Thousands of information security professionals worldwide received their “masters’ level certifications from SANS Institute’s Global Information Assurance Certification. SANS GIAC is a highly specialized certification program that allows security professionals to prove their expertise in their chosen field.
The SANS Institute offers certification topics in security essentials, intrusion detection and hacking techniques, incident response, mobile device safety, network defense, auditing and digital forensics as well as other relevant security topics. SANS’ information component includes the SANS Reading Room, a vast library of downloadable security research papers; the Internet Storm Center, that monitors and reports on mean attacks, and provides weekly alerts and bulletins; free security policy templates; and the CIS Critical Security Controls to cyber defense.
While some certifications are open to all and have thousands of holders, others are more focused and only a handful of certified professionals. We will be reviewing the most sought-after SANS GIAC certifications, and explaining how they can help you in your information technology career.
GIAC Certified Incident Handlers (GCIH).
There is a great need for skilled incident response personnel, given the recent security incidents. This is why at least 25,546 people have received the GIAC Certified Incident Handlers (GCIH). The GCIH certification exam covers the steps involved in incident handling, including understanding and noticing vulnerabilities and attacks. It also identifies the root causes of security incidents for better controls and prevention.
GCIH is administered by Pearson VUE proctored test centers. The exam requires that applicants complete a 100-150-question exam in a period of four hours. Candidates must score at least 72 percent to pass the exam. Candidates may prepare for the GCIH by combining training and practical experience.
GIAC Security Essentials Certification GSEC
GIAC offers several certifications that are in high demand. It’s no surprise that one of these certifications is the most sought-after GIAC certification. The entry-level GIAC Security Essentials Certification is held by more than 37,106 people. This is far less than the more popular Certified Information Systems Security Professionals (CISSP) or the more than 45,000 CompTIA Security+ certified individuals. GSEC holds a decent market share, even though Security+ and CISSP continue to dominate the general security certification field.
To achieve your GSEC certification, you must pass a single multiple-choice exam administered by a proctored testing centre. The exam is 180 questions long and applicants have five hours to complete it. The exam covers information security in all aspects, including setting operating systems and managing security incidents. To earn the certification, you must score at least 73 percent.
GIAC Certified Intrusion Analyst (GCIA).
Fourth certification is another one that focuses on responding to successful security attacks. The GIAC Certified Intrusion Analyst certification (GCIA), focuses on ensuring candidates are able to monitor intrusion detection systems and identify and interpret signs of an attack. GCIA certifications have been obtained by more than 10,687 people. GCIA exam topics are very technical and focus on the security and networking skills needed to work with intrusion detection systems. The exam syllabus covers topics such as creating intrusion detection rules, using the Wireshark protocol analyser, tuning IDS performance, and correlating the outcome with other security systems.
Like other GIAC certifications you will need to pass a proctored exam in order to obtain the GCIA certification. The GCIA exam consists of 150 questions that are divided into four hours. GCIA exam passing score is 68 percent
GIAC Certified Forensic Analyst (GCFA).
The skills required to deal with security incidents are also the next most sought-after certification. The GIAC Certified Forensic Analyst certification (GCFA), certifies that applicants have the skills to collect and interpret security data from both Windows systems and Linux systems after an intrusion or other event. The GCFA certification is currently held by more than 11,028 people. Exam syllabus topics include file carving and data extraction, file structure structures, acquiring and conserving forensic images, managing timeline analysis, and managing volatile data.
The GCFA exam is more concise than o