What is GCIH certification?
Exam Overview
GCIH certification which stands for GIAC Certified Incident Handler is a certificate maintained and offered by a company named as GIAC. The certificate validates a candidate’s ability to detect, respond, and resolve computer security incidents using a wide range of security skills.
In order to acquire this certificate, candidate should have the knowledge and skillset needed to manage security incidents. This happens by understanding common attack techniques, vectors and tools. Furthermore, candidate should demonstrate their capability in defending against and responding to such attacks when it perhaps strikes organizations.
GCIH Certification Requirements
The candidate should be capable to identify, defend against and mitigate drive-by and various endpoint attacks. Furthermore, attackers will employ different evasion techniques to avoid detection by security controls. The candidate should therefore know and understand evasion techniques that the attackers commonly arrange to compromise and bypass checkpoints of enterprise environments.
The aspirants should demonstrate their capabilities in incident response, malware, and network investigation procedures. Besides, the exam takers should familiarize themselves with Metasploit ,netcat and other tools to circumvent attacks that may occur through those sophisticated toolsets.
The practitioners should further demonstrate their understanding of different attack scenarios. This may further happen mainly to cripple networked environments, exploit web applications and compromise sensitive credentials. Lastly, the candidate should have technical capabilities in reconnaissance, scanning and mapping techniques to uncover vulnerabilities in enterprise services, networks and workstations.
The certification covers the following main domains:
- Incident Handling and Computer Crime Investigation
- Computer and Network Hacker Exploits
- Hacker Tools (Nmap, Nessus, Metasploit and Netcat)
Candidates should retrieve the exam certification information from the official site.
The exam is proctored based and contains 106 multiple choice questions which the practitioner must complete within 240 minutes. And exam takers should be able to score 70% and above to earn the credential. In addition, candidates can take the exam by online remote proctoring through ProctorU or onsite proctoring through Pearson VUE authorized test centers.