CYBER 101

  • Alerts
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Documents
  • Domains
  • Entertainment
  • FAQ
  • Incidents
  • Quotes
  • Tools
  • Tutorials

Join our newsletter

FOLLOW US

Search

More...

Generic filters
Content from
Content to
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Events
  • Jobs
Get Help
Search

More...

Generic filters
Content from
Content to
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Events
  • Jobs
Get Help
CyberMaterial
No Result
View All Result

GIAC Security Essentials (GSEC)

by GIAC

6 min read
in Career, Certification, Learning

Certification Overview

The GIAC Security Essentials (GSEC) certification validates a practitioner’s knowledge of information security beyond simple terminology and concepts. GSEC certification holders are demonstrating that they are qualified for hands-on IT systems roles with respect to security tasks.

Areas Covered

  • Active defense, defense in depth, access control & password management
  • Cryptography: basic concepts, algorithms and deployment, and application
  • Defensible network architecture, networking & protocols, and network security
  • Incident handling & response, vulnerability scanning and penetration testing
  • Linux security: structure, permissions, & access; hardening & securing; monitoring & attack detection; & security utilities
  • Security policy, contingency plans, critical controls and IT risk management
  • Web communication security, virtualization and cloud security, and endpoint security
  • Windows: access controls, automation, auditing, forensics, security infrastructure, & securing network services

Who is GISF for?

  • Anyone new to information security who has some background in information systems & networking
  • Security professionals
  • Security managers
  • Operations personnel
  • IT engineers and supervisors
  • Security administrators
  • Forensic analysts
  • Penetration testers
  • Auditors

Exam Format

  • 1 proctored exam
  • 106-180 questions
  • Time limit of 4-5 hours
  • Minimum passing score of 73%

Exam Certification Objectives & Outcome Statements

  • Access Control & Password Management
    The candidate will understand the fundamental theory of access control and the role of passwords in managing access control.
  • AWS Fundamentals and Security
    The candidate will demonstrate an understanding of how to interact with and secure AWS instances.
  • Container and MacOS Security
    The candidate will demonstrate an understanding of how to secure containers and understand security features provided in MacOS.
  • Cryptography
    The candidate will have a basic understanding of the concepts of cryptography, including a high-level understanding of the major types of cryptosystems and steganography.
  • Cryptography Algorithms & Deployment
    The candidate will have a basic understand of the mathematical concepts that contribute to cryptography and identify commonly used symmetric, asymmetric, and hashing cryptosystems.
  • Cryptography Application
    The candidate will have a high-level understanding of the use, functionality, and operation of VPNs, GPG, and PKI
  • Data Loss Prevention and Mobile Device Security
    The candidate will understand the risks and impacts of data loss, how to prevent it, and the security considerations.
  • Defense in Depth
    The candidate will understand what defense in depth is and an identify the key areas of security and demonstrate the different strategies for implementing effective security within an organization.
  • Defensible Network Architecture
    The candidate will demonstrate how to architect a network to be monitored and controlled to resist intrusion.
  • Endpoint Security
    The candidate will demonstrate a basic understanding of the function and uses of endpoint security devices, such as endpoint firewalls, HIDS, and HIPS
  • Enforcing Windows Security Policy
    The candidate will have a high-level understanding of the features of Group Policy and working with INF security templates
  • Incident Handling & Response
    The candidate will understand the concepts of incident handling and the processes pertaining to incident handling.
  • Linux Fundamentals
    The candidate will demonstrate an understanding of the Linux operating system structure, vulnerabilities, and permissions.
  • Linux Security and Hardening
    The candidate will demonstrate an ability to gain visibility into a Linux system to be able to secure, audit, and harden the system.
  • Log Management & SIEM
    The candidate will demonstrate a high-level understanding of the importance of logging, the setup and configuration of logging, and log analysis with the assistance of SIEMs
  • Malicious Code & Exploit Mitigation
    The candidate will understand important attack methods and basic defensive strategies to mitigate those threats.
  • Network Security Devices
    The candidate will demonstrate a basic understanding of the function and uses of network security devices, such as, firewalls, NIDS, and NIPS
  • Networking & Protocols
    The candidate will demonstrate an understanding of the properties and functions of network protocols and network protocol stacks.
  • Security Frameworks and CIS Controls
    The candidate will understand the purpose, implementation, and background of the CIS Critical Controls, NIST Cybersecurity Framework, and the MITRE ATT&CK knowledge base.
  • Virtualization and Cloud Security
    The candidate will have a basic understanding of the risks of virtualization and cloud services and how to secure them.
  • Vulnerability Scanning and Penetration Testing
    The candidate will demonstrate an understanding of the concepts and relationship behind reconnaissance, resource protection, risks, threats, and vulnerabilities including preliminary abilities to create network maps and perform penetration testing techniques
  • Web Communication Security
    The candidate will demonstrate an understanding of web application security and common vulnerabilities including CGI, cookies, SSL and active content.
  • Windows Access Controls
    The candidate will understand how permissions are applied in the Windows NT File System, Shared Folders, Printers, Registry Keys, and Active Directory, and how Privileges are applied
  • Windows as a Service
    The candidate will understand how to manage updates for a network of Windows hosts.
  • Windows Automation, Auditing, and Forensics
    The candidate will be introduced to the techniques and technologies used to audit Windows hosts.
  • Windows Security Infrastructure
    The candidate will identify the differences between types of Windows OSes and how Windows manages groups and accounts, locally and with Active Directory and Group Policy
  • Windows Services and Microsoft Cloud
    The candidate will know how to take basic measures in securing Windows network services such as IPsec, IIS, and Remote Desktop Services and Microsoft Azure security features.
  • Wireless Network Security
    The candidate will have a basic understanding of the misconceptions and risks of wireless networks and how to secure them.

