Wednesday, April 6, 2011

Passed GIAC GCIH Exam

Hey fellas,

After around a month's preparation post passing GPEN, I sat for and passed  GIAC Incident Handling exam yesterday.

Here is the program detail:

This subject teaches about Incident Handling skills, and dives deep into various attack vectors. Also, interesting is to learn how to understand and apply this knowledge to attacks vis-a-vis the 6 Incident Handling phases.

The exam was gripping at all times, and I found a handful of pretty tricky questions in there too. I will not delve any detail on the questions, only that you should have decent experience in most / all the topics mentioned in the syllabii as well as have at least some exposure to handling events / incidents from a high level.

Here is the GCIH certification bulletin:

Day 1 today, and I am already finding this knowledge very helpful. It is comforting to be able to relate methods n thought process of a penetration tester in confirming / exploiting security weaknesses in a customer environment, with the defensive approach of an Incident Handler. This brings out all the worth of GPEN n GCIH cos it is crucial to be able to help customers' infosec / security team understand ways an attacker can get in as well as recommendations pertaining to each of the phases of Incident handling process; i.e.   preparation / identification / containment / eradication / recovery and lessons learned. And lastly and equally importantly, as a consultant, you can show the playground and the game to (non-tech) executives.

What say? Go for it!

Best Regards.

No comments:

Post a Comment


The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.