- Roadmap
- Steps To
- Security Admin
- Management
- Forensics
- Audit
- Legal
- Software Security
- GSE-Malware
- GSE-Compliance
- GSE
- DoD 8570
- Retired Certifications
Level 3
GIAC Certified Forensics Examiner (GCFE)
- Type:
- Certification
- Course:
- *No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- More information regarding relevant training from SANS can be found at:
- Computer Forensic Essentials, FOR-408
- Target:
GCFE is currently under development, with a scheduled release date of October 15, 2010.
The GCFE certification is for professionals working or interested in the information security and technology, legal and law enforcement industries.
- The GCFE certifies that candidates are competent in the concepts related to computer forensic investigation. Certification objectives include E-Discovery Methodology, Forensic Analysis Reports, Evidence Acquisition, Windows Analysis, Browser Forensics.
- Requirements:
- 1 proctored exam - 150 questions - 4-hour time limit - minimum passing score study currently underway
- Renewal:
- Every 4 years
- Delivery:
-
NOTE: GIAC exams are NOT given the day after the conference ends.
Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.
Level 5
GIAC Certified Forensic Analyst (GCFA)
- Type:
- Certification
- Course:
- *No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- More information regarding relevant training from SANS can be found at:
- Computer Forensic Investigations and Incident Response, FOR-508
- Target:
Individuals responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation.
GIAC Certified Forensic Analysts (GCFAs) have the knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts.
- Requirements:
- 1 proctored exam - 150 questions - 4-hour time limit - 69.3% (104 of 150 questions) minimum passing score
- Renewal:
- Every 4 years
- Delivery:
-
NOTE: GIAC exams are NOT given the day after the conference ends.
Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.
Level 6
GIAC Reverse Engineering Malware (GREM)
- Type:
- Certification
- Course:
- *No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- More information regarding relevant training from SANS can be found at:
- Reverse-Engineering Malware: Hands-On Analysis Tools and Techniques, FOR-610
- Target:
System and Network Administrators, Auditors, Security Consultants, and Security Managers responsible for protecting the organization from malicious code
The GIAC Reverse Engineering Malware (GREM) certification is designed for technologists who protect the organization from malicious code. GREM-certified technologists possess the knowledge and skills to reverse-engineer malicious software (malware) that targets common platforms, such as Microsoft Windows and web browsers. These individuals know how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration.
Reasons to become GREM certified:
- Become more valuable to your employer and/or customers by highlighting your cutting-edge malware analysis skills through the GREM certification
- Motivate yourself to develop a new skill set by reaching for a concrete, measurable, and achievable goal embodied by the GREM certification
- Join the ranks of highly-respected professionals who possess the knowledge and skills that are relatively rare in the industry
- Reinforce and affirm your ability to understand characteristics of real-world malware, so you can better respond to incidents and reinforce defenses
- Requirements:
- 1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score
- Renewal:
- Every 4 years
- Delivery:
-
NOTE: GIAC exams are NOT given the day after the conference ends.
Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.
