The GIAC Security Essentials Certification (GSEC) was created to provide assurance that a certified individual holds the appropriate level of knowledge and skill necessary for anyone with hands on technical responsibilities in the key or essential areas of information security.
All GIAC certifications expire in a period of 4 years. Candidates must review the information and retake the exams in order to remain certified. Although there are other entry level certifications available, GIAC is the only information security certification family including advanced technical subject areas.
The practice tests are taken on-line and are designed to simulate the format of the actual GIAC exams with the same number of tests, multiple-choice questions and time-limits. The practice test questions, which are selected from our Online Training quiz bins, are written by the same authors who write the GIAC exams. During the practice tests, each time you choose a wrong answer, you will receive the correct answer and an explanation that will help to reinforce the subject matter presented in the question. The practice tests also include a counter that shows the current number of questions that you answered correctly, wrong and how many questions are left in the test. You will only have one attempt at each practice test, if you need more attempts you will need to purchase another set. If you purchase a new practice test set, the on-line system will quiz you again on the questions that were originally answered incorrectly while asking new questions.
The topic areas for each exam part follow:
| Exam Certification Objectives | Certification Objective Outcome Statement |
|---|---|
802.11 | The candidate will be able to identify the different 802.11x protocols, and understand key characteristics. |
Access Control Theory | The candidate will understand the fundamental theory of access control. |
Alternate Network Mapping Techniques | The candidate will be introduced to network mapping techniques an attacker might use to examine wireless networks, and public switched telephony networks, along with identifying the basic penetration techniques at a high level. |
Best Practice Approach to Risk Management | The candidate will understand the overall best practice approach to Risk Management from a high level. |
Bluetooth | The candidate will have a basic understanding of how the Bluetooth and Zigbee protocols work and the security issues that surround them. |
Common Types of Attacks | The candidate will be able to identify the most common attack methods and understand the basic strategies used to mitigate those threats. |
Contigency Planning | The candidate will understand the critical aspect of contingency planning with a Business Continuity Plan (BCP) and Disaster Recover Plan (DRP). |
Crypto Attacks | The candidate will be able to identify common attacks used to subvert cryptographic defenses. |
Crypto Concepts | The candidate will have a high level understanding of the mathematical concepts which contribute to modern cryptography. |
Crypto Fundamentals | The candidate will have a basic understanding of the fundamental concepts of cryptography. |
Defense-in-Depth | The candidate will be introduced to the terminology and concepts of Risk and Defense-in-Depth including threats and vulnerabilities. |
DNS | The candidate will have a high-level understanding of the Domain Name System architecture. |
Firewall Subversion | The candidate will have a high level understanding of how IPS systems operate. |
Firewalls | The candidate will understand basic firewalling technologies and techniques. |
General Types of Cryptosystems | The candidate will have a high level understanding of the three general types of cryptosystems. |
General Types of Stego | The candidate will be able to identify different methods of steganography, as well as some of the common tools used to hide data with steganography. |
HIDS Examples | The candidate will be able to identify common Windows and Unix tools which provide HIDS functionality and the techniques utilized. |
HIDS Overview | The candidate will have a general understanding of the techniques used by Host Based Intrusion Detection Systems. |
HIPS Overview | The candidate will understand the technologies and techniques behind HIPS how and it can be applied. |
Honeypots | The candidate will understand basic honeypot techniques and common tools used to set up honeypots. |
ICMP | The candidate will understand the structure and purpose of ICMP, as well as the fields in a ICMP datagram header. |
IDS Overview | The candidate will understand the overall concepts of Intrusion Detection. |
Incident Handling Fundamentals | The candidate will understand the concepts of incident handling and the six-step incident handling process. |
Information Warfare Examples | The candidate will be introduced to real-life examples of information warfare. |
Information Warfare Theory | The candidate will be introduced to the theory of information warfare. |
Introduction to OPSEC | The candidate will understand what OPSEC is and the threats and techniques used for protection in Operational Security. |
IP Packets | The candidate will have a fundamental understanding of how the IP protocol works. |
IPS Examples | The candidate will be able to identify common IPS technology products available on the market today. |
IPS Overview | The candidate will have a high level understanding of how IPS systems operate. |
IPv6 | The candidate will have a high level understanding of the IPv6 protocol. |
Legal Aspects of Incident Handling | The candidate will be introduced to the basic legal issues in incident and evidence handling. |
Mitnick Attack Defensive Strategies | The candidate will understand the strategies that would have prevented the Mitnick attack. |
Mitnick-Shimomura | The candidate will understand the details of the famous Mitnick-Shimomura attack, as well as what we can learn from this attack to appropriately protect our networks today against these vulnerabilities. |
Network Addressing | The candidate will understand the essentials of IP addressing, subnets, CIDR and netmasks. |
Network Design | The candidate will be able to design basic network architectures using best practices. |
Network Hardware | The candidate will understand network hardware components, as well as how standard and cross-over network cabling is wired. |
Network Mapping Tools | The candidate will be able to identify common tools attackers use to scan systems and the techniques these scanners use. |
Network Plumbing | The candidate will understand and be able to identify the different types of networks, topologies, and the most common network technologies in use today. |
Network Protocol | The candidate will understand the properties and functions of network protocols and the network protocol stacks. |
Network Scanning | The candidate will learn how to compile a network map, using techniques known as network mapping and port scanning. |
NIDS Overview | The candidate will understand techniques NIDS use to operate and understand their strengths and weaknesses. |
NIPS Overview | The candidate will understand the technologies and techniques behind NIPS and how it can be applied. |
Password Management | The candidate will understand the role of passwords in controlling access to systems. |
