Cyber Security Certification: GCLD

Cyber Security Certification: GCLD


"The GIAC Cloud Security Essentials (GCLD) certification proves that the certificate holder understands many of the security challenges brought forth when migrating systems and applications to cloud service provider (CSP) environments. Understanding this new threat landscape is only half the battle. The GCLD certification goes one step further - proving that the defender can implement preventive, detective, and reactionary techniques to defend these valuable cloud-based workloads." - Ryan Nicholson, SANS SEC488 Course Author

Areas Covered

Who is GCLD for?

Requirements

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.


Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Attacking the Cloud and Responding to Intrusions
The candidate will demonstrate a basic understanding of the overall process and considerations when conducting a penetration test or responding to an incident involving public cloud resources.
Cloud Account Fundamentals
The candidate will demonstrate an understanding of cloud identity fundamentals and access management principles. The candidate will show familiarity of security best practices to control access to a cloud environment using each identity type.
Cloud Automation
The candidate will demonstrate a basic understanding of provisioning and managing cloud infrastructure using Infrastructure as Code. The candidate will demonstrate familiarity with using automation practices to support continuous and repeatable evaluation tasks.
Cloud Logging Fundamentals
The candidate will demonstrate familiarity with cloud logging capabilities and methods to collect logs in a way to facilitate utility and dissemination. 
Cloud Networking Technology
The candidate will demonstrate knowledge of fundamental network security concepts and the implementation of these principles using cloud resources. 
Containers and Cloud Storage
The candidate will demonstrate familiarity with serverless compute resources, container technologies, and how each can be orchestrated to achieve elasticity. The candidate will demonstrate familiarity with cloud storage options and how to architect these resources securely.
Discovering and Storing Sensitive Data
The candidate will demonstrate an understanding of data security considerations in a multi-tenant environment and how to configure and monitor cloud resources to deter data leakage using encryption and data loss prevent strategies. 
External access and IAM Best Practices
The candidate will demonstrate an understanding of the security considerations when integrating 3rd party services with a cloud environment and the proper steps to evaluate the resilency of the integration configuration.
Frameworks for Built-in Security
The candidate will demonstrate an understanding of system development life cycles and AppSec frameworks to create a baseline configuration with security built-in. The candidate will demonstrate familiarity with continuous integration and continuous deployment.
Government and Legal Considerations
The candidate will demonstrate knowledge of considerations for government cloud adoption and geopolitical concerns with using cloud technology. The candidate will demonstrate a foundational understanding of cloud service agreements, contractual obligations, and legal considerations when using cloud resources.
Network Security Monitoring in the Cloud
The candidate will demonstrate basic knowledge of the collection and interpretation of network flow data and packet capturing using cloud resources. The candidate will demonstrate familiarity with using network security monitoring practices to enhance detection and response capabilities in the cloud.
Risk Management and Compliance
The candidate will demonstrate an understanding of regulatory, compliance, security assurance, and risk management requirements and the best practices and frameworks for addressing these considerations.
Secrets Management
The candidate will demonstrate knowledge of the responsibilities and capabilities to securing user secrets. The candidate will demonstrate familiarity of the integration process for a variety of authentication mechanisms in a cloud environment.
Secure Compute Deployment
The candidate will demonstrate fundamental knowledge of resource allocation and image evaluation when deploying cloud compute resources. The candidate will demonstrate the ability to maintain the compute resource attack surface through automation practices and patch management.
Securing Cloud Networks
The candidate will demonstrate an understanding of network isolation and remote access. The candidate will demonstrate fundamental knowledge of common attacks against cloud resources and best practices to protect against them.
Understanding Shared Responsibility and Threat Informed Defense
The candidate will demonstrate basic knowledge of using the practice of threat modeling to architect threat informed defenses for cloud resources. The candidate will demonstrate an understanding of the various service delivery models and shared responsibility for each when using a public cloud service.
Using Sensitive Data
The candidate will demonstrate an understanding of cloud resource elasticity and high availability functionality. The candidate will demonstrate fundamental knowledge of securing data in transit between cloud resources and application users. 

*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*

Other Resources

Training is available in a variety of modalities including live conference training, online, and self-study. Practical work experience can help ensure that you have mastered the skills necessary for certification. College level courses or study through another program may meet the needs for mastery. The procedure to contest exam results can be found at https://www.giac.org/about/procedures/grievance.