GCIH – GIAC Certified Incident Handler

| February 24, 2006


Silver: Exam

Passing Score:
Other Requirements:

Gold: Practical

Many had feared that the practical portion of the GIAC certification program had disappeared. It actually has just been renamed to allow for 2 levels of certification. Silver for the exam alone and gold for the practical.

Editors' Quick Thoughts

One of the instructors for this course is the venerable Ed Skoudis. That alone makes it worth the price of admission. Concentrating on not only ethical hacking techniques, this course also deals with what to do after a pen test. This certification is tied to the SANS training course SEC-504. Although a candidate may take the exam without attending the course, the price for that chosen path makes that option almost unreasonable. The course is top notch as many SANS offerings are, but many may find the (somewhat) lack of a self-study option to be undesireable. To end on a positive note, SANS and their cert arm, GIAC, are widely known and respected. Also, the fact that there are very few worries about the quality of instructors before attending training, you can rest assured that you won't be stuck in PowerPoint Hell.

From the Horse's Mouth (GIAC's Web Site Content):


Hacker Techniques, Exploits & Incident Handling, SEC-504


Individuals responsible for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures. GIAC Certified Incident Handlers (GCIHs) have the knowledge, skills, and abilities to manage incidents; to understand common attack techniques and tools; and to defend against and/or respond to such attacks when they occur.

More from SANS/GIAC.

CSP Resources

Category: Incident Response

Comments are closed.