GIAC Program Overview (PDF
GIAC Program Overview (PDF
GIAC Program Overview (PDF
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>GIAC</strong> <strong>Program</strong> <strong>Overview</strong><br />
Jeff Frisk – <strong>GIAC</strong> Director<br />
jfrisk@giac.org<br />
Q1 2013 Version<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2012 1
What is <strong>GIAC</strong>?<br />
•<strong>GIAC</strong> is the ‘Global Information<br />
Assurance Certification’ program<br />
•<strong>GIAC</strong> assesses candidate knowledge in<br />
specific subject areas and grants<br />
credentials in the field of IT Security<br />
•<strong>GIAC</strong> has issued over 45,000 credentials<br />
over the past ten years<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013
Benefits of Certification<br />
• Personal Perks<br />
– Increased salary / upward mobility<br />
– Prestige / confidence<br />
– Demonstrated ability<br />
• Industry Benefits<br />
– Establishes benchmarks<br />
– Confirms individuals have specific technical skill sets<br />
– Stronger community bonds<br />
• Reinforcement of Education<br />
– Management Tool<br />
– Dusty books help no one<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 3
The <strong>GIAC</strong> Certification <strong>Program</strong>:<br />
•Validates real-world competency<br />
•Focuses on hands-on concepts<br />
•Offers specific skills based certifications<br />
aligned with critical infosec job duties<br />
•Is highly respected among both industry<br />
leaders and technical practitioners<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013
<strong>GIAC</strong> Earns SC Magazine’s 2011 Award for<br />
Best Professional Certification <strong>Program</strong><br />
• The prestigious, performance-based <strong>GIAC</strong><br />
Security Expert Credential was named<br />
'Best Professional Certification' by SC<br />
Magazine in 2011<br />
• <strong>GIAC</strong> Credentials have been finalists in SC<br />
Magazine’s 2009, 2010, 2011, 2012 Best<br />
Professional Certification <strong>Program</strong> category<br />
(GCFA, GSEC, GCIA, GWAPT, GSE)<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013
Top 3 Reasons to Earn Your<br />
<strong>GIAC</strong> Certification<br />
1. Managers use <strong>GIAC</strong> certifications to<br />
ensure that candidates actually possess<br />
deep technical skills<br />
2. <strong>GIAC</strong> certifications help IT Security<br />
Professionals get promoted faster and<br />
earn more money<br />
3. <strong>GIAC</strong> candidates learn and absorb more<br />
of the detailed content through<br />
preparing for certification exams<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 6
Salary Data and <strong>GIAC</strong> Reputation<br />
• 81% of hiring managers who participated in a recent Salary<br />
Survey consider certifications a factor in their hiring decisions<br />
• 41% of respondents from the same survey said their<br />
organizations use certifications as a factor when determining<br />
salary increases<br />
• There is a strong demand for qualified information security<br />
professionals and <strong>GIAC</strong> certification proves you have the skills to<br />
do the job<br />
• Foote Partners names four <strong>GIAC</strong> certifications in their list of the<br />
10 Hottest Certifications, including the #1 certification <strong>GIAC</strong><br />
Certified Incident Handler (GCIH)<br />
www.baselinemag.com/c/a/Education/Ten-Hot-IT-Certifications-<br />
627829/<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 7
What Do Hiring Managers Say?<br />
Hiring managers use <strong>GIAC</strong> certifications to ensure that<br />
candidates actually possess deep technical skills…<br />
“We require all analysts to hold <strong>GIAC</strong> Intrusion<br />
Analyst certifications (GCIA) - and we tie this<br />
to promotions and additional salary.<br />
As a Security Operations Center Manager I<br />
have additional confidence in my team's<br />
abilities because they hold <strong>GIAC</strong> Certifications.“<br />
Brent Deterding, SOC Manager LURHQ<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 8
What Do Infosec Professionals Say?<br />
<strong>GIAC</strong> certifications help IT Security Professionals get<br />
promoted faster and earn more money…<br />
"The <strong>GIAC</strong> certification has enabled me to take<br />
the next step in my Information Security<br />
