Certification

Certification

GIAC Information Security Professional (GISP)

Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GISP Exam Certification Objectives
Asset Security The candidate will demonstrate an understanding of asset management and classification, including access controls, handling and retention requirements.
Communications and Network Security The candidate will demonstrate an understanding of network security, including secure architecture, network protocols, security controls and devices, and common network attacks.
Identity and Access Management The candidate will demonstrate an understanding of identity management concepts and controls including AAA, passwords, tokens, biometrics, federation, and common threats.
Security and Risk Management The candidate will demonstrate and understanding of security risk management and business continuity practices, including legal and regulatory compliance, security policies, and governance principles.
Security Assessment and Testing The candidate will demonstrate the ability to design, perform, and analyze security tests
Security Engineering The candidate will demonstrate an understanding of secure engineering architecture and implementation for systems in networked, web based, and mobile environments and mitigating common vulnerabilities.
Security Operation The candidate will be able to demonstrate an understanding of the managerial, administrative, operational aspects of information security.
Software Development Security The candidate will be able to demonstrate an understanding of the key security principles related to secure application development.