www.giac.org




Information on the 2008 GSE-Compliance event will be available later in the year. If you have any questions about this Platinum level certificate, please contact gse@giac.org

Before a person can attempt the GSE-Compliance, they must successfully complete three GIAC certifications (G7799, GSNA, and GCFW) with GIAC Gold in at least two. In addition, you must demonstrate a minimum level of performance and undergo a personal interview to qualify. We suggest that your average score on previous GIAC certifications is 85% or higher.

The GIAC platinum level certifications and specifically the testing process is a multi-faceted approach that is the most rigorous and comprehensive in the IT security industry. The testing takes place over three full days, the platinum level certifications consist of a mixture of timed multiple-choice tests, written and hands-on exercises, research projects, and oral presentations.

Those who pursue an in-depth technical education in the area of compliance are the target audience for the GSC certification. Knowledge in this particular area, ISO-17799 and Auditing Systems are important and valuable. Individuals who earn any of these GIAC certifications have worked hard, demonstrated essential technical skill, and should rightfully take pride in their accomplishment. However, individuals who make the effort to not only learn, but also to master all of the essential elements surrounding compliance belong in a very special group. These individuals will be the elite of security compliance, the top practitioners in the field.

All exercises are derived from the following general objectives:

ObjectiveOutcome Statement
Auditing Domain
The Audit ProcessThe candidate will understand the audit process and techniques to perform an audit based on checklists.
Auditing for Best PracticesThe candidate will understand and demonstrate the ability to audit for security best practices.
Auditing WirelessThe candidate will understand and demonstrate the ability to audit wireless devices.
Compliance Domain
Managing DataThe candidate will understand the process of storing and transmitting data securely and be able to apply it to real-world situations.
Compliance and StandardsThe candidate will be able to demonstrate a broad knowledge of compliance standards and regulations.
Auditing Web ApplicationsThe candidate will understand and demonstrate the ability to audit web applications for compliance with best practices.
Rudiments of IT Security Domain
Windows SecurityThe candidate will have fundamental knowledge of Windows Security and be comfortable working in a Windows environment.
Unix Security The candidate will have a fundamental knowledge of Unix Security and be comfortable working in a Unix environment.
Secure CommunicationsThe candidate will have a fundamental understanding of cryptography principles, techniques, and tools.
Security PrinciplesThe candidate will be able to consistently demonstrate and practice bedrock security principles including defense-in-depth and least-privilege
Basic Skills Domain
Perimeter DevicesThe candidate will have fundamental understanding of common perimeter devices
Vulnerability Scanners, and Port ScannersThe candidate will have a fundamental understanding of vulnerability scanners.
Sniffers and AnalyzersThe candidate will have a fundamental knowledge of Sniffers and Protocol Analyzers
ProtocolsThe candidate will demonstrate a solid understanding of TCP/IP, UDP, ICMP, DNS, and other common protocols.
Common ToolsThe candidate will be able to use common open source auditing tools.
Business and Soft Skills Domain
Security PolicyThe candidate will understand the Fundamentals of Security Policy and Business Issues, including continuity planning.
ResearchThe candidate will be able to use available resources to perform research as needed during an audit.
Writing SkillsThe candidate will demonstrate the ability to write quality technical reports or articles.
Presentation SkillsThe candidate will demonstrate the ability to successfully present their research to an audience of their peers.

Certified Professionals


Number of certified professionals: 21,962
Network Security 2008 :: Las Vegas, NV :: Sep 28 - Oct 6, 2008