FIND OUT MORE

Related

Tags: Active DefenseActive Defense CertificationsCareersCertificationCybersecurity AnalystForensicsGIACGSECHardware Security ModuleHSMInformation Security FundamentalsSecurity AnalystSecurity Analyst CertificationsSecurity Analyst EducationVulnerability Scan
19
VIEWS
ADVERTISEMENT

Related Posts

Secure Coding – Secure application development

Secure Coding – Secure application development

July 29, 2022
FT120 – Fortify SAST and DAST for Developers (ILT/VILT)

Application Security – The Complete Guide

July 29, 2022
FT120 – Fortify SAST and DAST for Developers (ILT/VILT)

FT120 – Fortify SAST and DAST for Developers (ILT/VILT)

July 29, 2022
The complete guide to developer-first application security (e-book)

The complete guide to developer-first application security (e-book)

July 25, 2022

More Articles

Centralized

November 25, 2020
Alerts

Apache Releases Security Advisory for Tomcat  

October 15, 2021
Alerts

BlackCat Adds Brute Ratel Pentest Tool to Attack Arsenal

July 20, 2022
Book

The Cybersecurity Due Diligence Handbook

July 7, 2022
Incidents

Russian Hackers Target Private Ukrainian Energy Firm

July 4, 2022

Cool things entrepreneurs do

July 21, 2022
Incidents

WonderHero game disabled after hackers steal $320,000 in cryptocurrency

April 8, 2022
Movie

Storm Watch (2002)

October 14, 2020
Load More

World’s number one cybersecurity repository. Find everything you need about cybersecurity.

Cybersecurity Domains

  • Application Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • Governance
  • IAM
  • Physical Security
  • More...

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • AR/VR
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • IoT
  • Quantum Computing
  • More...

Frameworks

  • CIS Controls
  • CISA TSS
  • FISMA
  • GDPR
  • ISO 2701/02
  • MITRE ATT&CK
  • NIST
  • NYS-DFS
  • More...

Industries

  • Automation
  • E-Commerce
  • Education
  • Fake News
  • Financial
  • Government
  • Health Care
  • Military
  • More...

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering
  • Vulnerabilities
  • More...

© 2022 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Cyber101
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Attackers
    • Incidents
    • Threats
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Quotes

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.