Login

Certications Exams Certied Professionals Programs Resources About

Security Certication: GICSP

Global Industrial Cyber Security

Professional (GICSP)
ViewProfessionals

Industrial Control
Systems

Description
GICSP
GICSPnowapprovedunderDoDD8570guidelines.

GRID
GICSP:CertifyingICSSecurityEssentialsforEngineering,OperatingTechnologyandCyber

TheGICSPbridgestogetherIT,engineeringandcybersecuritytoachievesecurityforindustrialcontrol
systemsfromdesignthroughretirement.Thisuniquevendorneutral,practitionerfocusedindustrialcontrol
systemcertificationisacollaborativeeffortbetweenGIACandrepresentativesfromaglobalindustry
consortiuminvolvingorganizationsthatdesign,deploy,operateand/ormaintainindustrialautomationand
controlsysteminfrastructure.GICSPwillassessabaselevelofknowledgeandunderstandingacrossa
diversesetofprofessionalswhoengineerorsupportcontrolsystemsandshareresponsibilityforthesecurity
oftheseenvironments.

GIACGlobalIndustrialCyberSecurityProfessional(GICSP)certificationnowmeetstherequirementsofthe
DoDManual8570.01"InformationAssuranceWorkforceImprovementProgram"andisapprovedforthe
DepartmentofDefense(DoD)ComputerNetworkDefenseAnalyst(CNDA),ComputerNetworkDefense
InfrastructureSupport(CNDIS)andInformationAssuranceTechnicalLevelII(IATLevelII)workforce
categories.

TheapprovalofGICSPforDoDD8570effectsanyfullorparttimemilitaryservicemember,contractor,or
localnationalswithprivilegedaccesstoaDoDinformationsystemperforminginformationassurance(security)
functionsregardlessofjoboroccupationalseries,requiringanapprovedcertificationfortheirparticularjob
classification.

Target
Thiscertificationwillbeleveragedacrossindustriestoensureaminimumsetofknowledgeandcapabilities
thatIT,Engineer,andSecurityprofessionalsshouldknowiftheyareinarolethatcouldimpactthecyber
securityofanICSenvironment.

*NoSpecifictrainingisrequiredforanyGIACcertification.Therearemanysourcesofinformationavailable
regardingthecertificationobjectives'knowledgeareas.Practicalexperienceisanoptiontherearealso
numerousbooksonthemarketcoveringComputerInformationSecurity.Anotheroptionisanyrelevant
coursesfromtrainingproviders,includingSANS.*

Requirements
1proctoredexam
115questions
Timelimitof3hours
MinimumPassingScoreof69%
Renew
Certificationsmustberenewedevery4years.Clickherefordetails.

Delivery
NOTE:AllGIACexamsaredeliveredthroughproctoredtestcentersandmustbescheduledinadvance.
GIACcertificationattemptswillbeactivatedinyourGIACaccountafteryourapplicationhasbeenapproved
andaccordingtothetermsofyourpurchase.Detailsondeliverywillbeprovidedalongwithyourregistration
confirmationuponpayment.Youwillreceiveanemailnotificationwhenyourcertificationattempthasbeen
activatedinyouraccount.Youwillhave120daysfromthedateofactivationtocompleteyourcertification
attempt.GIACexamsmustbeproctoredthroughPearsonVUE.Pleaseclickthefollowinglinkforinstructions
onHowtoScheduleYourGIACProctoredExam
http://www.giac.org/information/schedule_proctored_exam.pdf.GIACexamsaredeliveredonlinethrougha
standardwebbrowser.

Links
CertifiedProfessionals(GICSP)
Recertification
ExamFeedbackProcedure
FeedbackProcedure
Proctoredexamprocedure
SANSInformationSecurityReadingRoom

Bulletin (Part 2 of Candidate Handbook)

Exam Certication Objectives & Outcome Statements

Thetopicareasforeachexampartfollow:

AccessManagement
Knowledgeofaccesscontrolmodels,directoryservicesandknowledgeofuseraccessmanagement

Configuration/ChangeManagementchangemanagement,baselines,equipmentconnections,and
auditing
Knowledgeofchangemanagement,baselines,equipmentconnections,andconfigurationauditing

Configuration/ChangeManagementsoftwareupdates
Knowledgeofdistributionandinstallationofpatches,knowledgeofsoftwarereloadsandfirmware
management

CybersecurityEssentialsforICSattacksandincidents
Knowledgeofattacksandincidents(e.g.,maninthemiddle,spoofing,socialengineering,denialofservice,
denialofview,datamanipulating,sessionhijacking,foreignsoftware,unauthorizedaccess)

CybersecurityEssentialsforICSavailability
Knowledgeofavailability(e.g.,healthandsafety,environmental,productivity)

CybersecurityEssentialsforICScryptographics
Knowledgeofcryptographics(e.g.,encryption,digitalsignatures,certificatemanagement,PKI,public
versusprivatekey,hashing,keymanagement,resourceconstraints)

CybersecurityEssentialsforICSsecuritytenets
Knowledgeofsecuritytenets(e.g.,CIA,nonrepudiation,leastprivilege,separationofduties)

