Areas Covered
- Identity and access management
- Design and implement Zero-Trust concepts
- Network architecture and design
- Data protection
- Configuring centralized monitoring
Who is GCAD for?
- Anyone working in a cloud environment
- Cloud architects
- Operations, DevOps, software engineers
- System administrators
- Security analysts, engineers, consultants
- Auditors, risk managers
Exam Format
- 1 proctored exam
- 75 questions
- 2 hours
- Minimum passing score of 0%
Note: GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GSEC exam has been determined to be 73% for all candidates receiving access to their certification attempts on or after August 6th, 2017. To verify the format and passing point of your specific certification attempt, read the Certification Information found in your account at https://exams.giac.org/pages/attempts.
Delivery
NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.
GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.
Exam Certification Objectives & Outcome Statements
- Architecting Cross-Cloud Identity The candidate will demonstrate knowledge of cross-cloud identity solutions, including Service Principles and Open ID Connect.
- Centralizing Shared Network Services The candidate will be familiar with methods of centralizing shared cloud network services via VPC gateways and interface endpoints.
- Cloud Application Identity The candidate will be familiar with cloud application identity implementations, including Entra ID and Cognito.
- Cloud Identity The candidate will be familiar with fundamental cloud identity management (IAM), including IAM roles and trust policies.
- Cloud Network Micro Segmentation The candidate will be familiar with methods of implementing network micro-segmentation in the cloud.
- Comprehensive Logging and Aggregation The candidate will be familiar with various approaches to centralized logging and log aggregation in cloud environments.
- Conditional Access Policies The candidate will demonstrate understanding of implementing cloud-based conditional access policies.
- Data Classification and Resource Tagging The candidate will be familiar with data classification conventions and resource tagging methodology.
- Data Security The candidate will demonstrate understanding of data security frameworks and best practices.
- Defending Data in the Cloud The candidate will demonstrate understanding of how to defend cloud-based data repositories using ACLs, encryption, and monitoring.
- Enabling Response with Secure Processes The candidate will demonstrate understanding of cloud security automation best practices, including quarantine methods and break-glass accounts.
- Federated Access and SSO The candidate will be familiar with Identity Federation, including SSO operation, SAML, cloud identity services.
- Hierarchical Cloud Structures The candidate will demonstrate understanding of cloud architecture principles, including Foundational OU design and resource hiearchies.
- Implementing Zero Trust The candidate will demonstrate understanding of Zero Trust archtitecture concepts, including and EUC tickets and micro-segmentation.
- Incident Response in the Cloud The candidate will demonstrate understanding of cloud-based SOC best pratices, including centralized log aggregation and cloud-based packet capture.
- Key Management Architecture The candidate will be familiar with various digital key management system architectures and best practices.
- Managing Cloud Networks at Scale The candidate will demonstrate understanding of managing large cloud-based networks using shared VPCs and cloud-based firewalls.
- Network Firewalls and Traffic Inspection The candidate will be familiar with various cloud-based load balancing and traffic inspection architectures.
Other Resources
- Training is available in a variety of modalities including live training and OnDemand.
- Practical work experience can help ensure that you have mastered the skills necessary for certification.
- College level courses or self paced study through another program or materials may meet the needs for mastery.
- Get information about the procedure to contest exam results.
Practice Tests
- These tests are a simulation of the real exam allowing you to become familiar with the test engine and style of questions.
- Practice exams are a gauge to determine if your preparation methods are sufficient.
- The practice bank questions are limited so you may encounter the same question on practice tests when multiple practice tests are purchased.
- Practice exams never include actual exam questions.
- GIAC recommends leveraging additional study methods for test preparation.
