Certification:

GCWN
 

GIAC Certified Windows Security Administrator

GCWN

View Professionals »

Description

GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including services such as Group Policy, Active Directory, Internet Information Server, IPSec and Certificate Services.

Target

Individuals responsible for installing, configuring, and securing Microsoft systems and Active Directory networks.

GIAC Certified Windows System Administrators (GCWNs) have the knowledge and skills needed to configure and manage the security of Windows systems and networks, including: Group Policy, Active Directory, DNS, Internet Information Server (IIS), IPSec, RADIUS, VPNs, BitLocker/EFS, and Certificate Services. Candidates should be familiar with Windows XP/Server 2003 through Windows 7/Server 2008 R2.

Course

SEC505: Securing Windows

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

Requirements

  • 1 proctored exam
  • 75 questions
  • Time limit of 2 hours
  • Minimum Passing Score of 66.7% (50 out of 75 questions)

NOTE:

GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the passing point for the GCWN exam has been determined to be 66.7% for all candidates receiving access to their certification attempts on or after 02/07/2011. To verify the format of your current certification attempt, please read the Certification Information found in your portal account at https://exams.giac.org/pages/attempts.

Renew

Every 4 years

Delivery

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

Links


Bulletin (Part 2 of Candidate Handbook)

The topic areas for each exam part follow:
Exam Certification Objectives Certification Objective Outcome Statement
Bitlocker The candidate will be able to discuss how to use BitLocker to secure data on a Windows computer
Creating a Bastion Host The candidate will be able to disuses the essential steps needed to properly secure an IIS server
Designing Forests & Trusts The candidate will be able to discuss how to configure AD forests for optimum security
Dynamic DNS & Secure Updates The candidate will be able to discuss how to securely configure and manage Windows DNS
EFS The candidate will be able to discuss how to use EFS to secure data on a Windows computer.
Enterprise IPSec The candidate will be able to disuses how IPSec can be used to help secure an enterprise environment
Group Policy Overview and Security Templates The candidate will be able to discuss how Group Policy and Security Templates can be used in a Windows environment.
Group Policy scripting and Administrative Templates The candidate will be able to demonstrate how Group Policy and Administrative Templates can be configured and deployed to systems.
Group Policy Security Settings The candidate will be able to discuss what Group Policy settings should be used to secure a Windows-based network.
IIS Authentication and SSL Encryption The candidate will be able to discuss how to configure IIS authentication protocols and access controls to secure a website
IIS Permissions and Authorization The candidate will be able to discuss how to control access to website resources based on identities and group memberships.
IIS Web Applications and FTP The candidate will be able to discuss how to secure web-based applications and FTP on an IIS server.
IIS XML Configuration The candidate will demonstrate an understanding of how to use XML templates to configure and manage IIS servers.
Installing Certificate Services The candidate will be able to discuss how to install and manage Windows Certificate Services
IPSec Overview The candidate will be able to discuss the fundamental concepts associated with IPSec.
Managing Your PKI & Smart Cards The candidate will be able to discuss how to manage a Windows-based PKI
Permissions, Delegation & Auditing The candidate will be able to demonstrate how to properly set and manage AD permissions
Public Key Infrastructure The candidate will be able to discuss the major concepts associated with Public Key Infrastructures
RADIUS for RRAS VPNs The candidate will be able to disuses how to setup and configure RRAS as a VPN Gateway
RADIUS for Wireless Networks The candidate will demonstrate an understanding of the ways to setup, configure, and manage RADIUS when used to manage wireless networks.
Securing NTDS.DIT & Replication The candidate will be able to discuss the steps needed to secure the AD replication process
Securing Private Keys The candidate will be able to discuss how to increase the security of private key protection a without losing functionality
The Windows Firewall The candidate will be able to discuss how to configure and manager the Windows Firewall, and understand its benefits and limitations
Windows IPSec Settings and Policies The candidate will be able to discuss how to create and manage Windows IPSec Policy Objects.
Windows Patch Management The candidate will be able to discuss how to use Windows tools, including WSUS, MBSA and Group Policy, to manage and monitor patching in a Windows network.

Where to Get Help

Training is available from a variety of resources including on line, course attendance at a live conference, and self study.

Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.

Finally, college level courses or study through another program may meet the needs for mastery.

The procedure to contest exam results can be found at http://www.giac.org/about/procedures/grievance.

SANS 2012 - Orlando

Latest Papers

Defense in Depth: An Impractical Strategy for a Cyber World
By Prescott Small | GSEC | 11396

A Preamble Into Aligning Systems Engineering and Information Security Risk
By Craig Wright | GCPM | 128

The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare
By Terrence OConnor | GCPM | 298

Quick and Effective Windows System Baselining and Comparative Analysis for Troubleshooting and Incident Response
By Kevin Fuller | GCIH | 7309

View More Papers »

Latest Tweets

@GIAC_Certs: This week's featured question is from our Forens [...]
December 27, 2011 - 6:18 PM

@GIAC_Certs: Have a background in web app pen testing? Please [...]
December 21, 2011 - 11:20 PM

@GIAC_Certs: If you have a background or experience in web ap [...]
December 21, 2011 - 11:12 PM

@GIAC_Certs: This week's question is from our Firewall Analys [...]
December 09, 2011 - 9:01 PM

View More »

Latest Professionals

Muhammad Anis Rizal ... | GPEN | 7508

Miguel Tejeda | GREM | 3255

Nadeem Douba | GWAPT | 3409

View More Professionals »

 

Contact Us

Phone: 301-654-7267
Mon-Fri 9am-8pm EST/EDT
Questions: info@giac.org
More »

(ISC)2 and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.