Cyber Security Certification: GPYC
GIAC Python Coder (GPYC)
The GIAC Python Coder (GPYC) certification validates a practitioner's understanding of core programming concepts, and the ability to write and analyze working code using the Python programming language. GPYC certification holders have demonstrated knowledge of common python libraries, creating custom tools, collecting information about a system or network, interacting with websites and databases, and automating testing.
Areas Covered
- Python essentials: variable and math operations, strings and functions, and compound statements
- Data structures and programming concepts, debugging, system arguments, and argparser
- Python application development for pen testing: backdoors and SQL injection
Who is GPYC for?
- Information security professionals
- Python developers
- Forensic analysts
- Network defenders
- Penetration testers
Requirements
- 1 proctored exam
- 75 questions
- Time limit of 2 hours
- Minimum Passing Score of 67%
Delivery
NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.
GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.
Exam Certification Objectives & Outcome Statements
The topic areas for each exam part follow:
- Control Structures and Iteration
- The candidate will be able to create and analyze simple control structures, including conditionals (if/else/elif) and for/while loops using Python.
- Creation of Executables
- The candidate will have a basic understanding of creating a Python executable for Windows clients with a focus on penetration testing. This includes an understanding of backdoor functionality, the conversion of a Python program to an executable file, and using Python to create an executable that will evade most modern anti-virus signatures.
- Data Analysis with Python
- The candidate will demonstrate the ability to use Python for various data analysis techniques including parsing binary data with the struct module, common file formats, log analysis and statistics with freq.py, counters and sets, long tail and short-tail analysis.
- Data Structures
- The candidate will be able to create and manipulate variable types and data structures, including bytes, byte arrays, byte encoded unicode characters using UTF-8 and Latin-1, integers, Python 3 strings, sets and sequential data structures, including dictionaries, lists, and tuples.
- Database Interaction
- The candidate will understand how to create a Python program to query databases using SQL libraries.
- Exception Handling
- The candidate will have a basic understanding of Python exception handling capabilities, and how to build these into a program.
- Functions, Classes and Objects
- The candidate will be able to demonstrate an understanding of Python functions, classes, and object oriented programming.
- Network Interfaces
- The candidate will be able to implement TCP and UDP network based communications using Pythons socket module.
- Packet Analysis with Python
- The candidate will understand how to use extended functionality of Python and Scapy to create, read, analyze, and manipulate captured network traffic.
- Python Basics
- The candidate will be able to implement the more fundamental elements of Python, including creating, debugging and executing a program, and user/file input and output.
- Regular Expressions
- The candidate will have a basic understanding of regular expressions, and how to implement them in searches with Python.
- Website Interaction
- The candidate will understand how to use Python as a "browser" to interact with URLs and websites, handle cookies, and manipulate or capture traffic.
*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*
Other Resources
- Training is available in a variety of modalities including live conference training, online, and self study.
- Practical work experience can help ensure that you have mastered the skills necessary for certification
- College level courses or study through another program may meet the needs for mastery.
- The procedure to contest exam results can be found athttps://www.giac.org/about/procedures/grievance.
