GSEC Certification Bulletin
(Part 2 of Candidate Handbook)
The GIAC Security Essentials Certification (GSEC) was created to provide assurance that a certified individual holds the appropriate level of knowledge and skill necessary for anyone with hands on technical responsibilities in the key or essential areas of information security.
All GIAC certifications expire in a period of 4 years. In order to maintain certified status after the initial 4-year certification, candidates must complete the certification renewal process, as described at http://www.giac.org/certification-renewal. Although there are other entry level certifications available, GIAC is the only information security certification family including advanced technical subject areas.
The practice tests are taken on-line and are designed to simulate the format of the actual GIAC exams with the same number of tests, multiple-choice questions and time-limits. The practice test questions, which are selected from our Online Training quiz bins, are written by the same authors who write the GIAC exams. During the practice tests, each time you choose a wrong answer, you will receive the correct answer and an explanation that will help to reinforce the subject matter presented in the question. The practice tests also include a counter that shows the current number of questions that you answered correctly, wrong and how many questions are left in the test. You will only have one attempt at each practice test, if you need more attempts you will need to purchase another set. If you purchase a new practice test set, the on-line system will quiz you again on the questions that were originally answered incorrectly while asking new questions.
- Type:
- Certification
- Target:
Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.
- Requirements:
- 1 proctored exam - 180 questions - 5-hour time limit - 73.9% (133 of 180 questions) minimum passing score
- Renewal:
- Every 4 years
The topic areas for each exam part follow:
| Exam Certification Objectives | Certification Objective Outcome Statement |
|---|---|
802.11 | The candidate will be able to identify the different 802.11 protocols, and understand common wireless attacks and how to prevent them. |
Access Control Theory | The candidate will understand the fundamental theory of access control. |
Alternate Network Mapping Techniques | The candidate will be introduced to network mapping techniques an attacker might use to examine wireless networks, and public switched telephony networks, along with identifying the basic penetration techniques at a high level. |
Common Types of Attacks | The candidate will be able to identify the most common attack methods and understand the basic strategies used to mitigate those threats. |
Contigency Planning | The candidate will understand the critical aspect of contingency planning with a Business Continuity Plan (BCP) and Disaster Recover Plan (DRP). |
Crypto Concepts | The candidate will have a high level understanding of the mathematical concepts which contribute to modern cryptography. |
Crypto Fundamentals | the student will understand the core concepts of cryptography and the three main algorithms. |
Defense-in-Depth | The candidate will be introduced to the terminology and concepts of Risk and Defense-in-Depth including threats and vulnerabilities. |
DNS | The candidate will have a high-level understanding of the Domain Name System architecture. |
Firewall Subversion | The candidate will understand how firewalls can be bypassed and why additional security measures are required. |
Firewalls | The candidate will understand basic firewalling technologies and techniques. |
HIDS Overview | The candidate will have a general understanding of the techniques used by Host Based Intrusion Detection Systems. |
Honeypots | The candidate will understand basic honeypot techniques and common tools used to set up honeypots. |
ICMP | The candidate will understand the structure and purpose of ICMP, as well as the fields in a ICMP datagram header. |
IDS Overview | The candidate will understand the overall concepts of Intrusion Detection. |
Incident Handling Fundamentals | The candidate will understand the concepts of incident handling and the six-step incident handling process. |
Information Warfare | The candidate will be introduced to real-life examples of information warfare. |
Introduction to OPSEC | The candidate will understand what OPSEC is and the threats and techniques used for protection in Operational Security. |
IP Packets | The candidate will have a fundamental understanding of how the IP protocol works. |
IPS Overview | The candidate will have a high level understanding of how IPS systems operate. |
IPv6 | The candidate will have a high level understanding of the IPv6 protocol. |
Legal Aspects of Incident Handling | The candidate will be introduced to the basic legal issues in incident and evidence handling. |
Linux/Unix Configuration Fundamentals | The candidate will understand Linux/Unix fundamental configuration settings, including file permissions, user accounts, groups, and passwords, and commands used to display information and run backups. |
Linux/Unix Logging and Log Management | The candidate will understand the various logging capabilities and log file locations common to Linux operating systems. |
Linux/Unix OS Security Tools and Utilities | The candidate will know how to use key security utilities and tools that are available for Linux/Unix systems, including file integrity, host firewalls, and applications such as SELinux. |
Linux/Unix Overview | The candidate will be familiar with the different variants of Linux/Unix, understand the Linux file system, and important commands. |
Linux/Unix Patch Management | The candidate will understand the importance of patch management, best practices, and common patch management tools and techniques for Linux/Unix systems. |
