GIAC Defensible Security Architecture (GDSA) icon

GIAC Defensible Security Architecture (GDSA)

The GDSA certification proves that practitioners can design and implement an effective combination of network-centric and data-centric controls to balance prevention, detection, and response.

Areas Covered

  • Defensible Security Architecture: network-centric and data-centric approaches
  • Network Security Architecture: hardening applications across the TCP/IP stack
  • Zero Trust Architecture: secure environment creation with private, hybrid or public clouds

Who is GDSA for?

  • Security Architects
  • Network Engineers
  • Network Architects
  • Security Analysts
  • Senior Security Engineers
  • System Administrators
  • Technical Security Managers
  • CND Analysts
  • Security Monitoring Specialists
  • Cyber Threat Investigators¬†

Exam Format

  • 1 proctored exam
  • 75 questions
  • 2 hours
  • Minimum passing score of 63%

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Certification Objectives & Outcome Statements

  • Cloud-based Security Architecture
    The candidate will show an understanding of the concepts involving cloud security, securing on-premise hypervisors, network segmentation, surface reduction, delivery models, and container security.
  • Data Discovery, Governance, and Mobility Management
    The candidate will demonstrate an understanding of file classification, Data Loss Prevention (DLP), database governance, and Mobile Device Management (MDM).
  • Data-Centric Security
    The candidate will demonstrate an understanding of the concepts involving data-centric security. Specifically, have an understanding of reverse proxies, web application firewalls, database firewalls, and database activity monitoring.
  • Fundamental Layer 3 Defense
    The candidate will demonstrate an understanding of the concepts related to securing basic Layer 3 hardware, protocols and services and have an awareness of common attack vectors. In particular, demonstrate a knowledge of CIDR, Layer 3 routing attacks and mitigations, Layer 2/3 benchmark and auditing tools, securing SNMP and NTP protocols, and bogon filtering.
  • Fundamental Security Architecture Concepts
    The candidate will demonstrate a basic understanding of the concepts of perimeter-focused deficiencies, presumption of compromise, Zero Trust Model, Intrusion Kill Chain, Diamond Model, software-defined networking, micro-segmentation, threat vector analysis and attack surface analysis.
  • IPv6
    The candidate will demonstrate an understanding of the concepts of IPV6. Specifically,have an understanding of addressing, dual stack systems, tunneling; and IPv6 router advertisement attacks and mitigation.
  • Layer 1/Layer 2 Defense
    The candidate will demonstrate an understanding of the concepts related to securing Layer 1 and Layer 2 services, applications and protocols and be aware of common vectors for these attacks. Specifically,have an understanding of the structure and deployment of VLANs, CDP, MAC spoofing, ARP cache poisoning, DHCP starvation, VLAN hopping, 802.1X, and NAC.
  • Network Defenses
    The candidate will demonstrate an understanding of the concepts related to network defense. In particular, show a knowledge of NIDS, NIPS, network security monitoring, sandboxing, encryption, and DDOS protections.
  • Network Encryption and Remote Access
    The candidate will demonstrate an understanding of secure remote access, dual factor for all remote access VPNs and Jump Boxes.
  • Network Proxies and Firewalls
    The candidate will demonstrate an understanding of Web proxies,SMTP proxies, and next generation firewalls.
  • Zero Trust Endpoints
    The candidate will show an understanding of the concepts of securing Zero Trust Endpoints. In particular, demonstrate an understanding of patching via automation, end-user privilege reduction, host hardening, host IDS/IPS; endpoint firewalls, and scaling endpoint log collection.
  • Zero Trust Fundamentals
    The candidate will demonstrate an understanding of the concepts involving Zero Trust Architecture, credential rotation, and responding to pivoting adversaries and insider threats.
  • Zero Trust Networking
    The candidate will demonstrate a basic understanding of the concepts of Zero Trust Networking. Specifically, demonstrate an understanding of authenticating and encrypting endpoint traffic, Domain Isolation, Single Packet Authentication, red herring defenses, and proactive defenses to change attacker behaviors.

Other Resources

  • Training is available in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification
  • College level courses or self paced study through another program or materials may meet the needs for mastery.
  • Get information about the procedure to contest exam results.
2340x500-generic-2-background-only_copy.jpg

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.