Cybersecurity Certifications: FAQ

Cybersecurity Certifications:

GIAC Certification Information

What do I have to do to be a part of the GIAC Advisory Board?

Students who receive a total average score of 90% or above on GIAC certification exams are invited to join the GIAC Advisory Board.

How do I apply for GIAC Gold?

Once the concept is accepted, the individual will need to submit payment of the $529 registration fee and will be contacted by their assigned GIAC Gold Adviser within 5 business days to begin setting the path to completion.

Can I share my course materials with a colleague?

You can tell others what you have learned, however, you cannot share the course materials, in either hard copy or electronic format of PDFs and MP3 files. A policy agreement is confirmed and accepted in the registration process that your training is not to be shared. You cannot train anyone in your organization using any of our material for any reason, even as a back-up position to you.

Should I fail my proctored exam, can I purchase another attempt?

An additional exam attempt can be purchased. Please click here for current pricing.

Following any GIAC exam failure, there is a 30-day waiting period before a candidate can sit for the exam again. Purchasing an additional exam attempt after an exam failure extends the final certification deadline by 60 days; this includes the 30-day waiting period. The 30-day waiting period provides candidates with additional time that should be used to master the certification objectives.
The option to purchase an additional exam attempt will be made available through the Certification Attempt section of the GIAC Certification Portal.

How do the certifications relate to each other?

The courses and certifications are designed to be taken either independently, or in series. Students can pursue individual courses and certifications to focus on specific areas of interest or responsibility. Or, they can be taken sequentially, to provide a progressive education in information security, from basic concepts to in-depth technical knowledge. The certification listing is sorted by category to show areas of similar study. 300 level courses are the lowest level, going up to 700 level being the most advanced courses. The GSEC is intended to ensure that graduates have a strong grounding in the fundamentals of information security and are prepared for the more specialized, technical certifications.

What do I need to do to earn the certification?

GIAC certifications require one proctored exam. The exam will be delivered in a proctored environment through your portal account. For more information regarding the GIAC Proctor requirements, please see The exams are designed to test your knowledge of a subject and your ability to put that knowledge into practice. For specific certification requirements, please see the Certification Roadmap at For information on GIAC Gold certification, information will be posted at as it becomes available.

What are the prerequisites to take the certification?

There are no official prerequisites to take the GIAC certifications. Any candidate who feels that he or she has the knowledge and ability to pass the certification requirements may take the certification. However, students should be aware of the technical level of the course they wish to take. The 500 level courses are more advanced than the 400 and the 400 more advanced than the 300. Be certain you are not starting at a level that is more difficult than you are prepared for. Some class descriptions provide an assessment test to make sure you are prepared for that level course, such as Sec502 and Sec503 which assume that the student has a working knowledge of the technology in question and a firm grasp of TCP/IP. Please note that currently, some GIAC certifications are only offered in conjunction with a corresponding SANS training course. This is a temporary measure intended to allow us to fine-tune our certification process - to make sure that the exams are fair and objective, and that the courses themselves are comprehensive. A number of certification attempts are available for outright purchase:

Do I have to take an Essentials certification before I take a higher level certification?

No. Security Essentials, Operations Essentials, Audit Essentials, and Management Essentials are all good starting points for the given area of study if you want a broad overview of security topics as opposed to focusing on a specific technology.

What is the difference between GIAC certification and GIAC Gold certification?

The requirement for earning GIAC certification is one proctored exam, which demonstrates the candidate's knowledge of the subject matter. If a candidate wishes to further distinguish him or herself, GIAC Gold is a second level of certification which requires completion of a technical paper. Technical papers will cover an important area of security related to the certification the student is seeking. After completing the exam necessary to pass the GIAC certification, students will have the option to apply for GIAC Gold Certification through their portal account. Candidates will work closely with an adviser through the process of developing their technical report. Once complete, the technical report will be reviewed for acceptance into the SANS Reading Room and the student earning GIAC Gold.

I am interested in GIAC Gold certification. Where can I find information?

Information on GIAC Gold can be seen at Further information will be posted as it becomes available.

What kind of recognition does a GIAC certification get?

Current or prospective employers recognize GIAC certification as an indication of your demonstrated knowledge and skill in computer security. There are two basic differences between a GIAC certification and any other education or certification program. First, no one else covers this material! We have gone to extreme effort to fill in the gap, to identify the skills and knowledge that organizations wish their employees had and to find the faculty that could produce those courses. Second, you must master this material to pass. The "certificate suitable for framing" is not the purpose of the program. You are going to know the information and possess the skills that your employer desperately wants you to have. In fact, to earn a GIAC certification, you must prove you know how to do the tasks required. Employers who have reviewed the materials and the requirements have been unanimous in saying: "People who have this certification are exactly what we are looking for in our organization." In other words, the certifications will have the most valuable recognition of all - they'll be used to select employees for hiring and promotion.

Do I automatically earn a GIAC certification if I complete the course?

No. Earning a GIAC certification is a separate process. Simply completing the course does not mean that you are GIAC certified.

If I take the course, do I have to take the certification?

No. SANS Training and GIAC Certification are separate programs (though GIAC certifications are based on SANS training). SANS Training is intended to provide students with the best available education in the key areas of information security. GIAC Certifications are designed to provide an objective "benchmark" to show that an individual meets a minimum standard of skill and knowledge for people who want to demonstrate this ability for themselves or for a current or prospective employer. You do not have to take the certification if you take the course, though you have the option to do so.

Why is my paper not posted in the SANS Reading Room?

By submitting your paper to GIAC, you are giving us the right to post it on our web site. We are also giving you the opportunity to be published. All certified students can find their papers posted under the appropriate certification listing. Naturally some papers are stronger or hold more community value than others. The best of the papers will also be placed in the Reading Room. It is an honor to be posted there, beyond the listing of all students.

What is the GSE (GIAC Security Expert) certification?

The GIAC Security Expert (GSE) is intended to represent the elite of the information security field.
Before a person can attempt the GSE, they must successfully complete the following prerequisites:
GSE pre-requisite baseline is: GSEC, GCIH, GCIA with two gold.
GSEC pre-requisite is unique because of dual windows and unix coverage.
Substitution options:

  1. GCWN and GCUX combined can act as a substitute for GSEC
  2. Higher level certifications can act as substitutes for gold papers examples: GCFA, GCFW, GCUX, GCWN, GCED, GPEN, GWAPT, GAWN, GREM

GSE pre-requisite list (including substitution options):
  1. GSEC, GCIH, GCIA with two gold
  2. GSEC, GCIH, GCIA with one gold and one substitute
  3. GSEC, GCIH, GCIA with no gold and two substitutes
  4. GCWN, GCUX, GCIH, GCIA with one gold
  5. GCWN, GCUX, GCIH, GCIA with no gold and one substitute

Further information can be found at

Can you tell me how many certified students you have in specific countries?

At this point in time we are unable to give out geographical information on certified students. That may change, but for now, it's the case.

Are GIAC certification exams transferable or refundable?

GIAC certification exams are non-transferable and non-refundable after you receive access to the exam material. The GIAC certification program only offers certification attempts to individual candidates, including verification of individual identity at multiple steps. GIAC does not permit the resale or transfer of any certification registration or GIAC exam voucher. Each certification attempt purchased is non-transferable and any certification application / registration instance is intrinsically tied to one and only one individual account.