Certification

Certification

GIAC Information Security Professional (GISP)

Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GISP Exam Certification Objectives
Software Development Security The candidate will be able to demonstrate an understanding of the key security principles related to secure application development.
Security Assessment and Testing The candidate will demonstrate the ability to design, perform, and analyze security tests
Identity and Access Management The candidate will demonstrate an understanding of identity management concepts and controls including AAA, passwords, tokens, biometrics, federation, and common threats.
Security Engineering The candidate will demonstrate an understanding of secure engineering architecture and implementation for systems in networked, web based, and mobile environments and mitigating common vulnerabilities.
Asset Security The candidate will demonstrate an understanding of asset management and classification, including access controls, handling and retention requirements.
Security and Risk Management The candidate will demonstrate and understanding of security risk management and business continuity practices, including legal and regulatory compliance, security policies, and governance principles.
Communications and Network Security The candidate will demonstrate an understanding of network security, including secure architecture, network protocols, security controls and devices, and common network attacks.
Security Operation The candidate will be able to demonstrate an understanding of the managerial, administrative, operational aspects of information security.