Use this quick start guide to collect all the information about GIAC GMON Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Continuous Monitoring (GMON) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual GIAC Continuous Monitoring (GMON) certification exam.
The GIAC GMON certification is mainly targeted to those candidates who want to build their career in Cyber Defense domain. The GIAC Continuous Monitoring (GMON) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GMON.
GIAC GMON Exam Summary:
| Exam Name | GIAC Continuous Monitoring (GMON) |
| Exam Code | GMON |
| Exam Price | $999 (USD) |
| Duration | 180 mins |
| Number of Questions | 82 |
| Passing Score | 74% |
| Books / Training | SEC511: Cybersecurity Engineering: Advanced Threat Detection and Monitoring |
| Schedule Exam | GIAC |
| Sample Questions | GIAC GMON Sample Questions |
| Practice Exam | GIAC GMON Certification Practice Exam |
GIAC GMON Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Account & Privilege Monitoring & Authentication | - The candidate will demonstrate the ability to control the privilege levels of accounts & applications |
| Attack Techniques | - The candidate will learn to distinguish between traditional and modern attack techniques |
| Configuration Monitoring | - The candidate will demonstrate an understanding of the tool and techniques used for configuration change monitoring |
| Cyber Defense Principles | - The candidate will demonstrate an understanding of traditional and modern cyber defense principles |
| Device Monitoring | - The candidate will demonstrate an understanding of the tool and techniques used for endpoint monitoring |
| Discovery and Vulnerability Scanning | - The candidate will demonstrate an understanding of the tools and techniques used for network and endpoint discovery and vulnerability scanning |
| Exploit Methodology and Analysis | - The candidate will be able to utilize network traffic analysis methods and principles of exploit detection to be able to rapidly discover intrusions on the network |
| HIDS/HIPS/Endpoint Firewalls | - The candidate will demonstrate an understanding of how host intrusion detection/prevention systems & endpoint firewalls work, what their capabilities are and the roles they play in continuous monitoring |
| Network Data Encryption | - The candidate will be able to apply principles of exploit detection to be able to rapidly detect encrypted intrusions on the network |
| Network Security Monitoring Tools | - The candidate will demonstrate an understanding of how and why to use an assortment of network monitoring tools to improve the ability to detect intrusions on the network |
| NIDS/NIPS/NGFW | - The candidate will demonstrate an understanding of how network intrusion detection/prevention systems & next generation firewalls work, what their capabilities are and the roles they play in continuous monitoring |
| Patching & Secure Baseline Configurations | - The candidate will understand how to use baseline configuration auditing and patching to make endpoints more resilient. |
| Perimeter Protection Devices | - The candidate will demonstrate the ability to identify points of access into the perimeter and network devices that can be used to protect the perimeter |
| Proxies & SIEM | - The candidate will demonstrate an understanding of how proxies & security information and event managers work, what their capabilities are and the roles they play in continuous monitoring |
| Security Architecture Overview | - The candidate will demonstrate an understanding of traditional and modern security architecture frameworks and the role Security Operations centers provide |
| Software Inventories and Application Control | - The candidate will demonstrate an understanding of the benefits of maintaining software inventories and how to control application allow and deny lists. |
| Threat Informed Defense | - The candidate will demonstrate an understanding of adversary tactics and techniques and how to use attack frameworks to identify and defend against these threats in local and cloud-based environments. |
To ensure success in GIAC GMON certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for GIAC Continuous Monitoring (GMON) exam.