career. It allowed me to prove that my value<br />
was more than just that of a security minded<br />
Sys Admin."<br />
–J. Klein, Enterprise Information Systems,<br />
Cedars-Sinai Medical Center<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 9
What Do Certified People Say?<br />
<strong>GIAC</strong> candidates learn and absorb more of the detailed<br />
content through preparing for certification exams<br />
"The SANS hands-on experience and the intensive <strong>GIAC</strong><br />
certification process has garnered me the respect of my<br />
boss and peers. Now, when I speak, people listen. I<br />
have the confidence to get the job done. My boss looks<br />
at me with respect that simply wasn't there before<br />
SANS training and <strong>GIAC</strong> certification. Not only my boss,<br />
but managers and peers at other large organizations."<br />
- Matt Carpenter, Enterprise Information Systems<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 10
<strong>GIAC</strong> Certifications<br />
• GSEC - Security Essentials<br />
• GCFW - Firewall Analyst<br />
• GCIA - Intrusion Analyst<br />
• GCIH - Incident Handler<br />
• GCFA - Forensics Analyst<br />
• GCUX - Unix Security<br />
• GCWN - Windows Security<br />
• GSSP - Secure Coding<br />
• GCED - Enterprise Defender<br />
• GCFE - Forensics Examiner<br />
• GWEB - Web App Defender<br />
• GXPN - Advanced Pen Test<br />
•GISF -Information Security Fundamentals<br />
•GSLC -Security Leadership<br />
•GSNA -System & Network Auditor<br />
•G2700 -ISO 17799/27001<br />
•GISP -Information Security Professional<br />
• GAWN - Auditing Wireless Networks<br />
•GREM -Reverse-Engineering Malware<br />
•GPEN -Penetration Tester<br />
•GWAPT -Web App Pen Testing<br />
•GCPM -InfoSec Project Management<br />
•GLEG -InfoSec Legal Issues<br />
For a complete list of <strong>GIAC</strong> Certifications<br />
http://www.giac.org/certifications/get-certified/roadmap<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 11
<strong>GIAC</strong> Certification Options<br />
<strong>GIAC</strong> Certification<br />
– Multiple choice exam only<br />
<strong>GIAC</strong> Gold Status<br />
– Add a written technical report<br />
<strong>GIAC</strong> Expert Status<br />
– Highest certification level<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 12
Registration<br />
•Register for <strong>GIAC</strong> certification<br />
–In addition to training, certification requires<br />
a $579 fee<br />
–You can add your certification attempt at<br />
the conference registration desk or by<br />
calling (301) 654-7267<br />
– Must add before end of conference or the<br />
price goes up to $849<br />
–Your certification attempt has a four month<br />
access window<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 13
ISO/ANSI 17024 Accredited<br />
•ISO/ANSI 17024 is a quality standard for<br />
organizations granting certifications<br />
•The <strong>GIAC</strong> certification program (specifically<br />
GSEC and GSLC) was first accredited by the<br />
American National Standards Institute (ANSI)<br />
in December of 2007, under the ANSI/ISO/IEC<br />
17024 standard<br />
• In 2009 the GCIH, GCIA, and GCFA<br />
certifications were accredited under 17024<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 14
US Department Of Defense 8570<br />
•DoD Directive 8570 provides guidance and<br />
procedures for the training, certification, and<br />
management of the DoD workforce conducting<br />
Information Assurance functions. It also<br />
provides guidance on reporting metrics.<br />
•The <strong>GIAC</strong> certification program has eight<br />
certifications included on the official 8570 list<br />
•GSE, GSEC, GCIA, GCIH, GSLC, GSNA, GCED,<br />
GISF<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013
Proctored Exams<br />
• ALL Certification exams are fully proctored<br />
• Exams are open book, but not open computer<br />
• As of April 15, 2012 Pearson VUE is <strong>GIAC</strong>’s<br />
official partner for administering exams<br />
• A full list of testing sites is available at:<br />
http://www.giac.org/exams/testing-centers<br />
• Pearson VUE has more than 3,400 Testing<br />
Centers located in 165 countries worldwide<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 16
Web Based Scheduling System<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 17
Select A Testing Center<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013
