Thousands of information security professionals around the world received their “masters” level certifications from the SANS Institute’s Global Information Assurance Certification (GIAC). The SANS GIAC program remarkably highly specialized certifications intended to enable security professionals the opportunity to confirm their expertise in their chosen field.
Certification topics from the SANS Institute comprise security essentials, intrusion detection, hacking techniques, and incident response, mobile device security, network defense, auditing, digital forensics, and relevant security topics. The "information" component of SANS includes the SANS Reading Room, a comprehensive library of downloadable security research documents; the Internet Storm Center, which controls and reports on mean attacks and presents weekly bulletins and alerts; free security policy templates; the CIS Critical Security Controls for cyber defense and more.
Some of these certifications invite to general audiences and have thousands of certificate holders, others are extremely focused and have only a few hundred certified professionals. In this article, we review the some most in-demand SANS GIAC certifications and explain how they can develop your information technology career.
GIAC Certified Incident Handler (GCIH)
Given the number of security incidents reported lately, there’s a high need for proficient incident response personnel. That’s one of the reasons that at least 25,546 individuals have obtained the GIAC Certified Incident Handler (GCIH) certification. The GCIH certification exam includes the steps of the incident handling process, understanding of identifying and noticing attacks and vulnerabilities and identifying the root motives of security incidents to better controls and prevent future incidents.
The GCIH exam, administered through the Pearson VUE proctored testing centers, needs completing a 100-150 question exam within a four-hour time. Applicants must obtain a passing score of 72 percent. Applicants may prepare for the GCIH through a blend of practical experience, training, and self-study.
GIAC Security Essentials Certification (GSEC)
GIAC does offer some certifications that have mass market demand, and it’s no wonder that one of them is the most popular GIAC certification. More than 37,106 individuals hold the entry-level GIAC Security Essentials Certification (GSEC). That’s nowhere near to the more than 100,000 individuals holding the more well-known Certified Information Systems Security Professional (CISSP) and more than 45,000 individuals with the CompTIA Security+ certification. While CISSP and Security+ remain to rule the general security certification field, however, GSEC definitely holds a decent market share.
Achieving your GSEC certification demands passing a single multiple-choice exam given through a proctored testing center. The exam consists of 180 questions and applicants have five hours to complete the test. Topics included in the exam cover the extent of information security, from network security to setting operating systems and managing security incidents. Earning the certification requires obtaining a minimum passing score of 73 percent.
GIAC Certified Intrusion Analyst (GCIA)
Appearing in fourth is yet another certification concentrated on responding to thriving security attacks. The GIAC Certified Intrusion Analyst (GCIA) certification focuses on ensuring that candidates can configure and monitor intrusion detection systems, identifying and interpreting the signs of an attack. More than 10,687 individuals own the GCIA certification. The exam topics for GCIA are extremely technical, rooting in on the security and networking skills required to work sincerely with intrusion detection systems. Topics comprised in the exam syllabus include creating intrusion detection rules, practicing the Wireshark protocol analyzer, tuning IDS performance and correlating outcome with an output from other security systems.
As with other GIAC certifications, obtaining the GCIA certification needs completing a proctored exam. The GCIA exam comprises 150 questions administered over four hours. The passing score for GCIA exam is 68 percent.
GIAC Certified Forensic Analyst (GCFA)
The next most in-demand certification also comprises the skills required in the aftermath of a security incident. The GIAC Certified Forensic Analyst (GCFA) certification certifies that an applicant has the skills required to gather and interpret security data from both Windows and Linux systems in the wake of an intrusion or another event. Currently, more than 11,028 individuals own the GCFA certification. Exam syllabus topics include deep forensic skills, including file carving and data extraction, file system structures, acquiring and preserving forensic images, managing timeline analysis and managing volatile data.
The GCFA exam is concise than other GIAC certification exams, coming in at 82-115 questions administered over three hours. Passing the exam requires to achieve the passing score of 72% percent.
GIAC Penetration Tester (GPEN)
It isn’t until we approach the fifth slot on the top certifications list that we find a specific certification that concentrates on preventing attacks, rather than answering to successful system gaps. The GIAC Penetration Tester (GPEN) certification ensures employers that a security professional has the expertise required to assess systems and networks to recognize known vulnerabilities. The exam itself includes penetration testing techniques, legal issues, and technical approaches to penetration testing.
GSEC certification is a multiple choice examination. As with GCFA, the GPEN exam is on the shorter side with 82-115 questions to answer in three hours. The passing score for this exam is 75 percent.
GIAC Security Leadership (GSLC)
Technical managers looking to work in the information security field also may crave to approve their skills. The GIAC Security Leadership (GSLC) certification is composed of these individuals in mind. It carries some of the technical topics found on the GSEC exam, such as software security, network security, and attack techniques. Also, applicants will find a variety of security management topics that would be less applicable to technical professionals. These include writing security policy, conducting negotiations, governing legal liability, leading staff and understanding the total cost of ownership (TCO).
The multiple choice exam for the GSLC certification comes in with 115 questions. Applicants have four hours to answer the 102 questions rightly to obtain a passing score of 65 percent.
The GIAC certifications are some of the mainstay certifications of the information security field. If you already own a foundation level security certification, such as the Security+, CISSP or GIAC GSEC certification that confirms your understanding of security knowledge, considering getting one of the GIAC certifications to confirm your knowledge in one or more restricted areas of technical expertise. In addition to the most in-demand certifications covered in this article, GIAC offers a broad variety of other certifications, covering security administration, software security, legal issues, auditing, and other topics.