Certification

Certification

GIAC Continuous Monitoring Certification (GMON)

Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GMON Exam Certification Objectives
Security Architecture Overview The candidate will demonstrate an understanding of traditional and modern security architecture frameworks and the role Security Operations centers provide
Attack Techniques The candidate will learn to distinguish between traditional and modern attack techniques
Cyber Defense Principles The candidate will demonstrate an understanding of traditional and modern cyber defense principles
Perimeter Protection Devices The candidate will demonstrate the ability to identify points of access into the perimeter and network devices that can be used to protect the perimeter
NIDS/NIPS/NGFW The candidate will demonstrate an understanding of how network intrusion detection/prevention systems & next generation firewalls work, what their capabilities are and the roles they play in continuous monitoring
Proxies & SIEM The candidate will demonstrate an understanding of how proxies & security information and event managers work, what their capabilities are and the roles they play in continuous monitoring
Threat Intelligence The candidate will demonstrate understanding of the techniques used to gain knowledge of potential threats to network systems and targets of attack
Patching & Secure Baseline Configurations The candidate will understand how to use baseline configuration auditing and patching to make endpoints more resilient.
Software Inventories & Whitelisting The candidate will demonstrate an understanding of the benefits of maintaining software inventories and whitelists
Account & Privilege Monitoring & Authentication The candidate will demonstrate the ability to control the privilege levels of accounts & applications
HIDS/HIPS/Endpoint Firewalls The candidate will demonstrate an understanding of how host intrusion detection/prevention systems & endpoint firewalls work, what their capabilities are and the roles they play in continuous monitoring
Network Security Monitoring Tools The candidate will demonstrate an understanding of how and why to use an assortment of network monitoring tools to improve the ability to detect intrusions on the network
Exploit Methodology and Analysis The candidate will be able to utilize network traffic analysis methods and principles of exploit detection to be able to rapidly discover intrusions on the network
Network Data Encryption The candidate will be able to apply principles of exploit detection to be able to rapidly detect encrypted intrusions on the network
Discovery and Vulnerability Scanning The candidate will demonstrate an understanding of the tools and techniques used for network and endpoint discovery and vulnerability scanning
Device Monitoring The candidate will demonstrate an understanding of the tool and techniques used for endpoint monitoring
Configuration Monitoring The candidate will demonstrate an understanding of the tool and techniques used for configuration change monitoring