<strong>GIAC</strong> Exam Details<br />
• All <strong>GIAC</strong> certification exams are taken online, in a<br />
proctored environment<br />
• All material for a certification is covered in one exam<br />
• Exams are open book and notes (think paper), not open<br />
electronic devices (no Google or pdfs)<br />
• Common <strong>GIAC</strong> Exam formats:<br />
– 75 question, two hour exams<br />
– 115 question, three hour exams<br />
– 150 question, four hour exams<br />
– GSEC is 180 question, five hour exam<br />
• You receive two practice tests<br />
• Certification exams associated with this conference must<br />
be completed within 120 days of account activation<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 19
Your Account<br />
•You will receive your<br />
account info about 10<br />
days after the conference<br />
• An up-to-date e-mail<br />
address is required!<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 20
<strong>GIAC</strong> Certification Portal<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 21
Preparing for Your <strong>GIAC</strong> Exam<br />
•Be familiar with exam objectives<br />
•Reread all the slides and notes<br />
sections from your course material<br />
•Build your hands-on skills by<br />
revisiting in-class exercises<br />
•Listen to the course audio mp3 files<br />
•Utilize your practice tests<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 22
Study Time<br />
•Don’t wait until the last minute!<br />
•On average, students who pass their<br />
<strong>GIAC</strong> exams put in 55 hours of study<br />
time, in addition to classroom training<br />
•For GSEC the average is higher, over 70<br />
hours<br />
•Take time to prepare, it will pay off!<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 23
You’re Certified!<br />
•Fill out the data input form after your<br />
exam and a framed <strong>GIAC</strong> Certification<br />
will be mailed to you, you only need to<br />
pay for shipping :)<br />
•Name and expiration dates for ALL<br />
<strong>GIAC</strong> certifications are posted on the<br />
<strong>GIAC</strong> Certified Professionals website<br />
•Utilize the official <strong>GIAC</strong> logos:<br />
http://www.giac.org/certifiedprofessionals/business-card-logos<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 24
Your Certification<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 25
Challenge Certifications<br />
•Attempting <strong>GIAC</strong> Certification without<br />
training from SANS<br />
•Same requirements apply<br />
•Practice exams are provided<br />
•Available for many certifications<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 26
Extensions and Exam Failures<br />
• YOU must be conscious of your certification attempt<br />
deadline (UTC)<br />
• 45 Day extensions are $299, non-refundable<br />
– You can purchase extensions 15 days before through 30 days<br />
after your time has expired<br />
• In the case of exam failure, additional attempts are<br />
$549, non-refundable<br />
– 30 day waiting period after every exam failure<br />
• Purchasing an additional attempt after an exam failure<br />
adds one calendar month to your timeframe, in addition<br />
to the 30 day waiting period (60 days total)<br />
• After three (3) failed attempts candidates must wait<br />
one full year before continuing the certification attempt<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 27
Certify Responsibly<br />
• Each candidate is bound by the <strong>GIAC</strong> Code of ethics<br />
• Multiple failures indicate you could be<br />
misrepresenting your abilities.<br />
– It is the candidate’s responsibility to put forth the effort to<br />
be able to demonstrate mastery of the certification<br />
objectives. Policies have been put in place to help uphold<br />
this standard.<br />
• You will need to wait a year before you can continue<br />
pursuing <strong>GIAC</strong> certification if you fail three times<br />
• Candidates are expected to complete <strong>GIAC</strong><br />
certification attempts in a timely manner<br />
– All <strong>GIAC</strong> certification attempts must be completed within 24<br />
months regardless of circumstances.<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013
Certification Maintenance<br />
• Security changes rapidly!<br />
• <strong>GIAC</strong> certifications are valid for four years<br />
• $399 certification renewal fee due once every four<br />
