The GSEC certification and exam
GIAC Security Essentials (GSEC) is one of the top certifications on the market for professionals who want to prove their IT skills on security-related tasks. This intermediate-level InfoSec certification is DOD-approved 8140 (DoDD 8570) for Level II IAT and is globally recognized by military, government and industry leaders. The GSEC certification is also highly respected among employers because the credential tests specific job skills and knowledge rather than general InfoSec concepts.
The Global Information Assurance Certification (GIAC) is a body recognized globally that focuses on information security certifications that cater to professionals who need specific skills and specialized knowledge to meet the challenges posed by modern-day computer (internal or external) threats. In line with this purpose, the GSEC is a "good foundation certification," that has quickly established itself as one of those credentials often requested by businesses looking to augment their security teams or locate cybersecurity talent to fill their IT security vacancies; this qualification can validate a practitioner's skill level and demonstrates his or her passion for the occupation.
Whether a professional is seeking to land an exciting and well-paying job (the average salary for the GSEC cert holder is $77,000, per PayScale) or is looking to kickstart a successful IT security career in 2018 and beyond, then this credential might be the right option.
GSEC certification: An overview
IT professionals attempting to pass the exam need to have IT security knowledge that goes beyond the basics. People with hands-on information security experience will have an advantage when taking the five-hour, 180 multiple choice and advanced question exam that requires a minimum passing score of 73%.
The test is currently in a proctored-only version delivered online at Pearson VUE sites. Students are permitted to bring books and notes to the test site. No internet or access to computer files is allowed during the session, and no personal electronic device can be brought into the test room. Candidates are provided with a computer to access the exam, an erasable note board and a marker for scratch work and an onscreen calculator.
Exam vouchers are purchased through the GIAC web site. To obtain one, testers need to submit an online application and pay a $1,699 fee; two practice tests are included in the price to familiarize with the test engine, modalities, and type of questions that will be asked during the official, proctored session. After purchasing a test through GIAC, candidates have four months to schedule a test through Pearson VUE at their preferred site; a 45-day extension can be purchased at the cost of $379.
Those that fail the exam can re-take it at the cost of $729 by logging into your SANS/GIAC Account and clicking on "Certification Attempts" and then "Purchase Retake." They will be only allowed to sit again for the exam after a 30-day waiting period. "After 3 failed attempts, your attempt is over and considered unsuccessfully completed. Candidates must wait one year to pursue a new certification attempt in this case," GIAC's website states. Note also that if a re-take is not purchased within 30 days from the failed attempt, the candidate will need to restart the entire process from the beginning.
Also, become aware of the fact that "[GSEC] students must review new course information and retake the exams every four years to remain certified." In alternative, professionals can pay a maintenance fee of non-refundable $429 payment, due once every four years at the time of registration and required to submit during the 4-year period 36 qualifying CPEs following the directions given on the GIAC official website
The GIAC GSEC program: Exam info
The GSEC exam comprises of questions devised by a panel of subject matter experts. Experienced IT security professionals first developed a list of the initial objectives and then conducted a formal Job Task Analysis (JTA) process to ensure all questions were relevant to the current industry standards, to the duties of professionals in the field that tests the knowledge and skills they are required to perform those tasks at their best.
Below are the objectives covered in the exam as listed on the official candidate handbook:
- Logical Access Entry:
- The candidate needs to understand the concepts of Password Management.
- Active Defense
- The candidate needs to have an understanding and knowledge of what Active Defense tools are.
- Advanced Persistent Threat
- The candidate will need to have an understanding .of what APT is and how to mitigate the risks associated with it.
- Contingency Plans
- The candidate must have an understanding of what contingency planning is.
- Critical Controls
- The candidate must have an understanding of the methodology behind Critical Security Controls.
- The candidate needs to know the basics of Cryptography.
- Cryptography Mathematical Algorithms:
- The candidate must have a basic understanding of the mathematical concepts that contribute to cryptography and will be able to identify commonly used symmetric, asymmetric and hashing cryptosystems.
