reference your account.

What if I fail an exam?

If you fail a GIAC Certification Exam, you may purchase a retake exam for by clicking on the "Purchase Retake" link in the Certification Attempts section of the GIAC Certification Portal. Once purchased, retakes are non-refundable and non-transferable. Please click here for current pricing.
Following any GIAC exam failure, you must purchase the retake within 30 days of your listed expiration date.

Can I attempt a GIAC certification exam without formal SANS training?

When purchasing a SANS training course, the cost for the corresponding exam is $599. You may purchase an exam without formal SANS training; it is called a GIAC Certification attempt- The cost to challenge an exam is $1,049. The fee includes 2 practice exams and 1 proctored exam. Each exam will have an expiration date of 120 days (4 months) accessible from your SANS Portal Account.
Exams must be completed at a Pearson Vue testing center. For more information on the GIAC Proctor Program and its requirements, please visit http://www.giac.org/proctor/

Can I get an extension?

Candidates may purchase a 45-day GIAC extension. Please click here for current pricing.
15 days before your exam expires, an extension option will appear in your portal account. The extension adds 45 days to your current deadline. A maximum of 10 extensions can be purchased per certification attempt. Once you have reached this limit, your attempt cannot be extended any further. If you have purchased your GIAC exam in conjunction with an online training course, your online course access will be extended to match your GIAC deadline; however, please note associated course access will only be guaranteed for a total of one year, regardless of the number of certification attempt extensions you purchase.

Can I purchase two exams simultaneously, or do I have to wait another 4 months?

You may purchase and schedule GIAC exams simultaneously. Each exam will have an expiration date of 120 days (4 months) accessible from your SANS Portal Account. Test dates will need to be scheduled prior to expiration. Should you decide to train via the SANS OnDemand online slides, notes, and assessments, you may only register for one course at a time. This training venue will only allow you to purchase and gain access to the exam separately.

How are the exams delivered?

NOTE: GIAC exams are NOT given the day after the conference ends.

GIAC certification attempts purchased without SANS training will be activated in your SANS/GIAC account within 24 hours of purchase. GIAC certification attempts purchased with SANS training will be activated in your SANS/GIAC account 7 days after the end of the conference. In both cases, you will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam. GIAC exams are delivered online through a standard web browser.

How soon after the proctored exam will I receive the GIAC framed certificate?

It may take up to 4-6 weeks for your certificate to arrive in the mail. Once you pass your exam, you will be asked to confirm your name and address. Please review this information carefully to ensure for accurate and timely delivery. If proof of certification is needed sooner, Certified Professionals can find their official listing by visiting http://www.giac.org/certified_professionals/

Do I have to purchase a framed certificate?

No, you do not have to purchase a framed certificate. If you opt out of receiving the framed certificate, you will automatically be mailed the copy of your official paper certificate.

How much does it cost to receive a framed certificate?

The 10" by 13" wall-mountable wooden frame is free, but there is an additional charge of $19 within the US and Canada and $34 internationally for shipping and handling.

What is a Proctored Exam?

Under the GIAC Proctor Policy, students are required to take their GIAC certification exams in a proctored environment. For detailed information regarding the proctor requirements, please see http://www.giac.org/proctor/

A GIAC qualified proctor will verify the identity of the student and ensure that the student does not use a phone, instant messaging software, or speak with any person during an exam. GIAC exams are open book and the student is permitted to reference texts, notes, indexes, written reference materials.

Can I see what I got wrong on my exam?

Unfortunately, we can't provide a question-by-question breakdown of what you got right and what you got wrong. If we did so, it would reveal too much information about the exam and possibly compromise the exam's integrity for future students. If you had issues with specific questions, you can note that in your exam evaluation form or send an email to examreview@giac.org We do review the exams regularly for quality and review any questions that a student flags as potentially problematic. For information regarding the Exam Feedback Procedure, please see http://www.giac.org/feedback.php

Where can I find what material will be on the exams?

