Upload
tranthuy
View
225
Download
4
Embed Size (px)
Citation preview
Enterprise Solution Professionals on Information and Network
GIAC Certification
E- Business & Web Solutions
IT Solutions (Hardware, Software, Services)
Business Process & Technology Outsourcing
GIAC Certification
GIAC Certification
Global Information Assurance Certification (GIAC) provides
information security certifications for IT managers and security
professionals. The Global Information Assurance Certification
(GIAC) was founded in 1999 to validate the real-world skills of IT
security professionals.
GIAC’s purpose is to provide assurance that a certified individual
has practical awareness, knowledge and skills in key areas of
computer and network and software security. GIAC currently
offers certifications for over 20 job-specific responsibilities that
reflect the current practice of information security. GIAC is unique
in measuring specific knowledge areas instead of general purpose
information security knowledge.
GIAC certifications cover four IT/IT Security job disciplines:
o Security Administration
o Management
o Audit
o Software Security
There is no particular order in which GIAC certifications must be
earned. However, it is recommended that candidates master lower
level concepts before moving on to more advanced topics.
Earning a GIAC certification requires passing one proctored certification exam.
GIAC certifications assure that an individual possesses the practical real-world
skills covered by specific certification objectives.
For example, if you want to hire someone who knows how to properly secure a
firewall, a GCFW certification holder would be a good candidate for the job.
The GIAC Gold program allows certificants to demonstrate a deeper knowledge
of a specific subject area, and requires individuals to research and write a detailed
technical report or white paper. Certificants work closely with an advisor while
developing their technical report.
Once complete, the report is reviewed for acceptance into the GIAC reading Room.
Participating in the GIAC Gold program shows that not only has an individual
mastered the subject area comprised by a specific certification, but that they are also
qualified to research and share their knowledge with others.
GIAC Certification
GIAC Gold Status
It is also suggested that candidates are familiar with specific
certification objectives and topic areas outlined for each
exam.
Each GIAC certification is designed to stand on its own, and
represents a certified individual’s mastery of a particular set
of knowledge and skills. Once an individual earns a GIAC
certification, he or she can build upon this knowledge by
focusing efforts further through the Gold and Expert Level
programs.
E-SPIN SDN BHD ALL RIGHT RESERVEDc
GIAC Certification
The GIAC Expert Level program yields the most well respected credentials in the
industry and is targeted for top performers. Expert Level candidates demonstrate
their expertise in one of three security areas: general security (GSE), Malware
(GSE-Malware), or Compliance (GSE-Compliance). Prerequisites include
achieving multiple specific milestones within our Certification and Gold programs.
GIAC Expert Level
The multi-day hands-on Expert-level testing is given only once a year.
The Expert-Level exams include individual and group hands-on computer security
exercises, presentations, research and essay assignments, and scenario-based exam
sections. The test assesses specific real-world skills to ensure that the individual is
ready to confront various information security threats on multiple levels.
GIAC security certifications offer a complete suite of security certifications that
follows every step of a security professional’s career, from entry level positions,
through IT security administration, and even management and senior-level executive
responsibilities. GIAC certifications related to software security are now available for
software developers and programmers.
E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc
E-SPIN SDN BHD ALL RIGHT RESERVEDc
GIAC CertificationCERTIFICATION AND YOUR CAREER ROADMAP
Network And Application
Intrusion AnalystsSEC502
GCFW
SEC503
GCIA
Incident HandlersSEC504
GCIH
System AdministratorsSEC505
GCWN
SEC506
GCUX
have a solid security foundation and are
ready to take the next step in your career.
Audit CertificationBeginners
Audit Professionals
SEC301
GISF
SEC507
GSNA
starting with the GISF or GSEC befo re attempting
further y our skills in the subjec t with a Gold
E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc
Security Certifications
Penetration TestersSEC542
GWAPT
SEC560
GPEN
SEC617
GAWN
BeginnersSEC301
SEC501
GCED
GISF
Forensics AnalystsSEC508
GCFA
SEC610
GREM
The GISF is for the professional just starting out
SEC401
GSEC
Developer CertificationApplication Security and Developers
DEV541
GSSP-JAVA
GSSP-.NET
GSSP-C
DEV544 DEV548
Management CertificationBeginners
Legal Managers
Project Managers
IA Managers
SEC301
GISF
LEG523
GLEG
MGT525
GCPM
MGT512
GSLC
MGT414
GISP
E-SPIN SDN BHD ALL RIGHT RESERVEDc
Network & Application Security Certificationn
GIAC Information Security Fundamentals (GISF)
Corresponding E-SPIN Course:SEC301: Intro to Information Security
Certification is designed for:Professionals who need to hit the ground running and need an overview of information assurance. Managers, Information Security Officers, and System Administrators who need an overview of risk management and defense in depth techniques.
