Enterprise Solution Professionals on Information and Network

GIAC Certification

E- Business & Web Solutions

IT Solutions (Hardware, Software, Services)

Business Process & Technology Outsourcing

GIAC Certification

GIAC Certification

Global Information Assurance Certification (GIAC) provides

information security certifications for IT managers and security

professionals. The Global Information Assurance Certification

(GIAC) was founded in 1999 to validate the real-world skills of IT

security professionals.

GIAC’s purpose is to provide assurance that a certified individual

has practical awareness, knowledge and skills in key areas of

computer and network and software security. GIAC currently

offers certifications for over 20 job-specific responsibilities that

reflect the current practice of information security. GIAC is unique

in measuring specific knowledge areas instead of general purpose

information security knowledge.

GIAC certifications cover four IT/IT Security job disciplines:

o Security Administration

o Management

o Audit

o Software Security

There is no particular order in which GIAC certifications must be

earned. However, it is recommended that candidates master lower

level concepts before moving on to more advanced topics.

Earning a GIAC certification requires passing one proctored certification exam.

GIAC certifications assure that an individual possesses the practical real-world

skills covered by specific certification objectives.

For example, if you want to hire someone who knows how to properly secure a

firewall, a GCFW certification holder would be a good candidate for the job.

The GIAC Gold program allows certificants to demonstrate a deeper knowledge

of a specific subject area, and requires individuals to research and write a detailed

technical report or white paper. Certificants work closely with an advisor while

developing their technical report.

Once complete, the report is reviewed for acceptance into the GIAC reading Room.

Participating in the GIAC Gold program shows that not only has an individual

mastered the subject area comprised by a specific certification, but that they are also

qualified to research and share their knowledge with others.

GIAC Certification

GIAC Gold Status

It is also suggested that candidates are familiar with specific

certification objectives and topic areas outlined for each

exam.

Each GIAC certification is designed to stand on its own, and

represents a certified individual’s mastery of a particular set

of knowledge and skills. Once an individual earns a GIAC

certification, he or she can build upon this knowledge by

focusing efforts further through the Gold and Expert Level

programs.

E-SPIN SDN BHD ALL RIGHT RESERVEDc

GIAC Certification

The GIAC Expert Level program yields the most well respected credentials in the

industry and is targeted for top performers. Expert Level candidates demonstrate

their expertise in one of three security areas: general security (GSE), Malware

(GSE-Malware), or Compliance (GSE-Compliance). Prerequisites include

achieving multiple specific milestones within our Certification and Gold programs.

GIAC Expert Level

The multi-day hands-on Expert-level testing is given only once a year.

The Expert-Level exams include individual and group hands-on computer security

exercises, presentations, research and essay assignments, and scenario-based exam

sections. The test assesses specific real-world skills to ensure that the individual is

ready to confront various information security threats on multiple levels.

GIAC security certifications offer a complete suite of security certifications that

follows every step of a security professional’s career, from entry level positions,

through IT security administration, and even management and senior-level executive

responsibilities. GIAC certifications related to software security are now available for

software developers and programmers.

E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc

E-SPIN SDN BHD ALL RIGHT RESERVEDc

GIAC CertificationCERTIFICATION AND YOUR CAREER ROADMAP

Network And Application

Intrusion AnalystsSEC502

GCFW

SEC503

GCIA

Incident HandlersSEC504

GCIH

System AdministratorsSEC505

GCWN

SEC506

GCUX

have a solid security foundation and are

ready to take the next step in your career.

Audit CertificationBeginners

Audit Professionals

SEC301

GISF

SEC507

GSNA

starting with the GISF or GSEC befo re attempting

further y our skills in the subjec t with a Gold

E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc

Security Certifications

Penetration TestersSEC542

GWAPT

SEC560

GPEN

SEC617

GAWN

BeginnersSEC301

SEC501

GCED

GISF

Forensics AnalystsSEC508

GCFA

SEC610

GREM

The GISF is for the professional just starting out

SEC401

GSEC

Developer CertificationApplication Security and Developers

DEV541

GSSP-JAVA

GSSP-.NET

GSSP-C

DEV544 DEV548

Management CertificationBeginners

Legal Managers

Project Managers

IA Managers

SEC301

GISF

LEG523

GLEG

MGT525

GCPM

MGT512

GSLC

MGT414

GISP

E-SPIN SDN BHD ALL RIGHT RESERVEDc

Network & Application Security Certificationn

GIAC Information Security Fundamentals (GISF)

Corresponding E-SPIN Course:SEC301: Intro to Information Security

Certification is designed for:Professionals who need to hit the ground running and need an overview of information assurance. Managers, Information Security Officers, and System Administrators who need an overview of risk management and defense in depth techniques.

GIAC Certified UNIX Security Administrator (GCUX)

Corresponding E-SPIN Course:SEC506 : Securing Unix/Linux

Certification is designed for:Individuals responsible for installing, configuring, and monitoring UNIX and/or Linux systems.

