GIAC Public Cloud Security (GPCS) icon

GIAC Public Cloud Security (GPCS)

Practitioner Certification

The GIAC Public Cloud Security (GPCS) certification validates a practitioner's ability to secure the cloud in both public cloud and multi cloud environments. GPCS-certified professionals are familiar with the nuances of AWS, Azure, GCP and have the skills needed to defend each of these platforms.

Areas Covered

  • Evaluation and comparison of public cloud service providers
  • Auditing, hardening, and securing public cloud environments
  • Introduction to multi-cloud compliance and integration

Who is GPCS for?

  • Security analysts, engineers, and researchers
  • Cloud and DevOps engineers
  • Security auditors and system administrators
  • Operations personnel
  • Anyone who is responsible for researching, evaluating, or adopting cloud security offerings

Exam Format

  • 1 proctored exam
  • 75 questions
  • 2 hours
  • Minimum passing score of 64%

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Certification Objectives & Outcome Statements

  • Cloud Data Protection
    The candidate will demonstrate an understanding of key management systems and the steps necessary to assess and secure them. The candidate will demonstrate familiarity with using encryption services to secure sensitive data stored in cloud platforms.
  • Cloud Identity and Access Management
    The candidate will demonstrate an understanding of cloud Identity and Access Management (IAM), its security concerns, and the steps necessary to secure IAM policies.
  • Cloud Integration and Benchmarking
    The candidate will demonstrate familiarity with the tools and services available to audit cloud environments for compliance with various benchmarks. The candidate will demonstrate familiarity with best practices for storinglong-term credentials. The candidate will demonstrate an understanding of cloud end-user identity management solutions and cloud single sign-on solutions.
  • Multicloud and Credential Management Fundamentals
    The candidate will demonstrate an understanding of the security concerns of the current public cloud landscape. The candidate will demonstrate an understanding of instance metadata APIs, how they can be used in credential-based attacks, and how to assess their security.
  • Securely Accessing Cloud Services
    The candidate will demonstrate familiarity with private service endpoints and with securing remote administrative access to cloud platforms.
  • Securing Cloud Application Service Platforms
    The candidate will demonstrate familiarity with cloud application services and how to harden common configurations. The candidate will demonstrate an understanding of Google's Firebase database offering and how to harden common configurations.
  • Securing Cloud Storage Platforms
    The candidate will demonstrate an understanding of how to secure cloud storage services. The candidate will demonstrate an understanding of the data exfiltration risks associated with these services.
  • Securing Serverless Functions
    The candidate will demonstrate familiarity with serverless architectures and how to assess these environments for security misconfigurations.The candidate will demonstrate an understanding of how to harden serverless functions against persistence attacks.
  • Virtual Network Security and Logging
    The candidate will demonstrate an understanding of default virtual private network settings and the steps necessary to secure them. The candidate will demonstrate an understanding of virtual network logging and monitoring capabilities.

Other Resources

  • Training is available in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification
  • College level courses or self paced study through another program or materials may meet the needs for mastery.
  • Get information about the procedure to contest exam results.

Practice Tests

  • These tests are a simulation of the real exam allowing you to become familiar with the test engine and style of questions.
  • Practice exams are a gauge to determine if your preparation methods are sufficient.
  • The practice bank questions are limited so you may encounter the same question on practice tests when multiple practice tests are purchased.
  • Practice exams never include actual exam questions.
  • Purchase a GPCS practice test here.
  • GIAC recommends leveraging additional study methods for test preparation.

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.