The exam breakdown is listed in the Examination section of the "Certification Information - READ ME FIRST" page in your portal account. You can also review the Certification Objectives on the Certification page.

Where do I take the exams?

GIAC has selected Pearson VUE as our primary partner to deliver proctored exams through their network of host locations. Pearson VUE is an industry leader and offers more than 3,500 testing centers worldwide. Please click here to find a Pearson VUE testing center near you.
If you will be taking a GIAC proctored exam in the future and do not see a testing center within a reasonable driving distance (1-2 hours), please email proctor@giac.org. GIAC will then contact you to help you set up an approved proctored environment. GIAC will also work with Pearson VUE to establish new testing centers where there are identified coverage gaps.

When I take practice exams when does it provide me with the solutions to the answers I missed ?

During the practice tests, each time you choose a wrong answer, you will receive the correct answer and an explanation that will help to reinforce the subject matter presented in the question. The practice tests also include a counter that shows the current number of questions that you answered either correctly or incorrectly and how many questions are left in the test.

Will I be able to print or view the practice exam after it has been taken?

You won't be able to print or view the exam after it has been taken.

GIAC Certification Information

What do I have to do to be a part of the GIAC Advisory Board?

Students who receive a total average score of 90% or above on GIAC certification exams are invited to join the GIAC Advisory Board.

How do I apply for GIAC Gold?

Once the concept is accepted, the individual will need to submit payment of the $399 registration fee and will be contacted by their assigned GIAC Gold Adviser within 5 business days to begin setting the path to completion.

Can I share my course materials with a colleague?

You can tell others what you have learned, however, you cannot share the course materials, in either hard copy or electronic format of PDFs and MP3 files. A policy agreement is confirmed and accepted in the registration process that your training is not to be shared. You cannot train anyone in your organization using any of our material for any reason, even as a back-up position to you.

Should I fail my proctored exam, can I purchase another attempt?

An additional exam attempt can be purchased. Please click here for current pricing.

Following any GIAC exam failure, there is a 30-day waiting period before a candidate can sit for the exam again. Purchasing an additional exam attempt after an exam failure extends the final certification deadline by 60 days; this includes the 30-day waiting period. The 30-day waiting period provides candidates with additional time that should be used to master the certification objectives.
The option to purchase an additional exam attempt will be made available through the Certification Attempt section of the GIAC Certification Portal.

How do the certifications relate to each other?

The courses and certifications are designed to be taken either independently, or in series. Students can pursue individual courses and certifications to focus on specific areas of interest or responsibility. Or, they can be taken sequentially, to provide a progressive education in information security, from basic concepts to in-depth technical knowledge. The certification listing is sorted by category to show areas of similar study. 300 level courses are the lowest level, going up to 700 level being the most advanced courses. The GSEC is intended to ensure that graduates have a strong grounding in the fundamentals of information security and are prepared for the more specialized, technical certifications.

What do I need to do to earn the certification?

GIAC certifications require one proctored exam. The exam will be delivered in a proctored environment through your portal account. For more information regarding the GIAC Proctor requirements, please see http://www.giac.org/proctor/. The exams are designed to test your knowledge of a subject and your ability to put that knowledge into practice. For specific certification requirements, please see the Certification Roadmap at http://www.giac.org/certifications/roadmap.php. For information on GIAC Gold certification, information will be posted at http://www.giac.org/gold/ as it becomes available.

What are the prerequisites to take the certification?

