Coming soon! GMOB - GIAC's new Mobile Device Security Certification! Click here to learn more.

Certification: GCFW

Certification:

GIAC Certified Firewall Analyst (GCFW)

Description

GIAC Certified Firewall Analysts (GCFWs) have the knowledge, skills, and abilities to design, configure, and monitor routers, firewalls, and perimeter defense systems.

Target

Individuals responsible for designing, implementing, configuring, and monitoring a secure perimeter for any organization; including routers, firewalls, VPNs/remote access, and overall network design.

Course

Preparing for the GCFW Exam: Candidates may choose to prepare for the GCFW exam by taking the SANS Training Course: SEC502: Perimeter Protection In-Depth

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

Requirements

  • 1 proctored exam
  • 75 questions
  • Time limit of 2 hours
  • Minimum Passing Score of 69.3%

Renew

Certifications must be renewed every 4 years. Click here for details.

Delivery

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Certification attempt exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

Links


Bulletin (Part 2 of Candidate Handbook)

Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Analyzing Network and Wireless Design
The candidate will demonstrate familiarity with network design principles and decisions, and with basic wireless security issues.
Creating and Auditing a Rulebase
The candidate will demonstrate an understanding of building and verifying firewall rulebases that serve the needs of the business and map to security policy.
Firewall Assessment and Penetration Testing
The candidate will demonstrate a thorough understanding of assessing and validating the security of a firewall.
Host-Based Detection and DLP
The candidate will demonstrate understanding of the capabilities of HIDS and HIPS, and be familiar with DLP techniques.
Incident Detection and Analysis
The candidate will demonstrate a basic understanding of detecting incidents, intrusions, and preserving evidence.
IOS and Router Security
The candidate will demonstrate understanding of the basics of Cisco IOS and router hardening through applying ACLs
IPv6 and ICMPv6
The candidate will understand the basics of IP and ICMP version 6.
Log Collection and Analysis
The candidate will demonstrate understanding of techniques for centralizing log collection and analyzing firewall logs.
NAT and Proxies
The candidate will demonstrate understanding of transparent, non-transparent, and reverse proxy functionality, and the four standard implementations of NAT.
Netfilter iptables
The candidate will understand the features and configuration of the free firewall, Netfilter.
Network Access Control
The candidate will be familiar with Network Access Control theory.
Network-Based Intrusion Detection
The candidate will demonstrate an understanding of signature-based network intrusion detection.
Packet Filters and Inspection
The candidate will demonstrate an understanding of how static and stateful packet filters work.
Packet Fragmentation
The candidate will demonstrate an understanding of how fragmentation works and fragmentation-based attacks.
Perimeter Concepts and IP Fundamentals
The candidate will demonstrate a thorough understanding of the IP header, and basic perimeter concepts including services, firewalls, and layered security.
Securing Hosts and Services
The candidate will demonstrate an understanding of the principles, tools, and techniques for securing and hardening hosts and services.
TCP/IP Protocols
The candidate will demonstrate a thorough understanding of TCP, UDP and ICMP.
VPN Design and Auditing
The candidate will demonstrate an understanding of VPN authentication, encryption and placement techniques.
VPN Implementation
The candidate will demonstrate an understanding of IPSEC, SSL and SSH as VPN technologies.

Where to Get Help

Training is available from a variety of resources including on line, course attendance at a live conference, and self study.

Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.

Finally, college level courses or study through another program may meet the needs for mastery.

The procedure to contest exam results can be found at http://www.giac.org/about/procedures/grievance.

SANS Capital City 2013 - Washington
Latest Papers

Logging and Monitoring to Detect Network Intrusions and Compliance Violations in the Environment
By Sunil Gupta | GCIA | 7008

Using and Configuring Security Onion to detect and prevent Web Application Attacks
By Ashley Deuble | GCIA | 7994

Attributes of Malicious Files
By Joel Yonts | GCIH | 7194

Small Business: The New Target What can they Do?
By Robert Comella | GCIA | 5138

View More Papers »

Latest Professionals

Christiaan Ehlers | GWAPT | 3648

Valerie Feehan | GCFW | 3805

Tim Kitchens | GREM | 3386

View More Professionals »

 
Contact Us

Phone: 301-654-7267
Mon-Fri 9am-8pm EST/EDT
Questions: info@giac.org
More »