GIAC Incident Handler (GCIH) Exam Syllabus

GCIH PDF, GCIH Dumps, GCIH VCE, Incident Handler Questions PDF, GIAC Incident Handler VCEUse this quick start guide to collect all the information about GIAC GCIH Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Incident Handler (GCIH) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual GIAC Certified Incident Handler (GCIH) certification exam.

The GIAC GCIH certification is mainly targeted to those candidates who want to build their career in Penetration Testing domain. The GIAC Certified Incident Handler (GCIH) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GCIH.

GIAC GCIH Exam Summary:

Exam Name GIAC Certified Incident Handler (GCIH)
Exam Code GCIH
Exam Price $1899 (USD)
Duration 240 mins
Number of Questions 100-150
Passing Score 73%
Schedule Exam Pearson VUE
Sample Questions GIAC GCIH Sample Questions
Practice Exam GIAC GCIH Certification Practice Exam

GIAC GCIH Exam Syllabus Topics:

Topic Details
Incident Handling: Identification - The candidate will demonstrate an understanding of important strategies to gather events, analyze them, and determine if we have an incident.
Incident Handling: Overview and Preparation - The candidate will demonstrate an understanding of what Incident Handling is, why it is important, and an understanding of best practices to take in preparation for an Incident.
Client Attacks - The candidate will demonstrate an understanding of various client attacks and how to defend against them.
Covering Tracks: Networks - The candidate will demonstrate an understanding of how attackers use tunneling and covert channels to cover their tracks on a network, and the strategies involved in defending against them.
Covering Tracks: Systems - The candidate will demonstrate an understanding of how attackers hide files and directories on Windows and Linux hosts and how they attempt to cover their tracks.
Denial of Service Attacks - The candidate will demonstrate a comprehensive understanding of the different kinds of Denial of Service attacks and how to defend against them.
Incident Handling: Containment - The candidate will demonstrate an understanding of high-level strategies to prevent an attacker from causing further damage to the victim after discovering the incident.
Incident Handling: Eradication, Recovery, and Lessons Learned - The candidate will demonstrate an understanding of the general approaches to get rid of the attacker's artifacts on compromised machines, the general strategy to safely restore operations, and the importance of the incident report and lessons learned meetings.
Network Attacks - The candidate will demonstrate an understanding of various network attacks and how to defend against them.
Overflow Attacks - The candidate will demonstrate an understanding of how overflow attacks work and how to defend against them.
Password Attacks - The candidate will demonstrate a detailed understanding of the three methods of password cracking.
Reconnaissance - The candidate will demonstrate an understanding of public and open source reconnaissance techniques.
Scanning: Discovery and Mapping - The candidate will demonstrate an understanding of scanning fundamentals; to discover and map networks and hosts, and reveal services and vulnerabilities.
Scanning: Techniques and Defense - The candidate will demonstrate an understanding of the techniques and tools used in scanning, and how to response and prepare against scanning.
Session Hijacking and Cache Poisoning - The candidate will demonstrate an understanding of tools and techniques used to perform session hijacking and cache poisoning, and how to respond and prepare against these attacks.
Techniques for maintaining access - The candidate will demonstrate an understanding of how backdoors, trojan horses, and rootkits operate, what their capabilities are and how to defend against them.
Web Application Attacks - The candidate will demonstrate an understanding of the value of the Open Web Application Security Project (OWASP), as well as different Web App attacks such as account harvesting, SQL injection, Cross-Site Scripting and other Web Session attacks.
Worms, Bots & Bot-Nets - The candidate will demonstrate a detailed understanding of what worms, bots and bot-nets are, and how to protect against them.

To ensure success in GIAC GCIH certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Incident Handler (GCIH) exam.

Rating: 4.8 / 5 (31 votes)