Security Administration Certifications

www.giac.org

•  
• Overview
  • Mission Statement
  • FAQ
  • Code of Ethics
  • GIAC Ethics Council
  • Code of Ethics - Violation Submission
  • EEOC Policy
  • Proctor Policy
  • Program Overview (PDF)
  • Contact
• Why GIAC
  Certification Matters
• Certifications
  • Roadmap
  • Steps To
  • Security Admin
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GREM
    • GSEC
    • GCED
    • GPEN
    • GWAPT
  • Management
    • GISP
    • GSLC
    • GCPM
  • Audit
    • G7799
    • GSNA
  • Legal
    • GLEG
  • GLEG
  • Software Security
    • GSSP-NET
    • GSSP-JAVA
  • GSE
  • GSE-Malware
  • GSE-Compliance
  • DoD 8570
  • Retired Certifications
• Certified
  Professionals
  • Listings
    • G7799
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GISP
    • GREM
    • GSEC
    • GCED
    • GSLC
    • GSSP-NET
    • GSNA
    • GPEN
    • GCPM
    • GLEG
    • GSSP-JAVA
    • GWAPT
    • Retired Certifications
  • Profiles From The
    Front Lines
  • Does Certification Really Matter?
  • GIAC Hero
  • Business Card Logos
• GIAC Gold
• GIAC Expert Level
  • GSE
  • GSE-Malware
  • GSE-Compliance
• GIAC Help and Information – NEW
• Challenge Info
• Registration Info
  • GIAC Pricing
  • Challenge Certification
• Exams
  • Practice Tests
  • Deadlines
  • Exam Technical Issues
• Proctor Program – NEW
  • Program Details
  • FAQ
  • KRYTERION Sites
  • Proctor Policy
  • Proctor Forms
  • Computer Requirements
• Retakes & Extensions
• Recertification
• Exam Feedback Procedure
• Grievance Procedure
• ADA Accomodation Policy
• Job Listings
• SANS Portal
• SANS Home
• SANS Software Security Institute
• SANS Reading Room
• Direct Links G7799 GSAE GPCI GSNA GAWN-C GCDS GLFR GLIT GBLC GLEG GCIP GHSC GISP GFSP GEWF GEIT GLDR GCIM GCPM GSLC GCSC GSPA GOEC GISO GISF SSP-CNSA GGSC-0400 SSP-DRAP SSP-MPA GGSC-0200 GSEC GGSC-0100 GPEN GSOC GWAS GWAPT SSP-GHD GCWN GCFA GCED GHTQ GCIA GCIH GCFW GIPS GCUX GAWN GNET GREM GSIP GSSP-C GSSP-JAVA GSSP-NET
•  

• Roadmap
• Steps To
• Security Admin
• Management
• Audit
• Legal
• Software Security
• GSE-Malware
• GSE-Compliance
• GSE
• DoD 8570
• Retired Certifications

Level 3

GIAC Information Security Fundamentals (GISF)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Intro to Information Security, SEC-301

Target:

Professionals who need to hit the ground running and need an overview of information assurance. Managers, Information Security Officers, and System Administrators who need an overview of risk management and defense in depth techniques. Anyone who writes, implements, or must adhere to policy, disaster recovery or business continuity.

Proficient infosec administrators can network well on the eight layer of the ISO model (political) and the material contained in this track will help them to bridge the gap that often exists between managers and system administrators. GISF candidates will learn and be able to demonstrate key concepts of information security including: understanding the threats and risks to information and information resources, identifying best practices that can be used to protect them, and learning to diversify our protection strategy.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

Level 4

GIAC Security Essentials Certification (GSEC)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

SANS Security Essentials Bootcamp Style, SEC-401

Target:

Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

Requirements:

1 proctored exam - 180 questions - 5-hour time limit - 70% (126 of 180 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

Level 5

GIAC Web Application Penetration Tester (GWAPT)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Web App Penetration Testing and Ethical Hacking, DEV-542

Target:

Web applications one of the most significant points of vulnerability in organizations today. Most organizations have them (both web applications and the vulnerabilities associated with them). Web app holes have resulted in the theft of millions of credit cards, major financial loss, and damaged reputations for hundreds of enterprises. The number of computers compromised by visiting web sites altered by attackers is too high to count. This certification measures and individuals understanding of web application exploits and penetration testing methodology. Check your web applications for holes before the bad guys do.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70.7% (106 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Forensic Analyst (GCFA)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Computer Forensic Investigations and Incident Response, FOR-508

Target:

Individuals responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation.

