Use this quick start guide to collect all the information about GIAC GICSP Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Global Industrial Cyber Security Professional (GICSP) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual Global Industrial Cyber Security Professional (GICSP) certification exam.
The GIAC GICSP certification is mainly targeted to those candidates who want to build their career in Industrial Control Systems domain. The Global Industrial Cyber Security Professional (GICSP) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GICSP.
GIAC GICSP Exam Summary:
| Exam Name | Global Industrial Cyber Security Professional (GICSP) |
| Exam Code | GICSP |
| Exam Price | $999 (USD) |
| Duration | 180 mins |
| Number of Questions | 82 |
| Passing Score | 71% |
| Books / Training | ICS410: ICS/SCADA Security Essentials |
| Schedule Exam | GIAC |
| Sample Questions | GIAC GICSP Sample Questions |
| Practice Exam | GIAC GICSP Certification Practice Exam |
GIAC GICSP Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Hardening & Protecting Endpoints | - The candidate will be able to describe how to implement endpoint security software along with hardening and patching, to secure the Windows and Unix style operating systems commonly found in an ICS environment. |
| ICS Components & Architecture | - The candidate will be able to categorize assets that comprise Purdue Reference Architecture levels zero through three and describe how they can be implemented in a securable architecture. The candidate will also be able to summarize the use of levels and zones in defining a secure ICS architecture, as well as the devices deployed at each level and zone. |
| ICS Overview & Concepts | - The candidate will be able to summarize the function of high-level ICS processes as well as ICS roles and responsibilities. The candidate will also be able to compare and contrast high-level differences between ICS and IT, including physical security considerations. |
| ICS Program & Policy Development | - The candidate will be able to summarize the steps and best practices used in building a security program and creating enforceable security policies for an ICS. |
| Intelligence Gathering & Threat Modeling | - The candidate will be able to determine the threat landscape of an ICS and high-level concepts of threat modeling. |
| PERA Level 0 & 1 Technology Overview and Compromise | - The candidate will be able to describe level 0 and level 1 devices and technologies and summarize how those devices and technologies are targeted and attacked. |
| PERA Level 2 & 3 Technology Overview and Compromise | - The candidate will be able to describe level 2 and level 3 devices and technologies and summarize how those devices and technologies are targeted and attacked. |
| Protocols, Communications, & Compromises | - The candidate will be able to describe the basic structures, protocols, and defense of communications within an ICS and summarize how they can be compromised. This includes TCP/IP as well as ICS specific protocols. The candidate will also be able to, at a basic level, describe the cryptography used to protect communications. |
| Risk Based Disaster Recovery & Incident Response | - The candidate will be able to describe how risk is measured and how it can be used to inform disaster recovery and incident response. |
| Wireless Technologies & Compromises | - The candidate will be able to summarize the different wireless communication technologies used in an ICS, how they are targeted, and how they can be defended. |
To ensure success in GIAC GICSP certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for GIAC Global Industrial Cyber Security Professional (GICSP) exam.