GIAC Penetration Tester (GPEN)
TargetThe GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.
Preparing for the GPEN Exam: Candidates may choose to prepare for the GPEN exam by taking the SANS Training Course: SEC560: Network Penetration Testing and Ethical Hacking
*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- 1 proctored exam
- 115 questions
- Time limit of 3 hours
- Minimum Passing Score of 74%
GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GPEN exam has been determined to be 74% for all candidates receiving access to their certification attempts on or after December 20th, 2012. To verify the format of your current certification attempt, please read the Certification Information found in your portal account at https://exams.giac.org/pages/attempts.
Certifications must be renewed every 4 years. Click here for details.
NOTE: GIAC exams are NOT given the day after the conference ends.
Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Certification attempt exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.
- Certified Professionals (GPEN)
- Exam Feedback Procedure
- Grievance Procedure
- Proctored exam procedure
- SANS Information Security Reading Room
Bulletin (Part 2 of Candidate Handbook)
Exam Certification Objectives & Outcome Statements
The topic areas for each exam part follow:
- Advanced Password Attacks
- The candidate will be able to use additional methods to attack password hashes and authenticate.
- Attacking Password Hashes
- The candidate will be able to obtain and attack password hashes and other password representations.
- Command Shell vs. Terminal Access
- The candidate will know the benefits, limitations, and distinguishing characteristics of command shell and terminal access.
- Enumerating Users
- The candidate will be able to enumerate users through different methods.
- Exploitation Fundamentals
- The candidate will be able to demonstrate the fundamental concepts associated with the exploitation phase of a pentest.
- General Web Application Probing
- The candidate will be able to use tools and proxies to understand and exploit web application weaknesses.
- Initial Target Scanning
- The candidate will be able to conduct port, operating system and service version scans and analyze the results.
- The candidate will be able to use and configure the Metasploit Framework at an intermediate level.
- Moving Files with Exploits
- The candidate will be able to use exploits to move files between remote systems.
- Password Attacks
- The candidate will understand types of password attacks, formats, defenses, and the circumstances under which to use each password attack variation. The candidate will be able to conduct password guessing attacks.
- Pen-testing Foundations
- The candidate will be able to demonstrate the fundamental concepts associated with pen-testing.
- Pen-testing Process
- The candidate will be able to utilize a process-oriented approach to pentesting and reporting.
- Pen-Testing via the Command Line
- The candidate be able to use advanced Windows command line skills during a pen test.
- The candidate will understand the fundamental concepts of reconnaissance and will understand how to obtain basic, high level information about the target organization and network, often considered information leakage, including but not limited to technical and non technical public contacts, IP address ranges, document formats, and supported systems.
- Scanning for Targets
- The candidate will be able to use the appropriate technique to scan a network for potential targets.
- Vulnerability Scanning
- The candidate will be able to conduct vulnerability scans and analyze the results.
- Web Application Attacks
- The candidate will be able to utilize common web application attacks.
- Wireless Crypto and Client Attacks
- The candidate will be able to utilize wireless cryptographic and client attacks including but not limited to hijacking and key attacks.
- Wireless Fundamentals
- The candidate will understand the fundamental concepts associated with wireless networks.
Where to Get Help
Training is available from a variety of resources including on line, course attendance at a live conference, and self study.
Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.
Finally, college level courses or study through another program may meet the needs for mastery.
The procedure to contest exam results can be found at http://www.giac.org/about/procedures/grievance.