GIAC Security Leadership Certificate (GSLC) Training Course with Hands-on Labs (Online, Onsite and Classroom Live)
This advanced-level GIAC Security Leadership Certificate (GSLC) validates the certification holder’s understanding of information security management, technical controls and governance with a specific focus on detecting, responding and protection against information security issues. GSLC verifies expertise in data, network, application, host, user controls, as well as security life cycle management topics.
This GIAC Security Leadership Certificate (GSLC) Training is intended for information security managers, information security professionals with leadership or managerial responsibilities and information technology management.
Duration: 5 days
Your Registration Includes:
- Five days of the best hands-on incident response training in the industry
- GSLC Courseware and Study Guide
- GSLC Sample Exam questions
- 100% Satisfaction Guarantee
- 1 proctored exam
- 115 questions
- Time limit of 3 hours
- Minimum Passing Score of 65%
*You will be required to renew your GSLC certification every four years through Continuing Professional Experience (CPE) credits.
NOTE: All GIAC exams are delivered through proctored test centers and must be scheduled in advance.
GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account.
You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam http://www.giac.org/information/schedule_proctored_exam.pdf. GIAC exams are delivered online through a standard web browser.
- We can adapt this GIAC Security Leadership Certificate (GSLC) Training course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this GIAC Security Leadership Certificate (GSLC) Training course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the GIAC Security Leadership Certificate (GSLC) Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the GIAC Security Leadership Certificate (GSLC) Training course in manner understandable to lay audiences.
GIAC Security Leadership Certificate (GSLC) Training - Audience / Target Group
- Information security managers
- Security professionals with leadership responsibilities
- IT and other managers
GIAC Security Leadership Certificate (GSLC) Training - Class Prerequisites
- There are no specific prerequisites, such as years of professional experience, required to earn the GSLC certification. GIAC does recommend, however, that certification candidates take an affiliate training course.
GIAC Security Leadership Certificate (GSLC) Training - Objectives:
GSLC covers a wide range of management-related objectives sprinkled with practical information security knowledge and skills. These objectives include:
- Cryptographic applications
- Cryptography concepts for managers
- Incident response and business continuity
- Managing a security operations center
- Managing application security
- Managing negotiations and vendors
- Managing projects
- Managing security architecture
- Managing security awareness
- Managing security policy
- Managing system security
- Managing the program structure
- Network monitoring for managers
- Network security and privacy
- Networking concepts for managers
- Risk management and security frameworks
- Vulnerability management
GIAC Security Leadership Certificate (GSLC) Training - Course Content:
- Understand the misconceptions and risks of 802.11 wireless networks and how to secure them.
Access Control and Password Management
- Build knowledge of the fundamental theory of access control and the role of passwords in controlling access to systems.
Building a Security Awareness Program
- Gain an understanding of the critical elements of creating and managing a Security Awareness Program.
Business Situational Awareness
- Familiarise yourself with the concept of situational awareness and the fundamental sources of information that lead to business situational awareness.
Change Management and Security
- Develop the skills to identify the signs of poor change management, understand the risks to the organisation, and develop a program to improve operations.
Computer and Network Addressing
- Get an understanding of how computers have a variety of names and addresses on a network and this must be managed.
Cryptography Algorithms and Concepts
- Learn and understand several crypto algorithms and the concepts behind secure ciphers.
Cryptography Applications, VPNs and IPSec
- Learn how cryptography can be used to secure a network and how Pretty Good Privacy (PGP) works, and be introduced to VPNs, IPSec and Public Key Infrastructure (PKI).
- Build a basic understanding of the fundamental terminology and concepts of cryptography.
- Understand the terminology and concepts of Risk and Defense-in-Depth, including threats and vulnerabilities.
- Learn what OPSEC is and the techniques used in defensive Operational Security.
Disaster Recovery / Contingency Planning
- Develop the skills to lead the BCP/DRP team and realistically plan for Business Continuity and Disaster Recovery.
- Learn how the Domain Name System (DNS) works, common attacks against DNS, and what can be done to defend against those attacks.
- Understand the issues related to defending Windows desktops and laptops.
Facilities and Physical Security
- Develop the ability to articulate the needs of the information technology and security program to the parts of the organisation responsible for facilities and physical security.