GIAC Certified Forensics Analyst (GCFA)

Corresponding E-SPIN Course:SEC508 : System Forensics, Investigation & Response

Certification is designed for:Individuals responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation.

GIAC Securing Oracle Certification (GSOC)

Corresponding E-SPIN Course:SEC509 : Securing Oracle

Certification is designed for:Oracle database administrators responsible for installation and management of Oracle databases, developers who wish to create secure data access applications and web sites, and auditors and penetration testers who need to evaluate the security of Oracle databases.

GIAC Web Application Penetration Tester (GWAPT)

Corresponding E-SPIN Course:SEC542 : Web App Penetration Testing and

Ethical Hacking

Certification is designed for:General security practitioners, Web site designers and architects, and developers. This certification measures and individuals understanding of web application exploits and penetration testing methodology.

GIAC Reverse Engineering Malware (GREM)

Corresponding E-SPIN Course:SEC610 : Reverse-Engineering Malware: Malware

Analysis Tools and Techniques

Certification is designed for:System and Network Administrators, Auditors, Security Consultants, and Security Managers responsible for protecting the organization from malicious code.

GIAC Assessing Wireless Networks (GAWN)

Corresponding E-SPIN Course:SEC617 : Hacking and Defending Wireless Networks

Certification is designed for:Auditors, network administrators and penetration-testers who are responsible for assessing the security of wireless networks.

GIAC Certified Penetration Tester (GPEN)

Corresponding E-SPIN Course:SEC560 : Network Penetration Testing and

Ethical Hackingcking

Certification is designed for:The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.

GIAC Security Essentials Certification (GSEC)

Corresponding E-SPIN Course:SEC401:SANS Security Essentials Bootcamp Style

Certification is designed for:Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GIAC Certified Firewall Analyst (GCFW)

Corresponding E-SPIN Course:SEC502:Firewalls,PerimeterProtection&Virtual

Private Networks

Certification is designed for:Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GIAC Certified Intrusion Analyst (GCIA)

Corresponding E-SPIN Course:SEC503: Intrusion Detection In-Depth

Certification is designed for:Individuals responsible for network and host monitoring, traffic analysis, and intrusion detection.

GIAC Certified Incident Handler (GCIH)

Corresponding E-SPIN Course:SEC504: Hacker Techniques, Exploits & Incident

Handling

Certification is designed for:Individuals responsible for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.

GIAC Certified Windows Security Administrator

(GCWN)

Corresponding E-SPIN Course:SEC505: Securing Windows

Certification is designed for:Individuals responsible for installing, configuring, and securing Microsoft Windows 2000/XP/2003 networks.

GIAC Certified Enterprise Defender (GCED)

Corresponding E-SPIN Course:SEC501:Advanced Security Essentials -

Enterprise Defender

Certification is designed for:The GCED builds on the security skills measured by the GSEC (no overlap). It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. Knowledge, skills and abilities assessed are taken from the areas of Defensive Network Infrastructure, Packet Analysis, Penetration Testing, Incident Handling, and Malware Removal.

GIA

C In

fo

rmation Security Fundamentals (G

ISF)

GISF

GIA

C Se

cu

rity Essentials Certi cation (GSEC)

GSECG

IAC

Cert

ied Enterprise Defender (GCED)

GCED

GIAC Certi ed Firewall Analyst (GCFW

)

GCFW

GIAC Certi ed Intrusion Analyst (GCIA)

GCIA

GIAC Certi ed Incident Handler (GCIH

)

GCIH

GIA

C Ce

rti

ed Windows Security Administrator (G

CWN

)GCWN

GIA

C Ce

rti

ed UNIX Security Administrator (GCUX)

GCUX

GIA

C Ce

rt

ied Forensics Analyst (GCFA)

GCFA

GIA

C Securing Oracle Certi cation (GSOC)

GSOC

GIA

C W

eb A

pplication Penetration Tester (GW

AP

T)

GWAPT

GIAC C

erti ed Penetration Tester (GPEN)

GPEN

GIA

C Reverse Engineering Malware (GREM

)

GREM

GIA

C Ass

essing Wireless Networks (GAWN

)

GAWN

E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc

Management Certifications

Developer Certifications

Audit Certifications Legal Certifications

GIAC Certified ISO-17799 Specialist (G7799)

Corresponding E-SPIN Course:MGT411 : SANS 27000 Implementation &

Management

Certification is designed for:The ISO-17799 standard offers a framework to assist any organization to develop a true security minded corporate culture by instilling best practice and detailed guidance regarding all manner of security issues.

GIAC Secure Software Programmer - .NET

(GSSP-NET)

Corresponding E-SPIN Course:DEV541 : Secure Coding in. NET:

Developing Defensible Applications

Certification is designed for:Software developers and architects, senior software QA specialists, system and security administrators, penetration testers.