- Cryptography Application
- The candidate will have a high level of understanding of the use, functionality, and operation of VPNs, GPG, and PKI.
- Defense in Depth
- The candidate will understand what defense in depth is and be able to identify the key areas of security by demonstrating the different strategies for implementing effective planning in evaluating the defensive measures within a business or corporation.
- Defensible Network Architecture
- The candidate must demonstrate how to build a Network Infrastructure.
- Endpoint Security
- The candidate will demonstrate how to use Firewalls, Routers, Network Intrusion Devices, etc.
- Windows Security Policy
- The candidate must have an understanding of the features of Windows Group Policy.
- Incident Handling and Response
- The candidate must understand the basics of incident and response handling.
- IT Risk Management
- The candidate must demonstrate how to use the principles of cybersecurity risk management.
- Linux Security
- The candidate must an understanding of the various Linux operating systems.
- Linux Services:
- The candidate must demonstrate how to protect the BIOS of a Linux host.
- Linux: Monitoring and Cyber Attack Detection
- The candidate must demonstrate the use of tools that are common to the Linux operating system.
- Linux: Security Utilities
- The candidate must demonstrate how to use key security utilities.
- Log Management & SIEM
- The candidate will demonstrate a high-level understanding of the importance of logging, its setup and configuration, and log management with the assistance of SIEMs that analyzes log data to detect malicious activity.
- Malicious Code & Exploit Mitigation
- The candidate will understand important attack methods and basic defensive strategies to mitigate those threats.
- Network Device Security
- The candidate must understand the risks associated with network devices and how to secure them.
- Network Security Devices
- The candidate must have a basic understanding of the functionalities of network security devices.
- Networking Protocols
- The candidate must demonstrate the functionalities of network protocols.
- Securing Windows Network Services
- The candidate must demonstrate how to use IPSec, IIS, and Remote Desktop Services.
- Security Policy
- The candidate must have an understanding of the concepts of a security policy.
- Virtualization and Cloud Security
- The candidate will have a basic understanding of the risks associated with the Cloud.
- Vulnerability Scanning and Penetration Testing
- The candidate must demonstrate an understanding of Penetration Testing and how to use the tools associated with it.
- Web Security
- The candidate needs to understand the concepts of CGI, cookies, SSL, active content, etc.
- Windows Access Controls
- The candidate must have an overall understanding of how permissions are applied in the Windows NT File System.
- Windows Auditing, and Forensics
- The candidate must know how to audit Windows hosts.
- Windows Security Infrastructure
- The candidate must know the differences between the various Windows OSs.
- Windows Service Packs:
- The candidate must understand how to manage and deploy service packs.
- Wireless Network Security
- The candidate must have an understanding of the security risks of wireless networks.
As seen from the areas listed above, GIAC's GSEC certification program is challenging as it measures very specific skills and knowledge. It's important to know that this exam revolves around a practical, almost hands-on approach to the subject matter to focus on aspects that are more technical rather than administrative and/or regulatory. The sheer number of areas covered is also to be considered when preparing for the test that really needs an across-the-board preparation.
Is the GSEC certification worth the effort? Who should earn the GSEC cert?
This job-specific, specialized-focus certification is geared toward those who are now or will, someday, hold a position in Security (IT/Network) Administration. Some professionals say the GSEC cert is comparable to the CompTIA Security+, (ISC)² SSCP or CISSP options that cover theory and concepts across a wide range of IT security topics for those trying to break into this field and have very little InfoSec or cybersecurity acquaintance; nonetheless, many believe the GSEC credential has a more technically-oriented approach and goes more in-depth roughly on the same subject areas tackling more of the current technology, skills or methods used today. GIAC's cert prepares individuals to assume hands-on roles concerning security tasks and is a great option for candidates who wish to prove their capabilities prevalently in technical matters.