GIAC Certified Forensic Analysts (GCFAs) have the knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 69.3% (104 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Enterprise Defender (GCED)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Advanced Security Essentials - Enterprise Defender, SEC-501

Target:

The GCED builds on the security skills measured by the GSEC (no overlap). It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. Knowledge, skills and abilities assessed are taken from the areas of Defensive Network Infrastructure, Packet Analysis, Penetration Testing, Incident Handling, and Malware Removal.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 68.7% (103 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Firewall Analyst (GCFW)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Firewalls, Perimeter Protection & Virtual Private Networks, SEC-502

Target:

Individuals responsible for designing, implementing, configuring, and monitoring a secure perimeter for any organization; including routers, firewalls, VPNs/remote access, and overall network design.

GIAC Certified Firewall Analysts (GCFWs) have the knowledge, skills, and abilities to design, configure, and monitor routers, firewalls, and perimeter defense systems.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Intrusion Analyst (GCIA)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Intrusion Detection In-Depth, SEC-503

Target:

Individuals responsible for network and host monitoring, traffic analysis, and intrusion detection

GIAC Certified Intrusion Analysts (GCIAs) have the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 67.3% (101 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Incident Handler (GCIH)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Hacker Techniques, Exploits & Incident Handling, SEC-504

Target:

Individuals responsible for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.

GIAC Certified Incident Handlers (GCIHs) have the knowledge, skills, and abilities to manage incidents; to understand common attack techniques and tools; and to defend against and/or respond to such attacks when they occur.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 72.7% (109 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Windows Security Administrator (GCWN)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Securing Windows, SEC-505

Target:

Individuals responsible for installing, configuring, and securing Microsoft Windows 2000/XP/2003 networks.

GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including services such as Group Policy, Active Directory, Internet Information Server, IPSec and Certificate Services.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified UNIX Security Administrator (GCUX)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Securing Unix/Linux, SEC-506

Target:

Individuals responsible for installing, configuring, and monitoring UNIX and/or Linux systems.

GIAC Certified UNIX System Administrators (GCUXs) have the knowledge, skills and abilities to secure and audit UNIX and Linux systems.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Certified Penetration Tester (GPEN)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Network Penetration Testing and Ethical Hacking, SEC-560

Target:

The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

Level 6

GIAC Reverse Engineering Malware (GREM)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Reverse-Engineering Malware: Hands-On Analysis Tools and Techniques, FOR-610

Target:

System and Network Administrators, Auditors, Security Consultants, and Security Managers responsible for protecting the organization from malicious code

The GIAC Reverse Engineering Malware (GREM) certification is designed for technologists who protect the organization from malicious code. GREM-certified technologists possess the knowledge and skills to reverse-engineer malicious software (malware) that targets common platforms, such as Microsoft Windows and web browsers. These individuals know how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration.

Reasons to become GREM certified:

• Become more valuable to your employer and/or customers by highlighting your cutting-edge malware analysis skills through the GREM certification
• Motivate yourself to develop a new skill set by reaching for a concrete, measurable, and achievable goal embodied by the GREM certification
• Join the ranks of highly-respected professionals who possess the knowledge and skills that are relatively rare in the industry
• Reinforce and affirm your ability to understand characteristics of real-world malware, so you can better respond to incidents and reinforce defenses

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

GIAC Assessing Wireless Networks (GAWN)

Type:

Certification

Course:

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

More information regarding relevant training from SANS can be found at:

Hacking and Defending Wireless Networks, SEC-617

Target:

Auditors, network administrators and penetration-testers who are responsible for assessing the security of wireless networks.

The GAWN certification is designed for technologists who need to assess the security of wireless networks. The certification focuses on the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques used to analyze wireless networks. Students will not only gain experience using tools to assess wireless networks, they will understand how the tools operate and the weaknesses in protocols that they evaluate.

Requirements:

1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score

Renewal:

Every 4 years

Delivery:

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

• Roadmap
• Steps To
• Security Admin
• Management
• Audit
• Legal
• Software Security
• GSE-Malware
• GSE-Compliance
• GSE
• DoD 8570
• Retired Certifications

© 2000-2010 The SANS Institute

SANS Web Privacy Policy: www.giac.org/privacy.php - Web Contact: webmaster@giac.org

Phone: 301-654-7267 | Mon-Fri 9am-8pm EST/EDT

(ISC)² and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.