GoCertify Logo
Today's Deal
Which IT career is right for you? Take the free career exploration quiz.
You are here:
/
Home
/
Articles About Certification
/
Six top SANS GIAC Cybersecurity Certifications

Six top SANS GIAC Cybersecurity Certifications

Woman does cybersecurity concept

Thousands of information security professionals around the world earned their "masters" level certifications through the SANS Institute's Global Information Assurance Certification (GIAC) curriculum. The SANS GIAC program offers highly specialized certifications designed to allow security professionals the opportunity to demonstrate their expertise in niche fields of information security.

 

While some of these certifications appeal to general audiences and have thousands of certificate holders, others are highly focused and have only a few hundred holders. In this article, we examine the six most popular SANS GIAC certifications and explain how they can advance your information technology career.

 

No. 1: GIAC Security Essentials Certification (GSEC)

GIAC does offer a few certifications that have mass market appeal, and it's no surprise that one of them is the most popular GIAC certification. As of June 2015, 37,106 individuals held the entry-level GIAC Security Essentials Certification (GSEC). That's nowhere close to the more than 100,000 individuals holding the more popular Certified Information Systems Security Professional (CISSP) and more than 45,000 individuals with the CompTIA Security+ credential. While CISSP and Security+ continue to dominate the general security certification space, however, GSEC certainly retains a decent market share.

 

Earning your GSEC credential requires passing a single multiple-choice exam given through a proctored testing center. The exam consists of 180 questions and candidates have five hours to complete the test. Topics covered on the exam run the gamut of information security, from network security to hardening operating systems and handling security incidents. Earning the credential requires achieving a minimum passing score of 73 percent, which translates to providing accurate answers for 132 of the exam questions. Students who wish to take a comprehensive GSEC prep course may consider the SANS SEC401 course: Security Essentials Bootcamp Style.

 

No. 2: GIAC Certified Incident Handler (GCIH)

Given the number of security incidents reported in the media recently, there's high demand for skilled incident response personnel. That's one of the reasons that at least 25,546 individuals have earned the GIAC Certified Incident Handler (GCIH) certification. The GCIH exam covers the steps of the incident handling process, knowledge about identifying and detecting attacks and vulnerabilities and discovering the root causes of security incidents to improve controls and prevent future incidents.

 

The GCIH exam, administered through the Pearson VUE proctored testing centers, requires completing a 150 question exam within a four-hour time limit. Candidates must achieve a passing score of 72 percent by answering 108 of the exam questions correctly. Candidates may prepare for the GCIH through a combination of practical experience, self-study and training. SANS offers the SEC504: Hacker Tools, Techniques, Exploits and Incident Handling course that is specifically tailored to the exam objectives.

 

No. 3: GIAC Certified Forensic Analyst (GCFA)

The next most popular credential also covers the skills needed in the aftermath of a security incident. The GIAC Certified Forensic Analyst (GCFA) credential certifies that an individual has the skills necessary to collect and analyze security data from both Windows and Linux systems in the wake of an intrusion or other event. Currently, 11,028 individuals hold the GCFA credential. Exam topics cover deep forensic skills, including file carving and data extraction, file system structures, acquiring and preserving forensic images, conducting timeline analysis and handling volatile data.

 

The GCFA exam is shorter than other GIAC certification tests, coming in at 115 questions administered over a three-hour time period. Passing the exam requires answering 80 questions correctly to meet the passing score of 69 percent. Candidates preparing for the GCFA exam may take the SANS FOR508 course: Advanced Digital Forensics and Incident Response. This six-day course covers the complete exam objectives.

 

No. 4: GIAC Certified Intrusion Analyst (GCIA)

Coming in fourth is yet another credential focused on reacting to successful security attacks. The GIAC Certified Intrusion Analyst (GCIA) credential focuses on ensuring that candidates have the ability to configure and monitor intrusion detection systems, recognizing and interpreting the signs of an attack. As of June 2015, 10,687 individuals hold the GCIA credential. The exam objectives for GCIA are highly technical, zeroing in on the security and networking skills required to work deeply with intrusion detection systems. Topics covered on the exam include creating intrusion detection rules, using the Wireshark protocol analyzer, tuning IDS performance and correlating results with output from other security systems.

 

As with other GIAC certifications, earning the GCIA credential requires completing a proctored exam. The GCIA exam contains 150 questions administered over a four-hour time period. The passing score for this exam is 67 percent, corresponding to answering 101 questions correctly to join the elite ranks of GCIA certified security professionals. Candidates seeking a training course for this exam may wish to take the SANS SEC503 course: Intrusion Detection In-Depth.

 

No. 5: GIAC Penetration Tester (GPEN)

It isn't until we reach the fifth slot on the top certifications list that we find a specialized credential that actually focuses on preventing attacks, rather than responding to successful system breaches. The GIAC Penetration Tester (GPEN) credential assures employers that a security professional has the skills necessary to assess systems and networks to identify known vulnerabilities. The exam itself covers penetration testing techniques, legal issues, and technical approaches to penetration testing. As of June 2015, 9,574 individuals held the GPEN credential.

 

Man does cybersecurity concept

You probably won't be surprised to learn that earning the GSEC credential involves passing a multiple choice examination! As with GCFA, the GPEN exam is on the shorter side with 115 questions administered over a three-hour time period. The passing score for this exam is 74 percent, requiring that candidates answer 86 questions correctly. Individuals may prepare for the exam with the SANS SEC560 course: Network Penetration Testing and Ethical Hacking.