Physical Security | The candidate will understand the purpose restricted areas and their protection mechanisms. |
Policy Framework | The candidate will understand the purpose and components of policy. |
Pretty Good Privacy PGP | The candidate will understand the functionality of the PGP cryptosystem and how they operate. |
Public Key Infrastructure PKI | The candidate will have a high level understanding of how PKI cryptosystems are used for secure communications. |
Reading Packets | The candidate will develop the skill to decode a packet from hexadecimal output. |
Real-World Crypto Implementations | The candidate will have a basic understanding of PGP, SSL, and Kerberos. |
Risk Management Overview | The candidate will understand the terminology and basic approaches to Risk Management. |
Routing Fundamentals | The candidate will become familiar with common routing concepts and protocols. |
Safety Threats | The candidate will be able to identify and understand the most common threats to safety and why they are important to address. |
Snort as a NIDS | The candidate will have a high level of understanding in Network Intrusion Detection concepts and techniques and how Snort performs Network Intrusion Detection. |
Steganography Overview | The candidate will understand what steganography is and how it differs from cryptography. |
Symmetric & Asymmetric Cryptosystems | The candidate will have a basic understanding of commonly used symmetric & asymmetric cryptosystems. |
TCP | The candidate will understand the structure and purpose of TCP, as well as the fields in a TCP datagram header. |
TCP Concepts | The candidate will understand TCP connection establishment and teardown, and how this is communicated with tcpdump/windump. |
tcpdump/windump | The candidate will be able to use the tcpdump or windump utility to read packets from a network interface and understand the output. |
Threat Assessment, Analysis & Report to Management | The candidate will be able to identify each step in the Threat Assessment & Analysis process and how to report findings to management. |
Traceroute | The candidate will be able to use the traceroute utility for network troubleshooting and discovery. |
UDP | The candidate will understand the structure and purpose of UDP, as well as the fields in a UDP datagram header. |
Unix Backups & Archiving | The candidate will understand how to archive or copy data from a single system and later restore and manipulate that data to assist in a computer crime investigation. |
Unix Command Line and OS Tools | The candidate will understand how the command line works, key commands and how to use them to manage a Unix system |
Unix Cron Security and Process Scheduling | The candidate will understand how to configure the Unix Cron system and schedule processes. |
Unix Landscape | The candidate will be familiar with the different variants of Unix/Linux and understand Unix File systems. |
Unix Logging and Monitoring | The candidate will understand the various logging facilities common to Unix operating systems and log monitoring techniques that will help improve security and provide more information in the event of a system compromise. |
Unix OS Security | The candidate will understand the best practices required to properly secure Linux including parameters, file permissions, and warning banners. |
Unix Password System and Root Access | The candidate will understand Unix accounts, the significance of the root account, and how to manage accounts. |
Unix Patch Management and Maintenance | The candidate will understand how to manage patches and security updates on Unix hosts. |
Unix Processes and Minimizing System Services | The candidate will understand how Unix processes and services are configured and which services should be disabled on Unix hosts. |
Unix Security Tools | The candidate will know how to use the key security tools that are available under Unix. |
Virtual Machines | The candidate will understand what virtual machines are and how to use them to create a virtual lab |
Virtual Private Networks VPNs | The candidate will have a high level understanding of Virtual Private Networks ( VPNs) and be able to identify IPSec and non-IPSec protocols used for VPN communications. |
Viruses and Mailicious Code | The candidate will understand and be able to articulate what malicious code is, how it propagates and why it is such an expensive problem. The candidate will also be familiar with and understand the attack vectors leveraged by recent malicious code attacks. |
VoIP Functionality & Architecture | The candidate will become familiar with the functionality and architecture of VoIP. |
Vulnerability Management Overview | The candidate will understand the concepts and relationships behind reconnaissance and resource protection, and threats and vectors. |
Vulnerability Scanning | The candidate will learn how data generated from a port scanner like nmap and vulnerability assessment tools like nessus can be used to examine systems, ports and applications in more depth to secure an environment. |
Web Application Security | The candidate will be introduced to web application securing including CGI, cookies, SSL and active content. |
Web State | The candidate will be introduced to session tracking mechanisms. |
Windows Active Directory & Group Policy | The candidate will be able to identify the features of Active Directories and Group Policies, and understand how they are applied to a Windows host. |
Windows Automation and Auditing | The candidate will be introduced to the techniques and technologies used to audit Windows hosts. |
Windows Backup & Restore | The candidate will understand best practices to manage Windows backups and to restore a Windows host from backup data. |
Windows Family of Products | The candidate will be able to identify the different types of Windows operating systems and the differences between them. |
Windows IIS Security | The candidate will be able to apply best practices in securing a Windows IIS server. |
Windows Network Security Overview | The candidate will know how take basic measures in securing a Windows host. |
Windows Patches & Hotfixes | The candidate will understand how to manage Windows Service Packs and Hotfixes for a network of Windows hosts. |
Windows Permissions & User Rights | The candidate will understand how permissions are applied in the Windows NT File System, Shared Folder, Encrypting File System, Printer, Registry Key, Active Directory and how User Rights are applied. |
Windows Security Templates & Group Policy | The candidate will have a high level understanding of the features and functionality of Group Policy and working with GP Templates. |
Windows Workgroups & Accounts | The candidate will understand how Windows manages workgroups and accounts locally on a Windows host. |
Wireless Overview | The candidate will have a basic understanding of wireless technologies. |
Wireless Security | The candidate will have a basic understanding of the misconceptions and risks of wireless networks and how to secure them. |
Where to Get Help
Training is available from a variety of resources including on line, course attendance at a live conference, and self study.
Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.
Finally, college level courses or study through another program may meet the needs for mastery.
The procedure to contest exam results can be found at http://www.giac.org/grievance.php.
