Certification: GCCC

Certification:

GIAC Critical Controls Certification (GCCC)

Please note, the GCCC will not be available until September 1, 2014

Target

Security professionals, auditors, CIOs, and risk officers who want to demonstrate their ability to assess and implement the Top Critical Security Controls. Candidates are required to demonstrate an understanding of applying, automating and measuring the effectiveness of implemented controls.

Course

Preparing for the GCCC Exam: Candidates may choose to prepare for the GCCC exam by taking the SANS Training Course: SEC566: Implementing and Auditing the Critical Security Controls - In-Depth

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

Requirements

  • 1 proctored exam
  • 75 questions
  • Time limit of 3 hours
  • Minimum Passing Score To Be Determined

Renew

Certifications must be renewed every 4 years. Click here for details.

Delivery

NOTE: GIAC exams are NOT given the day after the conference ends.

GIAC certification attempts purchased without SANS training will be activated in your SANS/GIAC account within 24 business hours of purchase. GIAC certification attempts purchased with SANS training will be activated in your SANS/GIAC account 7 days after the end of the conference. In both cases, you will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam. GIAC exams are delivered online through a standard web browser.

Links


Bulletin (Part 2 of Candidate Handbook)

Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Account Monitoring and Control
The candidate will be familiar with processes and tools used to track/control/prevent/correct use of system and application accounts.
Application Software Security
The candidate will be familiar with the processes and tools organizations use to detect/prevent/correct security weaknesses in the development and acquisition of software applications.
Background, History, Purpose & Implementation of the 20 CC
The candidate will be familiar with the background, history and purpose of the 20 Critical Controls
Boundary Defense
The candidate will be familiar with the processes and tools used to detect/prevent/correct the flow of information transferring networks of different trust levels.
Continuous Vulnerability Assessment and Remediation
The candidate will be familiar with the processes and tools used to detect/prevent/correct security vulnerabilities in the configurations of devices that are listed and approved in the asset inventory database.
Controlled Access Based on the Need to Know
The candidate will be familiar with the processes and tools used to track/control/prevent/correct secure access to information according to the formal determination of persons, computers, and applications have a need and right to access information based on an approved classification.
Controlled Use of Administrative Privileges
The candidate will be familiar with processes and tools used to track/control/prevent/correct use, assignment and configuration of administrative privileges on computers, networks, and applications.
Data Loss Prevention
The candidate will be familiar with the processes and tools used to track/control/prevent/correct data transmission and storage, based on the data's content and classification.
Data Recovery Capability
The candidate will be familiar with processes and tools used to properly backup critical information with a proven methodology for timely recovery of the critical information.
Incident Response and Management
The candidate will be familiar with process and tools to make sure an organization has a properly tested plan with trained resources for dealing with adverse events.
Inventory of Authorized and Unauthorized Devices
The candidate will be familiar with the processes and tools used to track/control/prevent/correct network access by devices based on an asset inventory of which devices are allowed to connect to the network
Inventory of Authorized and Unauthorized Software
The candidate will be familiar with the processes and tools organizations use to track/control/prevent/correct installation and execution of software on computers based on an asset inventory of approved software.
Limitation and Control of Network Ports, Protocols, and Services
The candidate will be familiar with processes and tools used to track/control/prevent/correct use or ports, protocols, and services on networked devices.
Maintenance, Monitoring, and Analysis of Audit Logs
The candidate will be familiar with the processes and tools used to detect/prevent/correct use of systems and information based on audit logs of events that are consider significant or could impact the security of an organization.
Malware Defenses
The candidate will be familiar with the processes and tools used to detect/prevent/correct installation and execution of malicious software on all devices.
Penetration Tests and Red Team Exercises
The candidate will be familiar with process and tools used to simulate attacks against a network to validate the overall security of an organization.
Secure Configurations for Hardware and Software on Devices
The candidate will be familiar with the processes and tools organizations use to track/control/prevent/correct security weaknesses in the configurations of the hardware and software of devices based on a formal configuration management and change control process.
Secure Configurations for Network Devices
The candidate will be familiar with processes and tools used to track/control/prevent/correct security weaknesses in the configurations in network devices based on formal configuration management and change controls processes.
Secure Network Engineering
The candidate will be familiar with process and tools used to build, update and validate a network infrastructure that can withstand attacks.
Security Skills Assessment and Training to Fill Gaps
The candidate will be familiar with processes and tools to make sure an organization understands the technical skill gaps with their workforce and plan to fill the gaps.
Wireless Device Control
The candidate will be familiar with the processes and tools used to track/control/prevent/correct the secure use of wireless.

Where to Get Help

Training is available from a variety of resources including on line, course attendance at a live conference, and self study.

Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.

Finally, college level courses or study through another program may meet the needs for mastery.

The procedure to contest exam results can be found at http://www.giac.org/about/procedures/grievance.