- Roadmap
- Steps To
- Comparing
- Security Admin
- Management
- Operations
- Audit
- Legal
- Software Security
- GSE-Malware
- GSE-Compliance
- GSE
- DoD 8570
Level 3
GIAC Information Security Fundamentals (GISF)
- Type:
- Certification
- Course:
- Intro to Information Security, SEC-301
- Target:
Professionals who need to hit the ground running and need an overview of information assurance. Managers, Information Security Officers, and System Administrators who need an overview of risk management and defense in depth techniques. Anyone who writes, implements, or must adhere to policy, disaster recovery or business continuity.
Proficient infosec administrators can network well on the eight layer of the ISO model (political) and the material contained in this track will help them to bridge the gap that often exists between managers and system administrators. GISF candidates will learn and be able to demonstrate key concepts of information security including: understanding the threats and risks to information and information resources, identifying best practices that can be used to protect them, and learning to diversify our protection strategy.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
Level 4
GIAC Security Essentials Certification (GSEC)
- Type:
- Certification
- Course:
- SANS Security Essentials Bootcamp Style, SEC-401
- Target:
Security Professionals that want to fill the gaps in their understanding of technical information security and demonstrate they are qualified for hands on roles with IT systems with respect to security tasks. This is also appropriate for hands on, technically oriented managers that want to understand information security beyond simple terminology and concepts; anyone new to information security with some background in information systems and networking.
GIAC Security Essentials Certification graduates have been taught the knowledge, skills and abilities required to incorporate good information security practice in any organization. The GSEC tests the essential knowledge and skills required of any individual with security responsibilities within an organization.
- Requirements:
- One proctored exam - 180 questions - 5 hour time limit
- Credit Hours:
- 4
- Renewal:
- Every 4 Years
GIAC Certified Penetration Tester (GPEN)
- Type:
- Certification
- Course:
- Network Penetration Testing and Ethical Hacking, SEC-560
- Target:
- The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 4
- Renewal:
- Every 4 Years
Level 5
GIAC Certified Firewall Analyst (GCFW)
- Type:
- Certification
- Course:
- Firewalls, Perimeter Protection & Virtual Private Networks, SEC-502
- Target:
Individuals responsible for designing, implementing, configuring, and monitoring a secure perimeter for any organization; including routers, firewalls, VPNs/remote access, and overall network design.
GIAC Certified Firewall Analysts (GCFWs) have the knowledge, skills, and abilities to design, configure, and monitor routers, firewalls, and perimeter defense systems.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Certified Intrusion Analyst (GCIA)
- Type:
- Certification
- Course:
- Intrusion Detection In-Depth, SEC-503
- Target:
Individuals responsible for network and host monitoring, traffic analysis, and intrusion detection
GIAC Certified Intrusion Analysts (GCIAs) have the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Certified Incident Handler (GCIH)
- Type:
- Certification
- Course:
- Hacker Techniques, Exploits & Incident Handling, SEC-504
- Target:
Individuals responsible for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.
GIAC Certified Incident Handlers (GCIHs) have the knowledge, skills, and abilities to manage incidents; to understand common attack techniques and tools; and to defend against and/or respond to such attacks when they occur.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Certified Windows Security Administrator (GCWN)
- Type:
- Certification
- Course:
- Securing Windows, SEC-505
- Target:
Individuals responsible for installing, configuring, and securing Microsoft Windows 2000/XP/2003 networks.
GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including services such as Group Policy, Active Directory, Internet Information Server, IPSec and Certificate Services.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Certified UNIX Security Administrator (GCUX)
- Type:
- Certification
- Course:
- Securing Unix/Linux, SEC-506
- Target:
Individuals responsible for installing, configuring, and monitoring UNIX and/or Linux systems.
GIAC Certified UNIX System Administrators (GCUXs) have the knowledge, skills and abilities to secure and audit UNIX and Linux systems.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Certified Forensics Analyst (GCFA)
- Type:
- Certification
- Course:
- System Forensics, Investigation & Response, SEC-508
- Target:
Individuals responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation.
GIAC Certified Forensic Analysts (GCFAs) have the knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Securing Oracle Certification (GSOC)
- Type:
- Certification
- Course:
- Securing Oracle, SEC-509
- Target:
Oracle database administrators responsible for installation and management of Oracle databases, developers who wish to create secure data access applications and web sites, and auditors and penetration testers who need to evaluate the security of Oracle databases.
Successful GIAC Securing Oracle Certification (GSOC) candidates will have the knowledge and skills to secure and audit an Oracle database.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
Level 6
GIAC Reverse Engineering Malware (GREM)
- Type:
- Certification
- Course:
- Reverse-Engineering Malware: Tools and Techniques Hands-On, SEC-601
- Target:
System and Network Administrators, Auditors, Security Consultants, and Security Managers responsible for protecting the organization from malicious code
The GIAC Reverse Engineering Malware (GREM) certificate is designed for technologists who protect the organization from malicious code. The certificate focuses on tools and techniques for analyzing malicious software such as viruses, worms, and trojans. Students are asked to try their hand at studying malware using system monitoring tools, a disassembler, and a debugger in a controlled environment. When performing the analysis, students study the program's behavioral patterns, and look at portions of its assembly code. This advanced, technical program expects the students to be familiar with using Windows and Linux operating environments, and to understand programming concepts such as stacks and function calls.
- Requirements:
- One proctored exam
- Credit Hours:
- 0.7
- Renewal:
- Every 4 Years
GIAC .Net (GNET)
- Type:
- Certification
- Course:
- .NET Security, SEC-616
- Target:
Individuals who are responsible for securing .Net code or a Microsoft Web-based architecture, including Developers and Development Management and Consultants, Information Security Analysts, and System Administrators.
Individuals who complete GIAC .Net Security will be able to design and critique security issues from ASP.Net to XML Web Services. Students will have the conceptual and practical means to secure their environment and educate their clients.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 3
- Renewal:
- Every 4 Years
GIAC Assessing Wireless Networks (GAWN)
- Type:
- Certification
- Course:
- GIAC Assessing Wireless Networks, SEC-617
- Target:
Auditors, network administrators and penetration-testers who are responsible for assessing the security of wireless networks.
The GAWN certification is designed for technologists who need to assess the security of wireless networks. The certification focuses on the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques used to analyze wireless networks. Students will not only gain experience using tools to assess wireless networks, they will understand how the tools operate and the weaknesses in protocols that they evaluate.
- Requirements:
- One proctored exam - 150 questions - 4 hour time limit
- Credit Hours:
- 4
- Renewal:
- Every 4 Years
