Cyber Security Certification: GCIP

Cyber Security Certification: GCIP

"The bulk electric system or "the grid" is arguably the most critical of the critical infrastructures demanding that personnel charged with supporting it, understand the impact of their actions and inactions with regard to system reliability, safety and security. The GIAC Critical Infrastructure Protection will help validate that the professionals who access, support and maintain the critical systems that keep the grid running have an understanding of the regulatory requirements of NERC CIP as well as practical implementation strategies to achieve both regulatory compliance and its cyber security objectives." -Ted Gutierrez, co-author of SANS ICS456: Essentials for NERC Critical Infrastructure Protection

Areas Covered

Who is GCIP for?



NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

BES Cyber System Categorization
Knowledge of Attachment 1 Criteria, Operational Effects and Impacts, NERC Functional Model, BES Reliability Operating Services, BES Cyber Asset Identification
Configuration Change Management and Vulnerability Assessments
Knowledge of Change Management, Configuration Monitoring, Vulnerability Assessment, Transient Cyber Assets, Removable Media
Electronic Security Perimeter(s)
Knowledge of Electronic Security Perimeter Architecture, External Routable Connectivity communication, Access Rules, Dial-Up, Malicious Communication Detection, Intermediate Systems and Interactive Remote Access, Multi-factor Authentication
Incident Reporting and Response Planning
Knowledge of Incident Response Plan, Incident Response Plan Testing and Exercise, Incident Response Plan Reporting
Information Protection
Knowledge of Information Protection Program, Identification, Classification, Protection, Disposal, Reuse
NERC CIP Terms and Definitions
Knowledge of terms and definitions relevant to BES, NERC, and CIP
Personnel & Training
Knowledge of Awareness Program, Cybersecurity Training Program, Personnel Risk Assessment, Access Management Program
Physical Security of BES Cyber Systems
Knowledge of Physical Security Plan, Physical access controls, Visitor control program, Maintenance and Testing, Monitoring, Logging and Alerting
Recovery Plans for BES Cyber Systems
Knowledge of Recovery Plan, Recovery Plan Testing and Exercise, Recovery Plan Reporting
Security Management Controls
Knowledge of Senior Manager Requirements, Policies, Low facility Requirements
Standards Development
Knowledge of Compliance Monitoring and Enforcement Program, Request For Interpretation, Standards Authorization Request, Urgent Action Request, Balloting, Violation Severity Level, Violation Risk Factor
Standards Enforcement
Knowledge of Audit Prep, Enforcement Treatment, Reliability Standards Auditor Worksheet, Reliability Assurance Initiative, Interactive Remote Access, Internal Controls Evaluation
System Security Management
Knowledge of Port and Service management, Patch Management, Malicious Code Prevention, System Logging, Authentication Requirements, Account management, Monitoring and Alerting

*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*

Other Resources