years, includes current training material from SANS in<br />
you agree to pay for shipping<br />
• Multiple renewal options<br />
– Retest, continuing education, published technical paper<br />
• Discounts available for multiple certifications due<br />
within the same two-calendar-year period<br />
– After first one, all others within 2 calendar years are $199<br />
• Benefits to maintaining your certification:<br />
– The longer you hold the certification, the more valuable it is<br />
• www.giac.org/certification-renewal/<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 29
<strong>GIAC</strong> Gold Technical Report<br />
•Reinforcement of detailed knowledge<br />
in a given subject area<br />
•Hands-on learning<br />
•Community resource, paper is posted<br />
for the benefit of the community<br />
•No time limit to sign up, $349<br />
•Can be used to renew certifications<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 30
<strong>GIAC</strong> Gold Advisors<br />
•Assigned to an Advisor for detailed,<br />
personalized feedback<br />
•A different expert in the field will<br />
do the grading<br />
•Extensive training for grading staff<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 31
<strong>GIAC</strong> Expert Level Certification<br />
•Top of the Pyramid<br />
–GSE -<strong>GIAC</strong> Security Expert<br />
•Basic prerequisites are GSEC, GCIA and GCIH<br />
•Not a single training course<br />
•Several days of hands-on testing are<br />
required for certification<br />
•Earning an Expert Level Certification<br />
combines individual recertification<br />
requirements<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 32
SANS Technology Institute<br />
•<strong>GIAC</strong> is one of the assessment and grading<br />
arms of the SANS Technology Institute<br />
•STI is a Masters degree program<br />
•STI is authorized by the Maryland Higher<br />
Education Commission to award MS Degrees<br />
• 16 students have graduated<br />
• About 65 students are currently enrolled<br />
• Applications are being accepted<br />
•http://www.sans.edu for more info<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 33
<strong>GIAC</strong> Advisory Board<br />
•Open to anyone who earns an exam<br />
score of at least 90% when obtaining a<br />
<strong>GIAC</strong> certification<br />
•More than 2,000 active members<br />
•Honors and demonstrated interest<br />
•Opportunities<br />
•Benefits<br />
•Responsibilities<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 34
<strong>GIAC</strong> Alumni & Social Media<br />
• <strong>GIAC</strong> has an ‘Alumni Groups’ on the social media networks<br />
• This helps fosters <strong>GIAC</strong> alumni communication outside of<br />
the conference setting<br />
• If you are <strong>GIAC</strong> certified and part of the LinkedIn<br />
community<br />
• http://www.linkedin.com/e/gis/38376/45794D211EFE<br />
• Become a fan of <strong>GIAC</strong> Global Forum on Facebook<br />
• http://www.facebook.com/group.php?gid=28603585600&v<br />
=app_2373072738#!/groupphp?gid=28603585600&v=wall<br />
• Follow <strong>GIAC</strong> on Twitter and gain access to our featured<br />
Question of the Week, updates to the program, and more!<br />
@<strong>GIAC</strong>_Certs<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 35
A Note on Plagiarism<br />
•Plagiarism is representing someone<br />
else’s work as your own<br />
•ZERO TOLERANCE POLICY<br />
• Termination or Revocation<br />
• Read the Administrivia for<br />
guidance on the use of references,<br />
etc.<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 36
Where Do I Go for Information?<br />
• <strong>GIAC</strong> web site: http://www.giac.org<br />
•SANS web site: http://www.sans.org<br />
•Copy of this presentation:<br />
http://www.giac.org/overview/program_overview.pdf<br />
• <strong>GIAC</strong> FAQ page:<br />
– http://www.giac.org/FAQ.php<br />
•<strong>GIAC</strong> general e-mail address:<br />
–info@giac.org<br />
•<strong>GIAC</strong> proctor questions:<br />
– proctor@giac.org<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 37
QUESTIONS?<br />
Now is a time for you to ask any<br />
questions you have about<br />
SANS, <strong>GIAC</strong>, or the<br />
certification process<br />
OR<br />
E-mail any time to info@giac.org<br />
<strong>Program</strong> <strong>Overview</strong> - <strong>GIAC</strong> Certification © 2013 38