Cyber Security Certification: GFACT

Cyber Security Certification: GFACT

If you are an alumni of any of the following courses and are interested in registering for the GFACT exam, please contact Customer Service at or +1 301-654-7267 for eligibility and discounted pricing information:

  • SEC201
  • SEC201: Computing & Technology Essentials
  • Cyber Essentials
  • CyberStart Essentials
  • Cyber Foundations
  • SANS Foundations
  • SANS Foundations: Computers, Technology & Security
  • SEC275 - Foundations: Computers, Technology, & Security

"The GIAC Foundational Cybersecurity Technologies (GFACT) certification demonstrates an individual has developed hands-on skills through labs in areas such as Linux, encryption, and programming, as well as gained essential knowledge in areas such as networking, computer hardware, virtualization, Windows, servers, introductory security concepts, and more. Candidates achieving the GFACT are proficient in the core knowledge and practical skills in computers, technology, and security fundamentals needed to kickstart a career in cybersecurity. GFACT holders are truly ready to contribute on Day 1 of their first job in IT or cybersecurity!" - James Lyne, SANS CTO & SEC275 Course Author

The GFACT certification validates a practitioner's knowledge of essential foundational cybersecurity concepts. GFACT-certified professionals are familiar with practical skills in computers, technology, and security fundamentals that are needed to kickstart a career in cybersecurity.

Areas Covered

Who is GFACT for?



NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Computer Hardware & Virtualization
The candidate will understand key hardware components and their functions as well as associated memory concepts and understand virtualization and containers, their uses and advantages/disadvantages
Exploitation & Mitigation
The candidate will be familiar with common exploit anatomy and methodology as well as have a basic awareness and understanding of the tools used by attackers to achieve and increase system access as well as appropriate mitigation strategies and techniques
Forensics & Post-Exploitation
The candidate will be familiar with tools used in forensics investigations as well as their function, understand the stages of incident response, and understand the objectives of different types of forensics investigations and associated key artifacts and evidence. The candidate will be familiar with post-exploitation goals and methodology including persistence, lateral movement, and exfiltration
Linux Foundations
The candidate will have a working knowledge of most commonly used Linux commands, understand permissions and access control, and understand the key elements of Linux as It relates to file systems, architecture, and networking
Logic & Programming
The candidate will be able to determine the result of basic logical operations, have a familiarity with programming syntax, constructs, and errors in popular languages, and understand how programs execute and the functions of memory allocations
Networking & Servers
The candidate will understand core networking concepts, protocols, and understand different server types and their uses
Operating Systems, The Web, & Data Storage
The candidate will understand the typical function and duties/task of the operating system, and be familiar with different file systems, web technology, and have some familiarity with cloud computing models and their advantages/disadvantages.
Security Concepts
The candidate will understand the concepts and terminology associated with cryptography, be familiar with ethical and legal concerns that are associated with hacking, understand the stages of an attack, and be familiar with key defensive strategies and concepts
Windows Foundations
The candidate will be familiar with key Windows CLI commands, understand permissions and access control, and understand the key elements of Windows as it relates to file systems, architecture, and networking

*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*

Other Resources