Certification

Certification

GIAC Certified Perimeter Protection Analyst (GPPA)

Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GPPA Exam Certification Objectives
Netfilter iptables The candidate will understand the features and configuration of the free firewall, Netfilter.
IPv6 and ICMPv6 The candidate will understand the basics of IP and ICMP version 6.
Network Access Control The candidate will be familiar with Network Access Control theory.
Perimeter Concepts and IP Fundamentals The candidate will demonstrate a thorough understanding of the IP header, and basic perimeter concepts including services, firewalls, and layered security.
Packet Fragmentation The candidate will demonstrate an understanding of how fragmentation works and fragmentation-based attacks.
TCP/IP Protocols The candidate will demonstrate a thorough understanding of TCP, UDP and ICMP.
Packet Filters and Inspection The candidate will demonstrate an understanding of how static and stateful packet filters work.
NAT and Proxies The candidate will demonstrate understanding of transparent, non-transparent, and reverse proxy functionality, and the four standard implementations of NAT.
IOS and Router Security The candidate will demonstrate understanding of the basics of Cisco IOS and router hardening through applying ACLs
Network-Based Intrusion Detection The candidate will demonstrate an understanding of signature-based network intrusion detection.
Creating and Auditing a Rulebase The candidate will demonstrate an understanding of building and verifying firewall rulebases that serve the needs of the business and map to security policy.
Securing Hosts and Services The candidate will demonstrate an understanding of the principles, tools, and techniques for securing and hardening hosts and services.
Host-Based Detection and DLP The candidate will demonstrate understanding of the capabilities of HIDS and HIPS, and be familiar with DLP techniques.
Log Collection and Analysis The candidate will demonstrate understanding of techniques for centralizing log collection and analyzing firewall logs.
Incident Detection and Analysis The candidate will demonstrate a basic understanding of detecting incidents, intrusions, and preserving evidence.
VPN Design and Auditing The candidate will demonstrate an understanding of VPN authentication, encryption and placement techniques.
VPN Implementation The candidate will demonstrate an understanding of IPSEC, SSL and SSH as VPN technologies.
Analyzing Network and Wireless Design The candidate will demonstrate familiarity with network design principles and decisions, and with basic wireless security issues.
Firewall Assessment and Penetration Testing The candidate will demonstrate a thorough understanding of assessing and validating the security of a firewall.