This is an essential certification that aims at assisting the incident handlers to have the basic knowledge on how to handle security attacks with the use of diversified tools, as well as techniques that are supposed to be used. the main areas of interest in this certification includes; responding, detecting as well as solving some of the common security incidents that are computer related. This is a worthy course that will identify the major steps that should be used in the handling of incidents that commonly occur on computers, the student will also be able to detect some of the most common malicious applications and other network related vulnerabilities. Upon the completion of the course, the students will be informed on the various procedures of enhancing computer security.
Who can do this certification?
All the IT experts that work within a computer related field can do this course. These skills are also worthy for the working staff who normally deal with computers in their areas of operation. The professionals who have much experience in incident handling will also have an upper hand. All those who need the needed information in the safeguarding of computer systems against hackers or other malicious threats can join for this course. IT administrators, system analysts, programmers, web designers and other IT experts can do this course.
This is an essential course that will enable the professionals to be competent in handling some of the most common attacks. The modern techniques that cover computer security are well covered. The experts will analyze the computer systems in an efficient way, and this will reduce the obvious risks such as the network problems, or any common incidents that usually lower the normal functioning of the computer.
An individual will have to do the GCIH examination.
For all the beginners, there is no particular training as such. This is an open course for all the candidates who want to expand their experience in certain objectives that revolve around the computer security. However, it is helpful to join the SANS training, which has fully covered the various techniques as well as exploits that covers the incident handling. The students must have some practical experience in dealing with the computers.
It is essential for the potential candidate to pass the GCIH examination, which covers the following topics:
- Buffer overflows
- Tracks and networks
- Tracking systems
- Denial of service attacks
- Using of Netcat for exploration of systems
- String attacks
- Incident handling
- Network sniffing
- Root kits
- Host discovery
This is a full detailed course that will equip the student with an advanced security system; the procedures that are mainly taught include password cracking, knowing the techniques that are important for host delivery, implementation of firewall policies, network mapping, and identification of some of the hijacking tools as well. There are many types of incidents that a candidate will be exposed to such as espionage, intellectual property; unauthorized use.
Through this certification, an individual will be able to understand the virtual environment in relation to the attacker's perspective. The candidate will also understand more on the worms, bots, and the ways to protect against these. Upon the completion of this course, a student will be versed with the basic understanding of IP spoofing, and also understand on the various forms of Denial of Service attacks, Netcat utility, and how to prevent against such systems. Through the skills acquired, the student will be able to know the manner in which attackers hide various files and directories. The backdoors as well as the Trojan horses is something that will be fully discussed, as well as the ways of defending against the buffer overflows.
The examination normally consists of 150 questions which should be done within a period of 4 hours. The required pass mark for the test is 72%. These examinations are usually delivered online through a specific web browser.
Validity of certification
The certificate is renewed after a period of four years.
The professional will be satisfied with the approaches that are highlighted in this certificate, which aims at removing the attacker's artifacts on various computers. There is also an in-depth knowledge on the defense against network sniffing, IP address spoofing, password attacks, and root kits. This is a necessary course for all those who want to have a basic understanding of network mapping as well as fingerprinting strategies, and methods of protecting against them.
Morgan Clay, security Administrator,