logo

SANS Course

course overview

download outline

Select Country and City to View dates & book now

Overview

Areas Covered

  • Defense in depth, access control and password management
  • Cryptography: basic concepts, algorithms and deployment, and application
  • Cloud: AWS fundamentals, Microsoft cloud
  • Defensible network architecture, networking and protocols, and network security
  • Incident handling and response, data loss prevention, mobile device security, vulnerability scanning and penetration testing
  • Linux: Fundamentals, hardening and securing
  • SIEM, critical controls, and exploit mitigation
  • Web communication security, virtualization and cloud security, and endpoint security
  • Windows: access controls, automation, auditing, forensics, security infrastructure, and services


Audience

Who is GSEC for?

  • New InfoSec professions with backgrounds in information systems and networking
  • Security professionals
  • Security managers
  • Operations personnel
  • IT engineers and supervisors
  • Security administrators
  • Forensic analysts
  • Penetration testers
  • Auditors


Skills Gained

GIAC Security Essentials

The GIAC Security Essentials (GSEC) certification validates a practitioner's knowledge of information security beyond simple terminology and concepts. GSEC certification holders are demonstrating that they are qualified for hands-on IT systems roles with respect to security tasks.

  • Defense in depth, access control and password management
  • Cryptography: basic concepts, algorithms and deployment, and application
  • Cloud: AWS fundamentals, Microsoft cloud
  • Defensible network architecture, networking and protocols, and network security
  • Incident handling and response, data loss prevention, mobile device security, vulnerability scanning and penetration testing
  • Linux: Fundamentals, hardening and securing
  • SIEM, critical controls, and exploit mitigation
  • Web communication security, virtualization and cloud security, and endpoint security
  • Windows: access controls, automation, auditing, forensics, security infrastructure, and services


Prerequisites

SEC401 covers all of the core areas of security and assumes a basic understanding of technology, networks, and security. For those who are new to the field and have no background knowledge, SEC275: Foundations - Computers, Technology and Security or SEC301: Introduction to Cyber Security would be the recommended starting point. While these courses are not a prerequisite for SEC401, they do provide the introductory knowledge to help maximize the experience with SEC401.

Outline

Exam Certification Objectives & Outcome Statements

  • Access Control & Password Management
  • The candidate will understand the fundamental theory of access control and the role of passwords in managing access control.
  • AWS Fundamentals and Security
  • The candidate will demonstrate an understanding of how to interact with and secure AWS instances.
  • Container and MacOS Security
  • The candidate will demonstrate an understanding of how to secure containers and understand security features provided in MacOS.
  • Cryptography
  • The candidate will have a basic understanding of the concepts of cryptography, including a high-level understanding of the major types of cryptosystems and steganography.
  • Cryptography Algorithms & Deployment
  • The candidate will have a basic understand of the mathematical concepts that contribute to cryptography and identify commonly used symmetric, asymmetric, and hashing cryptosystems.
  • Cryptography Application
  • The candidate will have a high-level understanding of the use, functionality, and operation of VPNs, GPG, and PKI
  • Data Loss Prevention and Mobile Device Security
  • The candidate will understand the risks and impacts of data loss, how to prevent it, and the security considerations.
  • Defense in Depth
  • The candidate will understand what defense in depth is and an identify the key areas of security and demonstrate the different strategies for implementing effective security within an organization.
  • Defensible Network Architecture
  • The candidate will demonstrate how to architect a network to be monitored and controlled to resist intrusion.
  • Endpoint Security
  • The candidate will demonstrate a basic understanding of the function and uses of endpoint security devices, such as endpoint firewalls, HIDS, and HIPS
  • Enforcing Windows Security Policy
  • The candidate will have a high-level understanding of the features of Group Policy and working with INF security templates
  • Incident Handling & Response
  • The candidate will understand the concepts of incident handling and the processes pertaining to incident handling.
  • Linux Fundamentals
  • The candidate will demonstrate an understanding of the Linux operating system structure, vulnerabilities, and permissions.
  • Linux Security and Hardening
  • The candidate will demonstrate an ability to gain visibility into a Linux system to be able to secure, audit, and harden the system.
  • Log Management & SIEM
  • The candidate will demonstrate a high-level understanding of the importance of logging, the setup and configuration of logging, and log analysis with the assistance of SIEMs
  • Malicious Code & Exploit Mitigation
  • The candidate will understand important attack methods and basic defensive strategies to mitigate those threats.
  • Network Security Devices
  • The candidate will demonstrate a basic understanding of the function and uses of network security devices, such as, firewalls, NIDS, and NIPS
  • Networking & Protocols
  • The candidate will demonstrate an understanding of the properties and functions of network protocols and network protocol stacks.
  • Security Frameworks and CIS Controls
  • The candidate will understand the purpose, implementation, and background of the CIS Critical Controls, NIST Cybersecurity Framework, and the MITRE ATT&CK knowledge base.
  • Virtualization and Cloud Security
  • The candidate will have a basic understanding of the risks of virtualization and cloud services and how to secure them.
  • Vulnerability Scanning and Penetration Testing
  • The candidate will demonstrate an understanding of the concepts and relationship behind reconnaissance, resource protection, risks, threats, and vulnerabilities including preliminary abilities to create network maps and perform penetration testing techniques
  • Web Communication Security
  • The candidate will demonstrate an understanding of web application security and common vulnerabilities including CGI, cookies, SSL and active content.
  • Windows Access Controls
  • The candidate will understand how permissions are applied in the Windows NT File System, Shared Folders, Printers, Registry Keys, and Active Directory, and how Privileges are applied
  • Windows as a Service
  • The candidate will understand how to manage updates for a network of Windows hosts.
  • Windows Automation, Auditing, and Forensics
  • The candidate will be introduced to the techniques and technologies used to audit Windows hosts.
  • Windows Security Infrastructure
  • The candidate will identify the differences between types of Windows OSes and how Windows manages groups and accounts, locally and with Active Directory and Group Policy
  • Windows Services and Microsoft Cloud
  • The candidate will know how to take basic measures in securing Windows network services such as IPsec, IIS, and Remote Desktop Services and Microsoft Azure security features.
  • Wireless Network Security
  • The candidate will have a basic understanding of the misconceptions and risks of wireless networks and how to secure them.


Certification

Exam Format

  • 1 proctored exam
  • 106-180 questions
  • Time limit of 4-5 hours
  • Minimum passing score of 73%

Note: GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GSEC exam has been determined to be 73% for all candidates receiving access to their certification attempts on or after August 6th, 2017. To verify the format and passing point of your specific certification attempt, read the Certification Information found in your account at

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.