GIAC Security Essentials (GSEC)

Official Website

Giac.org

Cost: $1699

Video Guide

Basic Information

1. Average Salary after obtaining certification - $67,000 to $108,000 a year.

2. Exam Format

  • 1 proctored exam
  • 106-180 questions
  • Time limit of 4-5 hours
  • Minimum passing score of 73%

3. Intended Audience - Beginner to Intermediate.

4. Validity - 4 Years

5. Recommended Resources: SEC401: Security Essentials: Network, Endpoint, and Cloud

6. Topics Covered:

  • Access Control & Password Management:

    The candidate will understand the fundamental theory of access control and the role of passwords in managing access control.

  • AWS Fundamentals and Security

    The candidate will demonstrate an understanding of how to interact with and secure AWS instances.

  • Container and MacOS Security

    The candidate will demonstrate an understanding of how to secure containers and understand security features provided in MacOS.

  • Cryptography

    The candidate will have a basic understanding of the concepts of cryptography, including a high-level understanding of the major types of cryptosystems and steganography.

  • Cryptography Algorithms & Deployment

    The candidate will have a basic understand of the mathematical concepts that contribute to cryptography and identify commonly used symmetric, asymmetric, and hashing cryptosystems.

  • Cryptography Application

    The candidate will have a high-level understanding of the use, functionality, and operation of VPNs, GPG, and PKI

  • Data Loss Prevention and Mobile Device Security

    The candidate will understand the risks and impacts of data loss, how to prevent it, and the security considerations.

  • Defense in Depth

    The candidate will understand what defense in depth is and an identify the key areas of security and demonstrate the different strategies for implementing effective security within an organization.

  • Defensible Network Architecture

    The candidate will demonstrate how to architect a network to be monitored and controlled to resist intrusion.

  • Defensible Network Architecture

    The candidate will demonstrate how to architect a network to be monitored and controlled to resist intrusion

  • Endpoint Security

    The candidate will demonstrate a basic understanding of the function and uses of endpoint security devices, such as endpoint firewalls, HIDS, and HIPS

  • Enforcing Windows Security Policy

    The candidate will have a high-level understanding of the features of Group Policy and working with INF security templates

  • Incident Handling & Response

    The candidate will understand the concepts of incident handling and the processes pertaining to incident handling

  • Linux Fundamentals

    The candidate will demonstrate an understanding of the Linux operating system structure, vulnerabilities, and permissions.

  • Linux Security and Hardening

    The candidate will demonstrate an ability to gain visibility into a Linux system to be able to secure, audit, and harden the system.

  • Log Management & SIEM

    The candidate will demonstrate a high-level understanding of the importance of logging, the setup and configuration of logging, and log analysis with the assistance of SIEMs

  • Malicious Code & Exploit Mitigation

    The candidate will understand important attack methods and basic defensive strategies to mitigate those threat

  • Network Security Devices

    The candidate will demonstrate a basic understanding of the function and uses of network security devices, such as, firewalls, NIDS, and NIPS

  • Networking & Protocols

    The candidate will demonstrate an understanding of the properties and functions of network protocols and network protocol stacks.

  • Security Frameworks and CIS Controls

    The candidate will understand the purpose, implementation, and background of the CIS Critical Controls, NIST Cybersecurity Framework, and the MITRE ATT&CK knowledge base.

  • Virtualization and Cloud Security

    The candidate will have a basic understanding of the risks of virtualization and cloud services and how to secure them

  • Vulnerability Scanning and Penetration Testing

    The candidate will demonstrate an understanding of the concepts and relationship behind reconnaissance, resource protection, risks, threats, and vulnerabilities including preliminary abilities to create network maps and perform penetration testing techniques

  • Web Communication Security

    The candidate will demonstrate an understanding of web application security and common vulnerabilities including CGI, cookies, SSL and active content.

  • Windows Access Controls

    The candidate will understand how permissions are applied in the Windows NT File System, Shared Folders, Printers, Registry Keys, and Active Directory, and how Privileges are applied

  • Windows as a Service

    The candidate will understand how to manage updates for a network of Windows hosts.

  • Windows Automation, Auditing, and Forensics

    The candidate will be introduced to the techniques and technologies used to audit Windows hosts.

  • Windows Security Infrastructure

    The candidate will identify the differences between types of Windows OSes and how Windows manages groups and accounts, locally and with Active Directory and Group Policy

  • Windows Services and Microsoft Cloud

    The candidate will know how to take basic measures in securing Windows network services such as IPsec, IIS, and Remote Desktop Services and Microsoft Azure security features.

  • Wireless Network Security

    The candidate will have a basic understanding of the misconceptions and risks of wireless networks and how to secure them.

Our Thoughts

We hoghly Recommended this Certificate as this is certificates prep and exam gives a great in-depth all about of cyber world as well as giving a good Salary bump to a lot many