DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Get Help
CyberMaterial
Home Career Certification

Defensible Security Architecture (GDSA)

by GIAC

Reading Time: 4 mins read
in Career, Certification, Insider Threat

Certification Overview

The GDSA certification proves that practitioners can design and implement an effective combination of network-centric and data-centric controls to balance prevention, detection, and response.

Exam Certification Objectives & Outcome Statements

  • Cloud-based Security Architecture
    The candidate will show an understanding of the concepts involving cloud security, securing on-premise hypervisors, network segmentation, surface reduction, delivery models, and container security.
  • Data Discovery, Governance, and Mobility Management
    The candidate will demonstrate an understanding of file classification, Data Loss Prevention (DLP), database governance, and Mobile Device Management (MDM).
  • Data-Centric Security
    The candidate will demonstrate an understanding of the concepts involving data-centric security. Specifically, have an understanding of reverse proxies, web application firewalls, database firewalls, and database activity monitoring.
  • Fundamental Layer 3 Defense
    The candidate will demonstrate an understanding of the concepts related to securing basic Layer 3 hardware, protocols and services and have an awareness of common attack vectors. In particular, demonstrate a knowledge of CIDR, Layer 3 routing attacks and mitigations, Layer 2/3 benchmark and auditing tools, securing SNMP and NTP protocols, and bogon filtering.
  • Fundamental Security Architecture Concepts
    The candidate will demonstrate a basic understanding of the concepts of perimeter-focused deficiencies, presumption of compromise, Zero Trust Model, Intrusion Kill Chain, Diamond Model, software-defined networking, micro-segmentation, threat vector analysis and attack surface analysis.
  • IPv6
    The candidate will demonstrate an understanding of the concepts of IPV6. Specifically, have an understanding of addressing, dual stack systems, tunneling; and IPv6 router advertisement attacks and mitigation.
  • Layer 1/Layer 2 Defense
    The candidate will demonstrate an understanding of the concepts related to securing Layer 1 and Layer 2 services, applications and protocols and be aware of common vectors for these attacks. Specifically, have an understanding of the structure and deployment of VLANs, CDP, MAC spoofing, ARP cache poisoning, DHCP starvation, VLAN hopping, 802.1X, and NAC.
  • Network Defenses
    The candidate will demonstrate an understanding of the concepts related to network defense. In particular, show a knowledge of NIDS, NIPS, network security monitoring, sandboxing, encryption, and DDOS protections.
  • Network Encryption and Remote Access
    The candidate will demonstrate an understanding of secure remote access, dual factor for all remote access VPNs and Jump Boxes.
  • Network Proxies and Firewalls
    The candidate will demonstrate an understanding of Web proxies, SMTP proxies, and next generation firewalls.
  • Zero Trust Endpoints
    The candidate will show an understanding of the concepts of securing Zero Trust Endpoints. In particular, demonstrate an understanding of patching via automation, end-user privilege reduction, host hardening, host IDS/IPS; endpoint firewalls, and scaling endpoint log collection.
  • Zero Trust Fundamentals
    The candidate will demonstrate an understanding of the concepts involving Zero Trust Architecture, credential rotation, and responding to pivoting adversaries and insider threats.
  • Zero Trust Networking
    The candidate will demonstrate a basic understanding of the concepts of Zero Trust Networking. Specifically, demonstrate an understanding of authenticating and encrypting endpoint traffic, Domain Isolation, Single Packet Authentication, red herring defenses, and proactive defenses to change attacker behaviors.

 

FIND OUT MORE

 

Tags: ArchitectsCareersCertificationCybersecurity architectsEducationGIACInsider ThreatSecurity architectsVPNVPN CertificationsVPN Education
ADVERTISEMENT

Related Posts

2023 Nonprofit Cybersecurity Incident Report

2023 Nonprofit Cybersecurity Incident Report

May 19, 2023
IACIS Certified Mobile Device Examiner

IACIS Certified Mobile Device Examiner

April 24, 2023
GIAC Mobile Device Security Analyst (GMOB)

GIAC Mobile Device Security Analyst (GMOB)

April 24, 2023
Certified Mobile Forensics Course

Certified Mobile Forensics Course

April 24, 2023

More Articles

Tenable Nessus

November 22, 2021
Incidents

Washington residents’ medical data exposed by phishing attack

March 25, 2022
Course

What in the World Are Your Kids Doing Online

December 17, 2021
Alerts

New Malware Campaign Targeting Indian Government Employees

November 7, 2022
Cyber101

Business Email Compromise (BEC)

July 7, 2022
Tool

1Password – Password Manager

March 30, 2023
Tool

Falcon X – Tools

March 17, 2022
Book

The Linux Command Line, 2nd Edition: A Complete Introduction

October 1, 2020
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.