Use this quick start guide to collect all the information about GIAC GREM Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Reverse Engineering Malware (GREM) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual GIAC Reverse Engineering Malware (GREM) certification exam.
The GIAC GREM certification is mainly targeted to those candidates who want to build their career in Digital Forensics Incident Response & Threat Hunting domain. The GIAC Reverse Engineering Malware (GREM) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GREM.
GIAC GREM Exam Summary:
| Exam Name | GIAC Reverse Engineering Malware (GREM) |
| Exam Code | GREM |
| Exam Price | $979 (USD) |
| Duration | 180 mins |
| Number of Questions | 75 |
| Passing Score | 73% |
| Books / Training | FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques |
| Schedule Exam | Pearson VUE |
| Sample Questions | GIAC GREM Sample Questions |
| Practice Exam | GIAC GREM Certification Practice Exam |
GIAC GREM Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Analyzing Malicious Office Macros | - The candidate will be able to analyze macros and scripts embedded in suspicious Microsoft Office files to understand their capabilities. |
| Analyzing Malicious PDFs | - The candidate will be able to analyze suspicious PDFs and embedded scripts to understand the nature of the threat they might pose. |
| Analyzing Malicious RTF Files | - The candidate will be able to analyze suspicious RTF files and embedded shellcode to understand their capabilities. |
| Analyzing Obfuscated Malware | - The candidate will be able to identify packed Windows executables and obfuscated malicious JavaScript and unpack it to gain visibility of it's key capabilities. |
| Behavioral Analysis Fundamentals | - The candidate will be able analyze static properties of a suspected malware sample, develop theories regarding its nature, and determine subsequent analysis steps. |
| Common Malware Patterns | - The candidate will be able to identify common API calls used by malware and understand what capabilities the APIs offer to the malware samples. The candidate will be able to identify common techniques used by malware including code injection, hooking, and process hollowing techniques. |
| Core Reverse Engineering Concepts | - The candidate will apply dynamic analysis techniques to examine a malware sample in a debugger and will apply static analysis techniques to interpret common assembly instructions and patterns in Windows malware using a disassembler. |
| Examining .NET Malware | - The candidate will be able to analyze .NET programs to understand their capabilities. |
| Identifying and Bypassing Anti-Analysis Techniques | - The candidate will be able to identify and bypass common debugger detection and data protection measures used in malware, including the detection of security tools. |
| Malware Analysis Fundamentals | - The candidate will be able to describe key methods for analyzing malicious software and identify the needs of malware analysis lab. |
| Malware Flow Control and Structures | - The candidate will be able to analyze common execution flow control mechanisms, such as loops and conditional statements, in assembly language. |
| Overcoming Misdirection Techniques | - The candidate will be able to overcome misdirecting execution workflow as an anti-analysis technique used in malware. |
| Reversing Functions in Assembly | - The candidate will be able to analyze malware functions in assembly language to understand use of parameters, return values and other structural elements. |
| Static Analysis Fundamentals | - The candidate will be able analyze static properties of a suspected malware sample, develop theories regarding its nature, and determine subsequent analysis steps. |
| Unpacking and Debugging Packed Malware | - The candidate will demonstrate process for unpacking malware using a debugger and repairing unpacked malware for further analysis. |
To ensure success in GIAC GREM certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for GIAC Reverse Engineering Malware (GREM) exam.