GIAC® certifications are created and administered by the Global Information Assurance Certification and cover a variety of security domains. GIAC certifications vary from management and leadership to deep levels of penetration testing, reverse engineering and more. In this article, we will take a look at different certifications that GIAC has to offer, broken down by domain, and provide a brief overview of all of them.
- GCIH: The GIAC Certified Intrusion Analyst is an entry-level certification in the penetration testing domain. It tests a candidate’s knowledge around understanding an incident, detecting an incident, using various tools to understand attacker tactics and understanding different types of attacks, such as buffer overflows, password attacks, session hijacking, the OWASP Top 10 and more.
- GPEN: The GIAC Penetration tester certification assess candidates knowledge around networks and systems design and to discover vulnerabilities. Candidate should know basics about exploitation and pentesting process This certification tests candidates knowledge to perform advanced password attacks; how to scan for vulnerabilities;how to scan for interesting targets and how to profile them;methods to perform post exploitation,web application attacks.
- GWAPT: The GIAC Web Application Penetration Tester certification focuses on web application pentesting and requires the candidate to have in-depth knowledge of how some known web application attacks work. Examples of attacks include cross site request forgery (CSRF), cross site scripting (XSS) and injection attacks, such as SQL injection and command injection. Candidates should also know how to profile an application and look for weak areas.
- GPYC: The GIAC Python Coder certification aims at assessing Python fundamentals, such as exception handling, data types and data structures as well as other Python skills, such as usage of known libraries and using Python as a browser to test applications. The candidate should also be familiar with creation of small tools to (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Security Ninja. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/J75KdX9R_rc/