There are no official prerequisites to take the GIAC certifications. Any candidate who feels that he or she has the knowledge and ability to pass the certification requirements may take the certification. However, students should be aware of the technical level of the course they wish to take. The 500 level courses are more advanced than the 400 and the 400 more advanced than the 300. Be certain you are not starting at a level that is more difficult than you are prepared for. Some class descriptions provide an assessment test to make sure you are prepared for that level course, such as Sec502 and Sec503 which assume that the student has a working knowledge of the technology in question and a firm grasp of TCP/IP. Please note that currently, some GIAC certifications are only offered in conjunction with a corresponding SANS training course. This is a temporary measure intended to allow us to fine-tune our certification process - to make sure that the exams are fair and objective, and that the courses themselves are comprehensive. A number of certification attempts are available for outright purchase: https://www.giac.org/registration/cert-attempt

Do I have to take an Essentials certification before I take a higher level certification?

No. Security Essentials, Operations Essentials, Audit Essentials, and Management Essentials are all good starting points for the given area of study if you want a broad overview of security topics as opposed to focusing on a specific technology.

What is the difference between GIAC certification and GIAC Gold certification?

The requirement for earning GIAC certification is one proctored exam, which demonstrates the candidate's knowledge of the subject matter. If a candidate wishes to further distinguish him or herself, GIAC Gold is a second level of certification which requires completion of a technical paper. Technical papers will cover an important area of security related to the certification the student is seeking. After completing the exam necessary to pass the GIAC certification, students will have the option to apply for GIAC Gold Certification through their portal account. Candidates will work closely with an adviser through the process of developing their technical report. Once complete, the technical report will be reviewed for acceptance into the SANS Reading Room and the student earning GIAC Gold.

I am interested in GIAC Gold certification. Where can I find information?

Information on GIAC Gold can be seen at http://www.giac.org/gold/. Further information will be posted as it becomes available.

What kind of recognition does a GIAC certification get?

Current or prospective employers recognize GIAC certification as an indication of your demonstrated knowledge and skill in computer security. There are two basic differences between a GIAC certification and any other education or certification program. First, no one else covers this material! We have gone to extreme effort to fill in the gap, to identify the skills and knowledge that organizations wish their employees had and to find the faculty that could produce those courses. Second, you must master this material to pass. The "certificate suitable for framing" is not the purpose of the program. You are going to know the information and possess the skills that your employer desperately wants you to have. In fact, to earn a GIAC certification, you must prove you know how to do the tasks required. Employers who have reviewed the materials and the requirements have been unanimous in saying: "People who have this certification are exactly what we are looking for in our organization." In other words, the certifications will have the most valuable recognition of all - they'll be used to select employees for hiring and promotion.

Do I automatically earn a GIAC certification if I complete the course?

No. Earning a GIAC certification is a separate process. Simply completing the course does not mean that you are GIAC certified.

If I take the course, do I have to take the certification?

No. SANS Training and GIAC Certification are separate programs (though GIAC certifications are based on SANS training). SANS Training is intended to provide students with the best available education in the key areas of information security. GIAC Certifications are designed to provide an objective "benchmark" to show that an individual meets a minimum standard of skill and knowledge for people who want to demonstrate this ability for themselves or for a current or prospective employer. You do not have to take the certification if you take the course, though you have the option to do so.

How do I receive honors status?

To receive honors status, a student must hold a GIAC certification in which they have received a 90 or better on either of their exams.

Why is my paper not posted in the SANS Reading Room?

By submitting your paper to GIAC, you are giving us the right to post it on our web site. We are also giving you the opportunity to be published. All certified students can find their papers posted under the appropriate certification listing. Naturally some papers are stronger or hold more community value than others. The best of the papers will also be placed in the Reading Room. It is an honor to be posted there, beyond the listing of all students.

What is the GSE (GIAC Security Expert) certification?

