Use this quick start guide to collect all the information about GIAC GCLD Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Cloud Security Essentials (GCLD) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual GIAC Cloud Security Essentials (GCLD) certification exam.
The GIAC GCLD certification is mainly targeted to those candidates who want to build their career in Cloud Security domain. The GIAC Cloud Security Essentials (GCLD) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GCLD.
GIAC GCLD Exam Summary:
| Exam Name | GIAC Cloud Security Essentials (GCLD) |
| Exam Code | GCLD |
| Exam Price | $979 (USD) |
| Duration | 120 mins |
| Number of Questions | 75 |
| Passing Score | 61% |
| Books / Training | SEC488: Cloud Security Essentials |
| Schedule Exam | Pearson VUE |
| Sample Questions | GIAC GCLD Sample Questions |
| Practice Exam | GIAC GCLD Certification Practice Exam |
GIAC GCLD Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Attacking the Cloud and Responding to Intrusions | - The candidate will demonstrate a basic understanding of the overall process and considerations when conducting a penetration test or responding to an incident involving public cloud resources. |
| Cloud Account Fundamentals | - The candidate will demonstrate an understanding of cloud identity fundamentals and access management principles. The candidate will show familiarity of security best practices to control access to a cloud environment using each identity type. |
| Cloud Automation | - The candidate will demonstrate a basic understanding of provisioning and managing cloud infrastructure using Infrastructure as Code. The candidate will demonstrate familiarity with using automation practices to support continuous and repeatable evaluation tasks. |
| Cloud Logging Fundamentals | - The candidate will demonstrate familiarity with cloud logging capabilities and methods to collect logs in a way to facilitate utility and dissemination. |
| Cloud Networking Technology | - The candidate will demonstrate knowledge of fundamental network security concepts and the implementation of these principles using cloud resources. |
| Containers and Cloud Storage | - The candidate will demonstrate familiarity with serverless compute resources, container technologies, and how each can be orchestrated to achieve elasticity. The candidate will demonstrate familiarity with cloud storage options and how to architect these resources securely. |
| Discovering and Storing Sensitive Data | - The candidate will demonstrate an understanding of data security considerations in a multi-tenant environment and how to configure and monitor cloud resources to deter data leakage using encryption and data loss prevent strategies. |
| External access and IAM Best Practices | - The candidate will demonstrate an understanding of the security considerations when integrating 3rd party services with a cloud environment and the proper steps to evaluate the resilency of the integration configuration. |
| Frameworks for Built-in Security | - The candidate will demonstrate an understanding of system development life cycles and AppSec frameworks to create a baseline configuration with security built-in. The candidate will demonstrate familiarity with continuous integration and continuous deployment. |
| Network Security Monitoring in the Cloud | - The candidate will demonstrate basic knowledge of the collection and interpretation of network flow data and packet capturing using cloud resources. The candidate will demonstrate familiarity with using network security monitoring practices to enhance detection and response capabilities in the cloud. |
| Risk Management and Compliance | - The candidate will demonstrate an understanding of regulatory, compliance, security assurance, and risk management requirements and the best practices and frameworks for addressing these considerations. |
| Secrets Management | - The candidate will demonstrate knowledge of the responsibilities and capabilities to securing user secrets. The candidate will demonstrate familiarity of the integration process for a variety of authentication mechanisms in a cloud environment. |
| Secure Compute Deployment | - The candidate will demonstrate fundamental knowledge of resource allocation and image evaluation when deploying cloud compute resources. The candidate will demonstrate the ability to maintain the compute resource attack surface through automation practices and patch management. |
| Securing Cloud Networks | - The candidate will demonstrate an understanding of network isolation and remote access. The candidate will demonstrate fundamental knowledge of common attacks against cloud resources and best practices to protect against them. |
| Understanding Shared Responsibility and Threat Informed Defense | - The candidate will demonstrate basic knowledge of using the practice of threat modeling to architect threat informed defenses for cloud resources. The candidate will demonstrate an understanding of the various service delivery models and shared responsibility for each when using a public cloud service. |
| Using Sensitive Data | - The candidate will demonstrate an understanding of cloud resource elasticity and high availability functionality. The candidate will demonstrate fundamental knowledge of securing data in transit between cloud resources and application users. |
To ensure success in GIAC GCLD certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for GIAC Cloud Security Essentials (GCLD) exam.