GIAC Legal Issues (GLEG)

Corresponding E-SPIN Course:LEG523 : Legal Issues in Information Technology

and Information Security

Certification is designed for:Security and IT Professionals, Lawyers, Paralegals, Auditors, Accountants, Technology Managers or Vendors. Anyone interested in the law of business, contracts, fraud, crime, IT security, IT liability and IT policy with a focus on electronically stored and transmitted records.

GIAC Secure Software Programmer - C (GSSP-C)

Corresponding E-SPIN Course:DEV548 : Secure Coding in C:

Developing Defensible Applications

Certification is designed for:Individuals who are responsible for coding secure software applications, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills.

GIAC Secure Software Programmer - Java

(GSSP-JAVA)

Corresponding E-SPIN Course:DEV541 : Secure Coding in Java/JEE:

Developing Defensible Applications, JAVA

Certification is designed for:Individuals who are responsible for coding secure software applications, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills.

GIAC Certified Project Manager Certification

(GCPM)

Corresponding E-SPIN Course:MGT525 : Project Management and Effective

Communications for Security Professionals & Managers Certification is designed for:The GCPM certification is designed for security professionals and managers who participate in or lead project teams and wish to demonstrate an understanding of technical project management methodology and implementation. This certification affirms the critical skill sets associated with making projects successful, including effective communication, time, cost, quality, procurement and risk management of IT projects and application development

GIAC Information Security Professional (G ISP)

Corresponding E-SPIN Course:MGT414 : SANS® +S™ Training Program for the CISSP®

Certification ExamSystem, Security, and Network Administrators that want to understand the pragmatic applications of the Common Body of Knowledge; managers that want to understand information security beyond simple terminology and concepts; anyone new to information security with some background in information systems and networking. Candidates may also wish to use this certification as an independent assessment of your mastery of the (ISC)2 Common Body of Knowledge.

GIAC Security Leadership Certification (GSLC)Corresponding E-SPIN Course:MGT512 : SANS Security Leadership Essentials for

Managers Certification Exam

Certification is designed for:Security Professionals with managerial or supervisory responsibility for information security staff.background in information systems and networking. Candidates may also wish to use this certification as an independent assessment of your mastery of the (ISC)2 Common Body of Knowledge.

GIAC Systems and Network Auditor (GSNA)

Corresponding E-SPIN Course:AUD507 : Auditing Networks, Perimeters & Systems

Certification is designed for:Technical staff responsible for securing and auditing information systems; auditors who wish to demonstrate technical knowledge of the systems they are responsible for auditing.

GIAC SECURITY LEADERSHIP CERTIFICATION

GSLC

GIAC C

erti ed ISO-17799 Specialist (G7799)

G7799

GIA

C In

form

ation Security Professional (G ISP

)

GISPG

IAC

Cert

ied Project Manager Certi

cation (G

CPM

)GCPM

GIA

C Systems and Network Auditor (GSN

A)

GSNA

GIA

C Se

cure

Software Programmer - Java (GSSP-JAV

A)

GSSP-JAVA

GIA

C Se

cure Software Programmer - .NET

GSSP-.NET

GIA

C Secure Software Programmer - C (GSSP-C)GSSP-

C

GIAC Legal Issues (GLEG)

GLEG

E-SPIN SDN BHD ALL RIGHT RESERVEDc

GIACCertification

Skills Tests and Report (S.T.A.R.)

The GIAC Skills Test and Report (STAR) helps determine

if an individual has the right knowledge, skills and abilities to

accomplish specific IT security tasks. The STAR architecture is

based on specific Assessment Objects that correspond to SANS

training courses.

After completing the Skills test, each student will have access to a

printable report card, which clearly documents their performance

in each sub-topic.

o No-Fail Assessment Test

o No Proctoring Required

o Report Card at Completion

The STAR skills test is an assessment of knowledge in specific

information security topics, these are not pass/fail tests, but

rather the outcome is a report card. The test is given in a

convenient online format without the need for exam scheduling

or proctoring. When the student completes the skills test, they

will have immediate access to a complete skills summary screen

documenting their performance in each subject area.

The results are also available in a printable report card format.

Since a GIAC STAR report card details skill levels for a specific

skill set, they never expire. Employers can use STAR assessments

to measure the skill sets employees have in the work place.

About E-SPIN

E-SPIN SDN BHD 714753-U

E-SPIN OUTSOURCING SDN BHD 825417-V

No . 21-2, Jalan PJU 8/3B, Perdana Business Centre, Damansara Perdana,

47820 Petaling Jaya, Selangor.

T: (603) 7728 2866 F: (603) 7725 4757

E: info@e-spincorp.com

W: http://www.e-spincorp.com

E-SPIN is the leading technology solution and outsourcing vendor in providing solution consulting, buying facilitation, network and system integration, e-business and web solutions, business /technology share service and outsourcing. More information available at www.e-spincorp.com