The GIAC Security Expert (GSE) is intended to represent the elite of the information security field.
Before a person can attempt the GSE, they must successfully complete the following prerequisites:
GSE pre-requisite baseline is: GSEC, GCIH, GCIA with two gold.
GSEC pre-requisite is unique because of dual windows and unix coverage.
Substitution options:

  1. GCWN and GCUX combined can act as a substitute for GSEC
  2. Higher level certifications can act as substitutes for gold papers examples: GCFA, GCFW, GCUX, GCWN, GCED, GPEN, GWAPT, GAWN, GREM

GSE pre-requisite list (including substitution options):
  1. GSEC, GCIH, GCIA with two gold
  2. GSEC, GCIH, GCIA with one gold and one substitute
  3. GSEC, GCIH, GCIA with no gold and two substitutes
  4. GCWN, GCUX, GCIH, GCIA with one gold
  5. GCWN, GCUX, GCIH, GCIA with no gold and one substitute

Further information can be found at http://www.giac.org/certifications/gse.php

Can you tell me how many certified students you have in specific countries?

At this point in time we are unable to give out geographical information on certified students. That may change, but for now, it's the case.

Are GIAC certification exams transferable or refundable?

GIAC certification exams are non-transferable and non-refundable after you receive access to the exam material.

Challenge Certification

What is the Certification Attempt?

GIAC Certification can be obtained separately from SANS training. Certification attempts are the same certifications available with SANS conference or self-study training, but without the training. When you register for a Certification Attempt, you will receive access to the certification exam(s). You will also receive two sets of practice exams. You do not receive access to any course materials.

Are practice tests available?

Practice tests are currently available for most certifications. When purchasing the certification exam, whether adding it to your training or challenging the exam, you will receive two practice tests and one proctored exam. The practice tests will assist the student in preparing for the GIAC certification exam. The practice questions are written by the actual exam writers so you can be confident that the practice exams will be of the same quality as the actual exams.
An additional practice test can be purchased for $129 at http://www.giac.org/exams/practice.php

Is there any difference between a Certification Attempt and the GIAC Certifications offered with SANS training?

No, they are exactly the same. The exam is identical whether you challenge the certification or take it in conjunction with SANS training.

How long do I have to complete the certification attempt?

A certification attempt allows students 120 days (4 months) of access from the date it is place in their SANS Portal Account to complete the 2 practice and 1 proctored certification exam.
An extension can be purchase to extend access for 45 days. Please click here for current pricing.

How do I register for a certification attempt without training?

Registration for certification attempts purchased outright can be completed at the following URL: http://www.giac.org/registration/cert-attempt

What if I start and find out I don't have time to finish?

The GIAC certifications must be completed within the specified time frame. Once you register to take the certification, your certification fee is non-refundable. Be sure you carefully consider the time commitment involved in completing the certification and plan accordingly.

How can I obtain an alumni discount code?

There is an alumni rate for students that have previously taken the specific SANS training for the certification they want to challenge. For example, if you previously took SANS Security Essentials through any of the SANS training programs (conference, online training, Local Mentor program, or Online Training) you would be eligible for the discounted fee for the GSEC certification attempt. The alumni rate for full certifications is $899 USD.
Please email info@giac.org to obtain a discount code for registration. You must include the information on when, where, and through what venue you participated in the previous training. Please be sure to obtain the discount code before you register. Discounts cannot be applied to registrations that have already been submitted.

What if I buy a certification attempt and change my mind?

Certification attempts are non-transferable and non-refundable after the certification material has been activated in your account.

If my Gold certification expired and I purchase a new Certification Attempt, will I earn GIAC certification or GIAC Gold certification?

If you attempt the certification now, you have to start over from the beginning and complete the current certification requirements. If you take the exams, you will earn GIAC certification. If you want to obtain GIAC Gold certification, you can apply to do so. Your previous practical assignment will not count towards GIAC Gold. Information on GIAC Gold can be seen at http://www.giac.org/gold/

Since I don't have access to SANS courseware, where can I obtain instructional materials to help me earn the certification?

Please review the course descriptions at http://www.sans.orgto gain an understanding of what material is covered in each course. Please be sure to look at each day of training. While we certainly recommend the SANS training as the best method of preparing for the GIAC Certifications since that is what they are based on, other resources can be purchased at most book stores.

