GIAC Security Essentials Certification (GSEC) Training

Commitment 5 Days, 7-8 hours a day.
Language English
User Ratings Average User Rating 4.8 See what learners said
Delivery Options Instructor-Led Onsite, Online, and Classroom Live


GIAC Security Essentials Certification (GSEC) Training: With the rise in advanced persistent threats, it is almost inevitable that organizations will be targeted. Whether the attacker is successful in penetrating an organization’s network depends on the effectiveness of the organization’s defense. Defending against attacks is an ongoing challenge, with new threats emerging all of the time, including the next generation of threats. Organizations need to understand what really works in cybersecurity. What has worked, and will always work, is taking a risk-based approach to cyber defense. Before your organization spends a dollar of its IT budget or allocates any resources or time to anything in the name of cybersecurity, three questions must be answered:

  • What is the risk?
  • Is it the highest priority risk?
  • What is the most cost-effective way to reduce the risk?

Security is all about making sure you focus on the right areas of defense. You will learn the language and underlying theory of computer and information security. You will gain the essential and effective security knowledge you will need if you are given the responsibility for securing systems and/or organizations.

Areas Covered
  • Defense in depth, access control, and password management
  • Cryptography: basic concepts, algorithms and deployment, and application
  • Cloud: AWS fundamentals, Microsoft cloud
  • Defensible network architecture, networking and protocols, and network security
  • Incident handling and response, data loss prevention, mobile device security, vulnerability scanning and penetration testing
  • Linux: Fundamentals, hardening and securing
  • SIEM, critical controls, and exploit mitigation
  • Web communication security, virtualization and cloud security, and endpoint security
  • Windows: access controls, automation, auditing, forensics, security infrastructure, and services
Exam Format
  • 1 proctored exam
  • 106-180 questions
  • A time limit of 4-5 hours
  • A minimum passing score of 73%

Note: GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GSEC exam has been determined to be 73% for all candidates receiving access to their certification attempts on or after August 6th, 2017. To verify the format and passing point of your specific certification attempt, read the Certification Information found in your account at

Meets 8570.1 requirements

This GIAC Security Essentials Certification (GSEC) Training course features intense training, and the exam is significant to IA workers in the DoD space, providing certification towards government security requirements. This includes the U.S. Department of Defense Directive 8140/8570.01 mandate that department employees or contractors engaged in work related to information security be required to certify. The directive specifies GSEC as a choice for Information Assurance Technician Level II.

  • 5 days of GIAC Security Essentials Certification (GSEC) Training with a leading security expert
  • GSEC Courseware and Study Guide
  • GSEC sample exam questions
  • Certificate of Completion
  • 100% Satisfaction Guarantee



Upon completion, the GIAC Security Essentials Certification (GSEC) Training candidate will be able:

  • To develop effective security metrics that provide a focused playbook that IT can implement, auditors can validate, and executives can understand
  • To analyze and assess the risk to your environment in order to drive the creation of a security roadmap that focuses on the right areas of security
  • Practical tips and tricks to focus on high-priority security problems within your organization and on doing the right things that will lead to security solutions that work
  • Why some organizations are winning and some are losing when it comes to security and, most importantly, how to be on the winning side
  • The core areas of security and how to create a security program that is anchored on PREVENT-DETECT-RESPOND.
  • We can adapt this GIAC Security Essentials Certification (GSEC) Training course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this GIAC Security Essentials Certification (GSEC) course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the GIAC Security Essentials Certification course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the GIAC Security Essentials Certification (GSEC) course in a manner understandable to lay audiences.

The target audience for this GIAC Security Essentials Certification (GSEC) Workshop course:

  • Anyone new to information security who has some background in information systems & networking
  • Security professionals
  • Security managers
  • Operations personnel
  • IT engineers and supervisors
  • Security administrators
  • Forensic analysts
  • Penetration testers
  • Auditors

The knowledge and skills that a learner must have before attending this GIAC Security Essentials Certification (GSEC) are:

  • Twelve to 24 months of experience working with information systems and networking is recommended prior to enrolling in the GSEC workshop.


Day 1: Security controls
  • Introduction and course overview
  • Understanding security controls
    • Common attack methods
    • Advanced persistent threats
    • Basic defensive strategies
    • Critical security controls
    • Access control
    • Authentication and password management
    • Implementing defense in depth
    • Active defense methods and techniques
Day 2: Risk management and cryptography
GIAC Security Essentials Certification (GSEC) Training – Risk management
  • Cybersecurity risk terminology
  • Threat assessment process
  • Vulnerability management
  • Penetration testing techniques
  • Purpose and components of security policy
  • Business continuity and disaster recovery planning
  • Handling cyber incidents
  • Logging, monitoring, and SIEM
  • Cryptographic concepts and terminology
  • Cryptographic algorithms
  • Hash functions
  • Applying cryptography
Day 3: Network security and virtualization
Network security
  • Networking fundamentals
  • Protocols and protocol stacks
  • Securing network devices
  • Network security devices
  • Endpoint security devices
  • Intrusion-resistant network architecture
  • Securing wireless networks
Virtualization, cloud, and web security
  • Virtualization fundamentals
  • Virtualization risks
  • Securing cloud services
  • Common web application vulnerabilities
  • Secure web communications
Day 4: Windows and Linux security
GIAC Security Essentials Certification (GSEC) Training – Securing Windows
  • Windows OS security features overview
  • Applying permissions and privileges
  • Group policy
  • Security templates
  • Network services security
  • Managing service packs and hotfixes
  • Backups and restoration
  • Auditing Windows hosts
Securing Linux
  • Linux security features overview
  • Access control on Linux systems
  • Hardening Linux
  • Logging and monitoring

Day 5: Exam Review

  • GSEC exam review
GIAC Security Essentials Certification (GSEC) TrainingGIAC Security Essentials Certification (GSEC) Training Course Recap, Q/A, and Evaluations


    Are you Human?