GIAC Certified UNIX Security Administrator (GCUX)
Corresponding E-SPIN Course:SEC506 : Securing Unix/Linux
Certification is designed for:Individuals responsible for installing, configuring, and monitoring UNIX and/or Linux systems.
GIAC Certified Forensics Analyst (GCFA)
Corresponding E-SPIN Course:SEC508 : System Forensics, Investigation & Response
Certification is designed for:Individuals responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation.
GIAC Securing Oracle Certification (GSOC)
Corresponding E-SPIN Course:SEC509 : Securing Oracle
Certification is designed for:Oracle database administrators responsible for installation and management of Oracle databases, developers who wish to create secure data access applications and web sites, and auditors and penetration testers who need to evaluate the security of Oracle databases.
GIAC Web Application Penetration Tester (GWAPT)
Corresponding E-SPIN Course:SEC542 : Web App Penetration Testing and
Ethical Hacking
Certification is designed for:General security practitioners, Web site designers and architects, and developers. This certification measures and individuals understanding of web application exploits and penetration testing methodology.
GIAC Reverse Engineering Malware (GREM)
Corresponding E-SPIN Course:SEC610 : Reverse-Engineering Malware: Malware
Analysis Tools and Techniques
Certification is designed for:System and Network Administrators, Auditors, Security Consultants, and Security Managers responsible for protecting the organization from malicious code.
GIAC Assessing Wireless Networks (GAWN)
Corresponding E-SPIN Course:SEC617 : Hacking and Defending Wireless Networks
Certification is designed for:Auditors, network administrators and penetration-testers who are responsible for assessing the security of wireless networks.
GIAC Certified Penetration Tester (GPEN)
Corresponding E-SPIN Course:SEC560 : Network Penetration Testing and
Ethical Hackingcking
Certification is designed for:The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.
GIAC Security Essentials Certification (GSEC)
Corresponding E-SPIN Course:SEC401:SANS Security Essentials Bootcamp Style
Certification is designed for:Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.
GIAC Certified Firewall Analyst (GCFW)
Corresponding E-SPIN Course:SEC502:Firewalls,PerimeterProtection&Virtual
Private Networks
Certification is designed for:Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.
GIAC Certified Intrusion Analyst (GCIA)
Corresponding E-SPIN Course:SEC503: Intrusion Detection In-Depth
Certification is designed for:Individuals responsible for network and host monitoring, traffic analysis, and intrusion detection.
GIAC Certified Incident Handler (GCIH)
Corresponding E-SPIN Course:SEC504: Hacker Techniques, Exploits & Incident
Handling
Certification is designed for:Individuals responsible for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.
GIAC Certified Windows Security Administrator
(GCWN)
Corresponding E-SPIN Course:SEC505: Securing Windows
Certification is designed for:Individuals responsible for installing, configuring, and securing Microsoft Windows 2000/XP/2003 networks.
GIAC Certified Enterprise Defender (GCED)
Corresponding E-SPIN Course:SEC501:Advanced Security Essentials -
Enterprise Defender
Certification is designed for:The GCED builds on the security skills measured by the GSEC (no overlap). It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. Knowledge, skills and abilities assessed are taken from the areas of Defensive Network Infrastructure, Packet Analysis, Penetration Testing, Incident Handling, and Malware Removal.
GIA
C In
fo
rmation Security Fundamentals (G
ISF)
GISF
GIA
C Se
cu
rity Essentials Certi cation (GSEC)
GSECG
IAC
Cert
ied Enterprise Defender (GCED)
GCED
GIAC Certi ed Firewall Analyst (GCFW
)
GCFW
GIAC Certi ed Intrusion Analyst (GCIA)
GCIA
GIAC Certi ed Incident Handler (GCIH
)
GCIH
GIA
C Ce
rti
ed Windows Security Administrator (G
CWN
)GCWN
GIA
C Ce
rti
ed UNIX Security Administrator (GCUX)
GCUX
GIA
C Ce
rt
ied Forensics Analyst (GCFA)
GCFA
GIA
C Securing Oracle Certi cation (GSOC)
GSOC
GIA
C W
eb A
pplication Penetration Tester (GW
AP
T)
GWAPT
GIAC C
erti ed Penetration Tester (GPEN)
GPEN
GIA
C Reverse Engineering Malware (GREM
)
GREM
GIA
C Ass
essing Wireless Networks (GAWN
)
GAWN
E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc
Management Certifications
Developer Certifications
Audit Certifications Legal Certifications
GIAC Certified ISO-17799 Specialist (G7799)
Corresponding E-SPIN Course:MGT411 : SANS 27000 Implementation &
Management
Certification is designed for:The ISO-17799 standard offers a framework to assist any organization to develop a true security minded corporate culture by instilling best practice and detailed guidance regarding all manner of security issues.
GIAC Secure Software Programmer - .NET
(GSSP-NET)
Corresponding E-SPIN Course:DEV541 : Secure Coding in. NET:
Developing Defensible Applications
Certification is designed for:Software developers and architects, senior software QA specialists, system and security administrators, penetration testers.