Linux/Unix Process and Service Management | The candidate will understand how to manage Linux/Unix processes, run levels, and services, including best practices for common processes and services. |
Mitnick-Shimomura | The candidate will understand the details of the famous Mitnick-Shimomura attack, as well as what we can learn from this attack to appropriately protect our networks today against these vulnerabilities. The candidate will understand the strategies that would have prevented the Mitnick attack. |
Network Addressing | The candidate will understand the essentials of IP addressing, subnets, CIDR and netmasks. |
Network Design | The candidate will be able to design basic network architectures using best practices. |
Network Hardware | The candidate will understand network hardware components, as well as how standard and cross-over network cabling is wired. |
Network Mapping and Scanning | The candidate will be familiar common tools attackers use to scan systems and the techniques techniques used to create a network map. |
Network Plumbing | The candidate will understand and be able to identify the different types of networks, topologies, and the most common network technologies in use today. |
Network Protocol | The candidate will understand the properties and functions of network protocols and the network protocol stacks. |
NIDS Overview | The candidate will understand techniques NIDS use to operate and understand their strengths and weaknesses. |
Password Management | The candidate will understand the role of passwords in controlling access to systems. |
Physical Security | The candidate will understand the purpose restricted areas and their protection mechanisms. |
Policy Framework | The candidate will understand the purpose and components of policy. |
Protecting Data at Rest | The candidate will understand the functionality of the PGP cryptosystem and how they operate. |
Public Key Infrastructure PKI | The candidate will understand how PKI works and the key components for managing keys. |
Reading Packets | The candidate will develop the skill to decode a packet from hexadecimal output. |
Risk Management | The candidate will understand the terminology and basic approaches to Risk Management. |
Safety Threats | The candidate will be able to identify and understand the most common threats to safety and why they are important to address. |
Securing Windows Server Services | The candidate will know how take basic measures in securing Windows IIS, SQL, and Terminal Servers. |
Steganography Overview | The candidate will be able to identify different methods of steganography, as well as some of the common tools used to hide data with steganography. |
TCP | The candidate will understand the structure and purpose of TCP, as well as the fields in a TCP datagram header. |
UDP | The candidate will understand the structure and purpose of UDP, as well as the fields in a UDP datagram header. |
Virtual Machines | The candidate will understand what virtual machines are and how to use them to create a virtual lab |
Virtual Private Networks VPNs | The candidate will have a high level understanding of Virtual Private Networks ( VPNs) and be able to identify IPSec and non-IPSec protocols used for VPN communications. |
Viruses and Mailicious Code | The candidate will understand and be able to articulate what malicious code is, how it propagates and why it is such an expensive problem. The candidate will also be familiar with and understand the attack vectors leveraged by recent malicious code attacks. |
VoIP | The candidate will become familiar with the functionality and architecture of VoIP. |
Vulnerability Management Overview | The candidate will understand the concepts and relationships behind reconnaissance and resource protection, and threats and vectors. |
Vulnerability Scanning | The candidate will learn how data generated from a port scanner like nmap and vulnerability assessment tools like nessus can be used to examine systems, ports and applications in more depth to secure an environment. |
Web Application Security | The candidate will be introduced to web application securing including CGI, cookies, SSL and active content. |
Windows Auditing | The candidate understand the techniques and technologies used to audit Windows hosts. |
Windows Automation and Configuration | The candidate understands the techniques and technologies used to automate configuration. |
Windows Family of Products | The candidate will be able to identify the different types of Windows operating systems and understand the basic security features and concerns of each. |
Windows Network Security Overview | The candidate will know how take basic measures in securing a Windows host, including managing services and VPNs. |
Windows Permissions & User Rights | The candidate will understand how permissions are applied in the Windows NT File System, Shared Folder, Encrypting File System, Printer, Registry Key, Active Directory and how User Rights are applied. |
Windows Security Templates & Group Policy | The candidate will have a high level understanding of the features and functionality of Group Policy and best practices for locking down systems. |
Windows Service Packs, Hotfixes and Backups | The candidate will understand how to manage Windows Service Packs and Hotfixes as well as backups and restoration for a network of Windows hosts. |
Windows Workgroups, Active Directory and Group Policy Overview | The candidate will understand the basic security infrastructure of local accounts, workgroups, Active Directory and Group Policy. |
Wireless Overview | The candidate will have a basic understanding of wireless technologies including Bluetooth and Zigbee. |
Where to Get Help
Training is available from a variety of resources including on line, course attendance at a live conference, and self study.
Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.
Finally, college level courses or study through another program may meet the needs for mastery.
The procedure to contest exam results can be found at http://www.giac.org/grievance.php.