Proctor Program

Will I have to pay additional fees to take my proctored exam at a Pearson VUE testing center?

No, candidates will not have to pay additional fees to use an established Pearson VUE testing center. However, if you miss a scheduled exam appointment or need to change your exam appointment within 24 hours of your scheduled appointment, you will be charged a $150 seating fee.

Where are the specific proctored test sites, and what if there is not one in my area?

GIAC has selected Pearson VUE as our primary partner to deliver proctored exams through their network of host locations. Pearson VUE is an industry leader and offers more than 3,500 testing centers worldwide. Please click here to find a Pearson VUE testing center near you.
If you will be taking a GIAC proctored exam in the future and do not see a testing center within a reasonable driving distance (1-2 hours), please email proctor@giac.org. GIAC will then contact you to help you set up an approved proctored environment. GIAC will also work with Pearson VUE to establish new testing centers where there are identified coverage gaps.

Why did GIAC shift to a fully-proctored certification policy?

Although the GIAC certification program has been certifying individuals since 2000, recently established testing standards have been adopted by the industry at large, raising the bar for high-stake, certification-granting organizations. The move to full proctoring has brought GIAC in line with the established international standards, such as the ISO 17024 standard.

Are the exams still given in open-book format?

GIAC certification exams are open book format, but not open internet or open computer. Candidates are allowed to bring an armful of hardcopy books and notes into the testing room, leaving all other personal belongings such as wallets, purses, hats (and other head coverings), bags and coats outside of the testing room. Weapons are not allowed on testing center premises. Please leave weapons (guns, knives, etc.) at home or stored securely in your vehicle. An erasable noteboard and pen will be provided for you. Workstation space is limited, so please plan accordingly.

Why did GIAC switch to a single exam format?

After careful consideration, GIAC determined that there are benefits for both the candidates and the GIAC program by moving to a single exam format. Some of these benefits include:

  • More streamlined and efficient grading, which helped the certification-granting process run smoother
  • Compliance with industry standard practices
  • More convenient schedule for exams and proctors, which helped reduce the time and effort both GIAC and the candidates need to expend

Will the change to a proctored, single exam with no Internet access make the exams more difficult to pass?

Part of what makes a credential valuable is the differentiating point regarding who is able to achieve a passing score and who is not. Another part of what makes a credential valuable is the amount of work that individuals put into attaining it. GIAC exams are based on Certification Objectives that are derived from knowledge that holders of the certification must possess. The amount of study that individuals put into attaining certification prior to their exam date is valuable and often a deciding factor. Careful review of materials and preparation in advance of your exam will be a key to success.

Can I bring my registered firearm into the testing center?

No, Pearson VUE's policy states that weapons of any kind (guns, knives, etc. including realistic "toy" weapons) are not allowed on testing center premises. Please leave weapons at home or stored securely in your vehicle. The only exemption is for law enforcement or security personnel coming on site to perform their duty, such as apprehending a dangerous individual. This exemption does not apply to law enforcement or security personnel scheduled to take a test; such persons must leave weapons at home or stored securely in their vehicle.

What if I am unable to schedule an appointment to take my exam before its expiration date?

We strongly advise all certification candidates to schedule their exam appointment as soon as possible to avoid this problem. You can always reschedule your appointment through your SANS/GIAC account if your availability changes, as long as you do so at least 24 hours in advance of your originally scheduled appointment. Please note that if you need to cancel or reschedule your exam less than 24 hours in advance, you will forfeit your appointment and be charged a $150 seating fee.

GIAC Exam Technical Issues

What can I do to check and see if I am likely to have problems?

