- Roadmap
- Steps To
- Security Admin
- Management
- Audit
- Legal
- Software Security
- GSE-Malware
- GSE-Compliance
- GSE
- DoD 8570
- Retired Certifications
GIAC Certified Incident Handler (GCIH) 
- Type:
- Certification
- Course:
- *No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- More information regarding relevant training from SANS can be found at:
- Hacker Techniques, Exploits & Incident Handling, SEC-504
- Target:
Individuals responsible for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.
GIAC Certified Incident Handlers (GCIHs) have the knowledge, skills, and abilities to manage incidents; to understand common attack techniques and tools; and to defend against and/or respond to such attacks when they occur.
- Requirements:
- 1 proctored exam - 150 questions - 4-hour time limit - 72.7% (109 of 150 questions) minimum passing score
GIAC reserves the right to change the specifications for each certification without notice. A scientific passing point study was conducted for the exam. The passing point for the GCIH exam has been determined to be 72.7% for all candidates receiving access to their certification attempts on or after 08/03/2009.
Passing point information for all exams is defined in the "Read Me First" Certification Information presented before candidates start their exam.
- Renewal:
- Every 4 years
- Delivery:
-
NOTE: GIAC exams are NOT given the day after the conference ends.
Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.
