Areas Covered
- Incident Handling and Computer Crime Investigation
- Computer and Network Hacker Exploits
- Hacker Tools (Nmap, Metasploit, and Netcat)
Who is GCIH for?
- Incident handlers
- Incident handling team leads
- System administrators
- Security practitioners
- Security architects
- Any security personnel who are first responders
GCIH with CyberLive
GIAC knows that cyber security professionals need:
- Discipline-specific certifications
- Practical testing that validates their knowledge and hands-on skills
In response to this industry-wide need, GIAC developed CyberLive – hands-on, real-world practical testing. CyberLive testing creates a lab environment where cyber practitioners prove their knowledge, understanding, and skill using:
- Actual programs
- Actual code
- Virtual machines
Exam Certification Objectives & Outcome Statements
- Detecting Covert Communications
The candidate will demonstrate an understanding of how to identify and defend against the use of covert tools such as Netcat.
- Detecting Evasive Techniques
The candidate will demonstrate an understanding of how to identify, defend against methods attackers use to remove evidence of compromise and hide their presence.
- Detecting Exploitation Tools
The candidate will demonstrate an understanding of how to identify, and defend against the use of exploit tools such as Metasploit.
- Drive-By Attacks
The candidate will demonstrate an understanding of how to identify, and defend against drive-by attacks in modern environments.
- Endpoint Attack and Pivoting
The candidate will demonstrate an understanding of how to identify and defend against endpoint-specific attacks and pivoting in an environment.
- Incident Response and Cyber Investigation
The candidate will demonstrate an understanding of the PICERL and DAIR incident handling processes and incident response challenges.
- Memory and Malware Investigation
The candidate will demonstrate an understanding of the steps necessary to perform basic memory forensics and basic malware analysis.
- Network and Log Investigations
The candidate will demonstrate an understanding of the steps necessary to perform effective investigations of network and log data.
- Networked Environment Attack
The candidate will demonstrate an understanding of how to identify, defend against, and mitigate against attacks in shared-use environments.
- Password Attacks
The candidate will demonstrate a detailed understanding of password-cracking attacks, common password weaknesses, and password defenses.
- Post-Exploitation Attacks
The candidate will demonstrate an understanding of how attackers maintain persistence and collect data, and how to identify and defend against an attacker already in a traditional network or a cloud environment.
- Scanning and Mapping
The candidate will demonstrate an understanding of how to discover and map networks and hosts, reveal services and vulnerabilities, and identify and defend against scanning.
- SMB Security
The candidate will demonstrate an understanding of SMB features, vulnerabilities, how to discover and access shares, and how to secure the service.
- Web App Attacks
The candidate will demonstrate an understanding of how to identify, and defend against common web application attacks.
Reviews
There are no reviews yet.