What's more, "GSEC has a solid reputation within the industry and is approved for DoD 8570 Baseline Information Assurance." In addition, "In March 2014, Burning Glass did a survey of cybersecurity job postings and found that CISSP, CISA, Security+, CISM, and GSEC were the top 5 requested certifications." (cyberdegrees.org)
Advancing to options that are more complex is also a possibility through the many GIAC certifications available. The GIAC Security Expert (GSE), for example, is a performance-based, hands-on program with several prerequisites and geared towards an audience made of professionals "who pursue in-depth technical education in all areas of information security."
What is the best way to prepare and train for the GSEC exam?
It is never a good idea to wait until the last minute to begin studying or preparing for GSEC examination that will require a person to apply knowledge and solve real problems relevant to the certification objectives. Even if the exam is in open book format with textbooks and notes that are permitted (see the GIAC Candidate Rules Agreement ), preparation is essential to avoid having to re-take the test.
High-quality teachings and guidance are available to prepare for the GSEC exam through InfoSec Institute that has a relevant course, or from other training providers via online courses or self-study, if not from attendance at live conferences.
- InfoSec Institute's Fundamentals of Information Security Boot Camp
- A 5-day course, covering many critical issues and practices of Information Security
- Provides a comprehensive introductory approach to Information Security concepts and fundamentals
- This course is designed for students who have no prior knowledge of security and limited knowledge of technology
- After this Boot Camp, students will very effectively communicate with other security professionals regarding topics like password encryption, TCP/IP, phishing, malware, DNS, and best practices against security breaches
- SANS' SEC401 Security Essentials
- Online options available. Train from any location. OnDemand; vLive; Simulcast; Self-study; Private Training
- Covers prevention of attacks and detection of adversaries
- This course addresses Networking Concepts, Defense in Depth, Secure Communications and focuses on Foundational Windows and Linux Security
- Available is SANS GIAC Certification: Security Essentials Toolkit (GSEC)
In addition, utilizing GIAC Practice Tests (available through the GIAC Certification Portal via the link in your SANS/GIAC portal account) can significantly improve the chances for exam success. As well, there's practice for certification success with the Skillset library of over 100,000 practice test questions (Note: GSEC is not part of the Certifications Directory, as yet, but one can find topics like Security Controls, one of the subjects covered in the exam, to learn the material.)
It is also a good idea to explore other venues for increasing knowledge. For example, InfoSec conferences, seminars, and workshops, such as Infosecurity Europe 2018 (5-7 June in London, UK) and/ or Infosecurity North America 2018 (3-4 October at Hynes Convention Center in Boston, US) can also help fulfill continuing certification requirements and ultimately spur professional growth and development.
Good certification programs can help complete the transition from academic to professional life them apply for a job or advance critical skills for a specific career. The GSEC certification is a good entry point into InfoSec where there are companies ready to hire highly skilled workers at intermediate-level positions; it is also a valuable stepping-stone towards the preparation of more advanced certifications, like the GSE credential.
GIAC's certifications, including GSEC, can help fulfill the skills shortage in this field which continues to this day; accordingly, it's these qualifications that can also help inexperienced candidates who are searching for their preferred IT Security sector or path and want to improve their employment opportunities by obtaining a relevant credential that proves their motivation to learn and develop in the field.
- Brecht, D. (2016, June 9). Why GIAC? A Suitable Choice that Meets Professional Needs
- CyberDegrees.org. (n.d.). A Guide to Cyber Security Certifications
- GIAC. (n.d.). Security Certification: GSEC
- Henley, K. (2016, April 19). How 5 Top Cybersecurity Certifications Can Advance Your Career
- Lindros, K. (2016, December 28). 5 Great 'Starter' Cybersecurity Certifications
- Meritmainv2. (2017, March 8). 1.5M Unfilled Security Jobs: Meeting the Demand
- Messina, G. (2017, October 13). 7 Top Security Certifications You Should Have in 2018
- Miessler, D. (2014, June 29). A Guide to Information Security Certifications
- PayScale. (n.d.). Average Salary by Degree/Major Subject for Certification: SANS/GIAC Security Essentials Certification (GSEC)
- SC Media. (2011, February 15). GIAC Security Expert (GSE) - Best Professional Certification Program