CybersecurityEssentialsforICSthreats
Knowledgeofthreats(e.g.,nationstates,generalcriminals,insideandoutsidemaliciousattackers,
hacktivists,insidenonmalicious)

DisasterRecoveryandBusinessContinuity
Knowledgeofsystembackup&restoration
ICSArchitectureCommunicationMediums
Knowledgeofcommunicationmediumandexternalnetworkcommunications

ICSArchitecturefielddevicearchitecture
Knowledgeoffielddevicearchitecture(e.g.,relays,PLC,switch,processunit)

ICSArchitectureindustrialprotocols
Knowledgeofindustrialprotocols(e.g.,modbus,modbusTCP,DNP3,Ethernet/IP,OPC)

ICSArchitecturenetworkprotocols
Knowledgeofnetworkprotocols(e.g.,DNS,DHCP,TCP/IP)

ICSArchitecturenetworksegmentation
networksegmentation(e.g.,partitioning,segregation,zonesandconduits,referencearchitectures,network
devicesandservices,datadiodes,DMZs)

ICSArchitecturewirelesssecurity
wirelesssecurity(e.g.,WIFI,wirelesssensors,wirelessgateways,controllers)

ICSModulesandElementsHardeningapplicationsecurity
Knowledgeofapplicationsecurity(e.g.,databasesecurity)

ICSModulesandElementsHardeningembeddeddevices
Knowledgeofembeddeddevice(e.g.,PLCs,controllers,RTU,analyzers,meters,aggregators,security
issues,defaultconfigurations)

ICSModulesandElementsHardeningnetworksecurity/hardening
Knowledgeofnetworksecurity/hardening(e.g.,switchportsecurity)

ICSModulesandElementsHardeningOSsecurity
KnowledgeofOSsecurity(unix/linux,windows,leastprivilegesecurity,virtualization)

ICSModulesandElementsHardeningConfigurationandendpointhardening
Knowledgeofantimalwareimplementation,updating,monitoring,andsanitization.Knowledgeofendpoint
protectionincludinguserworkstationsandmobiledevices

ICSSecurityAssessmentssecuritytools
securitytestingtools(e.g.,packetsniffer,portscanner,vulnerabilityscanner)

ICSSecurityAssessmentsassessments&testing
Knowledgeofdevicetesting(e.g.,communicationrobustness,fuzzing)(e.g.,risk,criticality,vulnerability,
attacksurfaceanalysis,supplychain),Knowledgeofpenetrationtestingandexploitation,Knowledgeof
securityassessment

ICSSecurityGovernanceandRiskManagementriskmanagement
Knowledgeofriskmanagement(e.g.,PHA/hazopusage,riskacceptance,risk/mitigationplan)

ICSSecurityGovernanceandRiskManagementsecuritypoliciesandproceduresdevelopment
Knowledgeofsecuritypoliciesandproceduresdevelopment(e.g.,exceptions,exemptions,requirements,
standards)

ICSSecurityMonitoringLogging
Knowledgeofevent,network,andsecuritylogging,includingknowledgeofarchivinglogs

ICSSecurityMonitoringMonitoring
Knowledgeofevent,network,andsecuritymonitoring

IncidentManagement
Knowledgeofincidentrecognitionandtriage(e.g.,loganalysis/eventcorrelation,anomalousbehavior,
intrusiondetection,egressmonitoring,IPS),knowledgeofincidentremediation/recovery,andknowledgeof
incidentresponse(e.g.,recording/reporting,forensicloganalysis,containment,incidentresponseteam,
rootcauseanalysis,eradication/quarantine)

IndustrialControlSystemsbasicprocesscontrolsystems
Knowledgeofbasicprocesscontrolsystems(e.g.,RTU,PLC,DCS,SCADA,metering/telemetry,ethernet
I/O,buses,Purdue(ISA95))

IndustrialControlSystemssafetyandprotectionsystems
 Knowledgeofsafetyandprotectionsystems(e.g.,SIS,EMS,leakdetection,FGS,BMS,vibration
monitoring)

PhysicalSecurity
Knowledgeofphysicalsecurity

Where to Get Help

Trainingisavailablefromavarietyofresourcesincludingonline,courseattendanceataliveconference,and
selfstudy.

Practicalexperienceisanotherwaytoensurethatyouhavemasteredtheskillsnecessaryforcertification.
Manyprofessionalshavetheexperiencetomeetthecertificationobjectivesidentified.

Finally,collegelevelcoursesorstudythroughanotherprogrammaymeettheneedsformastery.

Theproceduretocontestexamresultscanbefoundathttp://www.giac.org/about/procedures/grievance.

FindaProfessional Go
Latest Tweets @CertifyGIAC

ThinkingabouttakingtheGIACReverse Contact Us
EngineeringMalwaree[...]
May23,20174:37PM Phone:301654SANS(7267)
MonFri9am8pmEST/EDT
Lateston#WannaCryRansomware Questions:info@giac.org
WEBCASTwith@MalwareJake|T[...] More
May15,20179:14PM

Curiousabouthowtouse@sans_isc
resources?Joinusat#SO[...]
May15,20177:18PM

Certifications Exams CertifiedProfessionals Resources About

20002017GIAC
(ISC)2andCISSPareregisteredmarksoftheInternationalInformationSystemsSecurityCertificationConsortium,Inc.