Issuer | GIAC |
Level | Advanced |
Career Opportunities | Security Analyst, Security Architects, Senior Security Engineers, Technical Security Managers, SOC Analysts, SOC Engineers, SOC Managers, CND Analysts, Security Monitoring, System Administrators, Cyber Threat Investigators, Individuals working to implement Continuous Security Monitoring or Network, Individuals working in a hunt team capacity |
Skills | Collect and analyze data from network and endpoint data sources, Identify and investigate malicious or unauthorized activity, Respond to security incidents, Communicate security risks to stakeholders |
Cost | Paid |
Validity | 4 years |
Renewal | Renewal fee or 36 CPEs over four years |
Themes | SIEM, Endpoint detection and response (EDR), Network detection and response (NDR), Malware analysis, Threat intelligence, Incident response, Forensics |
Overview
The GIAC Certified Detection Analyst (GCDA) is a cybersecurity certification that validates a practitioner’s knowledge of the skills and abilities required to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity. The GCDA certification is designed for security practitioners who are responsible for detecting and responding to security incidents.
Areas Covered
- SIEM Architecture and SOF-ELK
- Service Profiling, Advanced Endpoint Analytics, Baselining and User Behavior Monitoring
- Tactical SIEM Detection and Post-Mortem Analysis
Who is GCDA for?
- Security Analyst
- Security Architects
- Senior Security Engineers
- Technical Security Managers
- SOC Analysts
- SOC Engineers
- SOC Managers
- CND Analysts
- Security Monitoring
- System Administrators
- Cyber Threat Investigators
- Individuals working to implement Continuous Security Monitoring or Network
- Individuals working in a hunt team capacity
Exam Details
- Type of Exam: 1 proctored exam
- Number of Questions: 75 questions
- Length of Test: 2 hours
- Minimum passing score: 79%
- Testing Provider: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE
Official Study Materials
-
SEC555: SIEM with Tactical Analytics (SANS Institute)