We have developed an automated test that you can use to help determine if you are likely to have problems during an exam. While nothing can predict with 100% accuracy whether you will or will not have problems, running this automated test will give you a much better idea of the likelihood. GIAC STRONGLY encourages all candidates to run this assessment test prior to taking a certification exam. We will be unable to provide you with any connectivity-related assistance unless the automated assessment was completed prior to the start of the exam.
Follow the steps shown below to run the automated assessment:

  • Log into your portal account
  • Go to https://www.sans.org/assessments/math.php
  • Click "Get your Free Exam"
  • Click "Practice Exams"
  • Select "Automated Math Test Exam" and click the "Select Exam" button.
  • Carefully read the instructions then select your network connection speed.
  • Click "Start Exam"
  • After the exam is finished, make a note of how long the exam took, then click the "Home" button.

A good rule of thumb is that if the automated test takes more than 11 minutes then you are likely to have problems during the exam. In these cases you should look for items like the ones addressed in the questions below, make any necessary corrections, and then retest. In some cases it may be necessary to check during non-peak hours or simply to take your exam from another location if you are consistently seeing problems.

When I tried to start my exam, I got a message saying that Javascript is disabled, what do I do?

When starting the exam, if you see the error message stating that Javascript is disabled you will need to enable Javascript in your browser and/or disable any script-blocking plug-ins that are running in order to start your exam.

Why do some pages load quickly while others seem to take a long time?

During an exam you occasionally get pages that take a long time (more than 30 seconds) to load while other pages load normally.
This can be caused by a number of different things. They are all generally related to a lack of available bandwidth. This is generally a greater problem for dial-up and lower speed broadband users. Some things to check include:

  • Ensuring that you are not concurrently downloading large files or multiple files from different locations.
  • That you do not have any file sharing or peer-to-peer applications running on the desktop.
  • That you do not have any additional browser windows or tabs open, especially to streaming audio or VOD sites.
  • If you have a low bandwidth connection ensure that its not being used by other people, especially for any of the items listed above
  • Remember that VoIP, VPNs, and items of that nature can be extremely bandwidth intensive.

I am getting "The page cannot be displayed" error message, what do I do?

Getting "The page cannot be displayed" error after submitting an answer may happen consistently or occasionally.
"The page cannot be displayed" indicates that your browser cannot connect to our exam engine. This could be caused by anything from temporary loss of Internet connectivity to improperly configured proxies and firewalls. If you get this error in the middle of an exam you will need to click the refresh button to reload the page.
Verification: Go to the following sites:
http://whatismyipaddress.com
http://whatsmyip.com
http://ipaddressworld.com

If the last octet of your IP address changes for any of the sites this is a likely indication of a load balancing firewall or proxy issue. Some organizations use multiple load balanced firewalls which makes it appear to our servers that the client machine has rolling IP address. Requests going out one firewall are routed back in through a different one and the connection is dropped as a result.
Solution: Add a persistent rule for sans.org and giac.org so that the same firewall would be used all the time.

General Information

What is SANS Training?

SANS Training provides a core set of educational courses designed to help you master the practical steps necessary for defending your systems and networks against the most dangerous threats - the ones being actively exploited. The courses were developed through the community consensus of hundreds of administrators, security managers, and information security professionals, and address both security fundamentals and the in-depth technical aspects of the most crucial areas of information security. The SANS Training courses can be taken on their own, or to help you prepare for the GIAC Certifications. There is more information in the SANS FAQ at http://www.sans.org/faq.php and the SANS Training Roadmap at http://www.sans.org/conference/trainingroadmap.php.

How does GIAC compare to other certifications that are available?