GIAC Legal Issues (GLEG)
Corresponding E-SPIN Course:LEG523 : Legal Issues in Information Technology
and Information Security
Certification is designed for:Security and IT Professionals, Lawyers, Paralegals, Auditors, Accountants, Technology Managers or Vendors. Anyone interested in the law of business, contracts, fraud, crime, IT security, IT liability and IT policy with a focus on electronically stored and transmitted records.
GIAC Secure Software Programmer - C (GSSP-C)
Corresponding E-SPIN Course:DEV548 : Secure Coding in C:
Developing Defensible Applications
Certification is designed for:Individuals who are responsible for coding secure software applications, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills.
GIAC Secure Software Programmer - Java
(GSSP-JAVA)
Corresponding E-SPIN Course:DEV541 : Secure Coding in Java/JEE:
Developing Defensible Applications, JAVA
Certification is designed for:Individuals who are responsible for coding secure software applications, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills.
GIAC Certified Project Manager Certification
(GCPM)
Corresponding E-SPIN Course:MGT525 : Project Management and Effective
Communications for Security Professionals & Managers Certification is designed for:The GCPM certification is designed for security professionals and managers who participate in or lead project teams and wish to demonstrate an understanding of technical project management methodology and implementation. This certification affirms the critical skill sets associated with making projects successful, including effective communication, time, cost, quality, procurement and risk management of IT projects and application development
GIAC Information Security Professional (G ISP)
Corresponding E-SPIN Course:MGT414 : SANS® +S™ Training Program for the CISSP®
Certification ExamSystem, Security, and Network Administrators that want to understand the pragmatic applications of the Common Body of Knowledge; managers that want to understand information security beyond simple terminology and concepts; anyone new to information security with some background in information systems and networking. Candidates may also wish to use this certification as an independent assessment of your mastery of the (ISC)2 Common Body of Knowledge.
GIAC Security Leadership Certification (GSLC)Corresponding E-SPIN Course:MGT512 : SANS Security Leadership Essentials for
Managers Certification Exam
Certification is designed for:Security Professionals with managerial or supervisory responsibility for information security staff.background in information systems and networking. Candidates may also wish to use this certification as an independent assessment of your mastery of the (ISC)2 Common Body of Knowledge.
GIAC Systems and Network Auditor (GSNA)
Corresponding E-SPIN Course:AUD507 : Auditing Networks, Perimeters & Systems
Certification is designed for:Technical staff responsible for securing and auditing information systems; auditors who wish to demonstrate technical knowledge of the systems they are responsible for auditing.
GIAC SECURITY LEADERSHIP CERTIFICATION
GSLC
GIAC C
erti ed ISO-17799 Specialist (G7799)
G7799
GIA
C In
form
ation Security Professional (G ISP
)
GISPG
IAC
Cert
ied Project Manager Certi
cation (G
CPM
)GCPM
GIA
C Systems and Network Auditor (GSN
A)
GSNA
GIA
C Se
cure
Software Programmer - Java (GSSP-JAV
A)
GSSP-JAVA
GIA
C Se
cure Software Programmer - .NET
GSSP-.NET
GIA
C Secure Software Programmer - C (GSSP-C)GSSP-
C
GIAC Legal Issues (GLEG)
GLEG
E-SPIN SDN BHD ALL RIGHT RESERVEDc
GIACCertification
Skills Tests and Report (S.T.A.R.)
The GIAC Skills Test and Report (STAR) helps determine
if an individual has the right knowledge, skills and abilities to
accomplish specific IT security tasks. The STAR architecture is
based on specific Assessment Objects that correspond to SANS
training courses.
After completing the Skills test, each student will have access to a
printable report card, which clearly documents their performance
in each sub-topic.
o No-Fail Assessment Test
o No Proctoring Required
o Report Card at Completion
The STAR skills test is an assessment of knowledge in specific
information security topics, these are not pass/fail tests, but
rather the outcome is a report card. The test is given in a
convenient online format without the need for exam scheduling
or proctoring. When the student completes the skills test, they
will have immediate access to a complete skills summary screen
documenting their performance in each subject area.
The results are also available in a printable report card format.
Since a GIAC STAR report card details skill levels for a specific
skill set, they never expire. Employers can use STAR assessments
to measure the skill sets employees have in the work place.
About E-SPIN
E-SPIN SDN BHD 714753-U
E-SPIN OUTSOURCING SDN BHD 825417-V
No . 21-2, Jalan PJU 8/3B, Perdana Business Centre, Damansara Perdana,
47820 Petaling Jaya, Selangor.
T: (603) 7728 2866 F: (603) 7725 4757
W: http://www.e-spincorp.com
E-SPIN is the leading technology solution and outsourcing vendor in providing solution consulting, buying facilitation, network and system integration, e-business and web solutions, business /technology share service and outsourcing. More information available at www.e-spincorp.com