General Types of Cryptosystems
- Get an understanding of the three general types of cryptosystems.
Honeypots, Honeynets, Honeytokens, Tarpits
- Build knowledge of basic honeypot techniques and common tools used to set up honeypots.
Incident Handling and the Legal System
- Learn basic legal issues in incident and evidence handling.
Incident Handling Foundations
- Understand the concepts of incident handling and the six-step incident handling process.
- Develop familiarity with the theory and techniques of information warfare.
IP Terminology and Concepts
- Understand the terminology and concepts of IP protocols and how they support the Internet.
- Gain an understanding of how logging works, options for collection and processing and the uses for correlation technology.
- Learn to articulate what malicious code is, the common types of malicious code, how it propagates, and why it is such an expensive problem.
Manager's Guide to Assessing Network Engineer
- Assess the ability of a network engineer to understand network traffic.
- Build a working knowledge of the most effective business techniques from the most acclaimed books.
- Develop a familiarity with ethical issues and guidelines pertaining to IT security.
Managing Intellectual Property
- Learn to identify and protect intellectual property and intangible assets.
Managing IT Business and Program Growth in a Globalised Marketplace
- Develop knowledge of the key factors affecting globalisation and the fundamental principles to managing an IT business and achieving sustainable growth
Managing Legal Liability
- Learn how to use due diligence to manage an organisation's legal liability with emphasis on fraud and IT issues.
- Gain familiarity with guidelines for sound negotiation practices.
Managing PDA Infrastructure
- Understand the critical issues related to data stored on Personal Digital Assistant devices.
- Gain an understanding of the privacy concerns that customers typically have and solutions that can be used to maintain privacy of data.
Managing Security Policy
- Develop the skills to assess current policy, identify overall security posture of organisation, ensure that existing policy is applicable to organisation's needs and modify policy as required.
Managing Software Security
- Learn to build security into the software development process.
Managing Technical People
- Practice techniques that can be used to communicate with and manage technical staff.
Managing the Mission
- Understand how mission statements and policy keep organisations on track and how security relates to the mission.
Managing the Procurement Process
- Gain knowledge of the management responsibility for vendor selection through the primary phrases of the procurement process and learn how to provide oversight into requirements analysis, price paid, and analysis of ROI.
Managing the Total Cost of Ownership
- Understand how to apply TCO to analyse proposed solutions over their entire life cycle as well as be able to identify main areas of cost for a given project.
Methods of Attack
- Get an introductory understanding of the most common attack methods and the basic strategies used to mitigate those threats.
- Gain an understanding of OPSEC principles and offensive OPSEC techniques.
Project Management For Security Leaders
- Familiarise yourself with the terminology, concepts and five phases of project management and the role of a Project Management Office in IT/IT Security.
- Learn the basics of continuous product improvement and Deming's 14 points.
Risk Management and Auditing
- Learn the skills to evaluate and manage risk.
- Develop the ability to articulate the needs of the information technology and security program to the parts of the organisation responsible for safety.
Security and Organisational Structure
- Gain an understanding of how security integrates into organisational structure and be familiar with guidelines for recruiting and hiring IT staff.
- Get to grips with the basic structure and approach to implementation of COBIT and ISO 27002 as well as practical tools to help implement the standards.
- Learn how to promote security improvements to other managers within their organisation.
- Understand the concepts and techniques behind steganography, steganographic tools and defensive techniques.
The Intelligent Network
- Develop an understanding of the differences between a typical traditional network design and the new components that are part of an intelligent network.
The Network Infrastructure
- You will develop the ability to communicate the fundamental technologies and concepts that describe LAN and WAN network infrastructure.
Vulnerability Management - Inside View
- Learn common approaches used to gather network intelligence from organisations using commonly available tools and methods directly from the system.
Vulnerability Management - Outside View
- Understand the common approaches used to gather network intelligence from organisations using commonly available tools and methods across a network.
Vulnerability Management - User View
- Learn to factor in the impact the user can have on an organisation's risk posture.
Web Communications and Security
- An introduction to web application communications, security issues, and defenses.
Wireless Advantages and Bluetooth
- Understand the advantages that make wireless technology ubiquitous and be introduced to Bluetooth wireless technology.