 

No. 6: GIAC Security Leadership (GSLC)

Technical managers seeking to work in the information security field also may wish to certify their expertise. The GIAC Security Leadership (GSLC) credential is designed with these individuals in mind. It include some of the technical topics found on the GSEC exam, such as network security, software security and attack techniques. In addition, candidates will find a range of security management topics that would be less relevant for technical specialists. These include writing security policy, managing legal liability, conducting negotiations, leading staff and understanding total cost of ownership (TCO). As of June 2015, 8,724 individuals hold the GSLC certification.

 

The multiple choice exam for the GSLC credential comes in on the long side, with 150 questions. Candidates have four hours to successfully complete the exam by answering 102 questions correctly to achieve a passing score of 68 percent. Students preparing for the GSLC exam may benefit from the SANS MGT512: SANS Security Leadership Essentials for Managers training course. As with other SANS programs, this course takes place at many locations around the world on a regular basis.

 

Conclusion

The GIAC certification programs are some of the mainstay credentials of the information security field. If you already hold a base level security certification, such as the Security+, CISSP or GIAC's own GSEC credential that demonstrates your breadth of security knowledge, considering earning one of the GIAC certifications to demonstrate your depth in one or more narrow areas of technical expertise. In addition to the six popular credentials covered in this article, GIAC offers a wide variety of other certifications, covering software security, auditing, legal issues, security administration and other topics. There's bound to be something of interest to anyone working in security!

 

MORE HISTORIC HACKS
Would you like more insight into the history of hacking? Check out Calvin's other articles about historical hackery:
Historic Hacks 1990s-Part 1
Historic Hacks 1990s-Part 2
Historic Hacks 2000s-Part 1
Historic Hacks 2000s-Part 2
Historic Hacks 2010s-Part 1
Historic Hacks 2010s-Part 2
"Who Invented the Computer?" Articles
Want more insight into the history of the computer? Check out Calvin's other articles in this series:
WItC? Series Introduction
WItC? Charles Babbage
WItC? Ada Lovelace
WItC? Lord Kelvin
WItC? Differential Analyzer
WItC? Vannevar Bush
WItC? Alan Turing
WItC? Tommy Flowers
WItC? John Atanasoff
WItC? The ENIAC Six
WItC? Torpedo Data
WItC? Grandma COBOL
WItC? The Transistor
WItC? TRADIC
WItC? John Backus
WItC? SAGE
WItC? The PDQ Posse
WItC? Thomas Watson Jr.
WItC? SABRE
WItC? Ben Gurley
WItC? Spacewar!
WItC? Ivan Sutherland
WItC? John G. Kemeny
WItC? Joseph Weizenbaum
WItC? Star Trek
WItC? The Rise of ATMs
WItC? Mouse Men
WItC? HAL 9000
WItC? Douglas Engelbart
WItC? DARPA
WItC? ARPANET
WItC? Unix
WItC? Floppy Disks
WItC? Gary Starkweather
WItC? Microprocessors
WItC? Dennis Ritchie and C
WItC? Norman Abramson
WItC? Nolan Bushnell
WItC? Ralph Baer
WItC? Seymour Cray
WItC? The Altair 8800
WItC? Gary Thuerk
WItC? Print Magazines
WItC? Apple II
WItC? France Telecom
WItC? Dan Bricklin
WItC? The IBM 5150
"Work on Your Wellness" Articles
Want to improve your health and live a better life? Check out Reena's other articles in this series:
WOYW: Get Enough Sleep
WOYW: Exercise
WOYW: Eat Right
WOYW: Socializing
WOYW: What's Your Hobby?
WOYW: Take a Vacation
WOYW: Setting Boundaries
WOYW: Therapy & Counseling
WOYW: Social Media
WOYW: Screen Time
WOYW: Vitamins
WOYW: Community Service
WOYW: Continuing Education
WOYW: Organization
WOYW: Reading
WOYW: Setting Goals
WOYW: Mindfulness
WOYW: Work from Home
WOYW: Walking
About the Author

Mike Chapple is Senior Director for IT Service Delivery at the University of Notre Dame. Mike is CISSP certified and holds bachelor’s and doctoral degrees in computer science and engineering from Notre Dame, with a master’s degree in computer science from the University of Idaho and an MBA from Auburn University.

Privacy Policy Update
We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)
CompTIA IT Project Management - Project+ - Advance Your IT Career by adding IT project management skills to your resume - Learn More
What Others are Reading
Entry-Level Certified in Cybersecurity (CC) Credential Is Catching on Fast
Gigging for a Living: The Six Best Places to Look for Freelance IT Work
Work On Your Wellness: Setting Goals
Who Invented the Computer? Norman Abramson and ALOHAnet
The ChatGPT Gold Rush Is On: Training and Certificate Options Abound
More in 
Articles
Popular Quizzes
A+ Practice Quiz: 220-1102 Quiz 20
Microsoft Office Specialist Practice Quiz: Excel Expert Quiz 1
Microsoft Certified Practice Quiz: Windows Server Hybrid Administrator Associate (Core: AZ-800) Quiz 12
Linux+ Practice Quiz: XK0-005 Quiz 10
Tableau Quiz 1
More in 
Quizzes
Sign up for Certification Magazine's Newsletter...and receive a free subscription to the digital magazine.
Advertise
|
Contact Us
|
Terms
|
Privacy

Copyright © 2023 TestOut Corp. Copyright © CompTIA, Inc. All Rights Reserved.
Use of this web site constitutes acceptance of the GoCertify Terms of Use and Privacy Policy.