A certification attempt sets an objective standard or measurement of ability. Candidates who successfully pass a given certification are assumed to possess a minimum level of knowledge and skill. How well a given certification sets and measures that standard, whether the certification has value or is considered a "paper" certification, depends largely on how that certification is designed and administered.
We feel that there are a number of factors that set GIAC apart from other certification programs:

  • Emphasis on the practical application of knowledge. While GIAC places importance on the theories and best practices behind information security, we also place a very strong emphasis on the practical application of that knowledge to "real world" situations. GIAC ensures that not only do you "know the stuff," you can also "do the work."
  • Demonstrated ability. Students who complete technical research papers are publicly posted to the GIAC web site, both to demonstrate their ability and to help to educate others in the security field.
  • Community focus. Both SANS and GIAC place a strong emphasis on the security community as a whole. We all must share information and learn from each other if we are to successfully protect and defend our networks and systems. There is a strong emphasis on "giving back to the community", through SANS Consensus Projects, incidents.org, student papers, and the Information Security Reading Room, to name a few.

What is the comparison between CISSP and GIAC?

The primary difference is that the CISSP focuses on concepts, which is of course essential. GIAC covers concepts, but focuses more on the practical skills needed to apply those concepts on the job. Another difference is that you must be a security professional with a minimum of three years of experience in the field before you are even allowed to sit for the CISSP. There is no experience requirement to sit for any of the GIAC certifications. Additional information on GIAC can be found at the FAQ link, above, or the GIAC home page at http://www.giac.org

What is GIAC Certification?

GIAC Certification provides an independent method of assuring that security professionals meet a minimum standard of technical competency. Individuals who hold a GIAC Certification have demonstrated both that they know what needs to be done to secure and administer systems, and have demonstrated that they can put that knowledge into practice.

Where can I find information on SANS training, registration, and portal accounts?

For information on SANS training, registration, and portal accounts, please visit the SANS FAQ at http://www.sans.org/faq.php

How do I contact someone about GIAC?

We can be reached by e-mail at info@giac.org If you are currently enrolled in the GIAC certification program, please include your username and the email address with which you registered. Please be sure that you can receive email from giac.org, giac.net, and sans.org to ensure that you receive all correspondence from SANS and GIAC.

Where can I find information about the SANS Masters Programs?

The URL for the SANS Technology Institute is http://www.sans.edu

Financial Aid

What payment options are available for GIAC certification?

We accept credit cards, checks, wire transfers, and USA and Canadian federal government Purchase Orders. For credit cards, we accept American Express, MasterCard, Visa, and Diners Club.

Is GIAC certification eligible for reimbursement under the GI Bill?

Select GIAC certifications are available for VA reimbursement for Chapter 30 and Chapter 35 veterans and eligible dependents. Please note that VA reimbursement is only for GIAC certification and does not include SANS training. The following certifications are eligible for reimbursement under the GI Bill:

  • GIAC Security Leadership Certification (GSLC)
  • GIAC Security Essentials Certification (GSEC)
  • GIAC Certified Firewall Analyst (GCFW)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Windows Security Administrator (GCWN)
  • GIAC Certified UNIX Security Administrator (GCUX)
  • GIAC Systems and Network Auditor (GSNA)
  • GIAC Certified Forensics Analyst (GCFA)
  • GIAC Information Security Fundamentals (GISF)
  • GIAC Assessing Wireless Networks (GAWN)
  • GIAC Certified ISO-27000 Specialist (G2700)
  • GIAC Legal Issues (GLEG)
  • GIAC Information Security Professional (GISP)
  • GIAC Reverse Engineering Malware (GREM)
  • GIAC Certified Penetration Tester (GPEN)

Veterans can apply using VA Form 22-1990 or by sending a letter to the VA Regional Processing Center that handles their state. To request reimbursement of the exam fee under LACAS, you must submit a copy of your exam score, receipt for payment of the exam fee, and signed statement authorizing the VA to verify test results with GIAC. Information about the program is at the VA website at http://www.va.gov/ under Education benefits.

Will my employer support the GIAC program?

Many employers are willing to cover the costs of GIAC certification directly as part of an existing training program for their employees. In addition, some employers offer tuition assistance programs (where you,as the employee, pay the cost of the program, and the employer reimburses you in whole or in part; reimbursement may depend on your performance in the program) as a fringe benefit. Check with your employer for information.