Cyber Security Certification: GPCS

Cyber Security Certification: GPCS


"SEC510: Public Cloud Security: AWS, Azure, and GCP covers a large array of topics across each of the Big 3 Cloud providers. Certification is crucial to prove that an individual can navigate through the nuances of each platform to defend the data and infrastructure within. The GPCS distinguishes itself from the certifications offered by each provider because it remains vendor neutral. GPCS emphasizes the security strengths and weaknesses of each provider, highlighting that they are not secure by default and require professional reconfiguration. Any organization using one or more of these providers will find the knowledge and experience of GPCS holders to be indispensable to their security strategy." - Brandon Evans, SANS SEC510 course co-author

The GPCS certification validates a practitioner's ability to secure the cloud in both public cloud and multi cloud environments. GPCS-certified professionals are familiar with the nuances of AWS, Azure, and GCP and have the skills needed to defend each of these platforms.

Areas Covered

Who is GPCS for?

Requirements

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.


Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Cloud Data Protection
The candidate will demonstrate an understanding of key management systems and the steps necessary to assess and secure them. The candidate will demonstrate familiarity with using encryption services to secure sensitive data stored in cloud platforms.
Cloud Identity and Access Management
The candidate will demonstrate an understanding of cloud Identity and Access Management (IAM), its security concerns, and the steps necessary to secure IAM policies.
Cloud Integration and Benchmarking
The candidate will demonstrate familiarity with the tools and services available to audit cloud environments for compliance with various benchmarks. The candidate will demonstrate familiarity with best practices for storinglong-term credentials. The candidate will demonstrate an understanding of cloud end-user identity management solutions and cloud single sign-on solutions.
Multicloud and Credential Management Fundamentals
The candidate will demonstrate an understanding of the security concerns of the current public cloud landscape. The candidate will demonstrate an understanding of instance metadata APIs, how they can be used in credential-based attacks, and how to assess their security.
Securely Accessing Cloud Services
The candidate will demonstrate familiarity with private service endpoints and with securing remote administrative access to cloud platforms.
Securing Cloud Application Service Platforms
The candidate will demonstrate familiarity with cloud application services and how to harden common configurations. The candidate will demonstrate an understanding of Google's Firebase database offering and how to harden common configurations.
Securing Cloud Storage Platforms
The candidate will demonstrate an understanding of how to secure cloud storage services. The candidate will demonstrate an understanding of the data exfiltration risks associated with these services.
Securing Serverless Functions
The candidate will demonstrate familiarity with serverless architectures and how to assess these environments for security misconfigurations.The candidate will demonstrate an understanding of how to harden serverless functions against persistence attacks.
Virtual Network Security and Logging
The candidate will demonstrate an understanding of default virtual private network settings and the steps necessary to secure them. The candidate will demonstrate an understanding of virtual network logging and monitoring capabilities.

*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*

Other Resources