Feb 2022 by MARIA FORSBERG
With the GICSP certification, professionals who design or support control systems and share responsibility for their security can demonstrate a basic level of understanding. This certification has no prerequisite requirements, but it is no walk in the park. A written test is required for all applicants and you can get prepared in a 5-day instructor-led course
You'll need a basic understanding of computer networking and security concepts to succeed in this course. Understanding networking protocols, such as those covered by the CompTIA Network+ certification is also a requirement.
GIAC reserves the right to alter the requirements for any certification at any time and without prior notice to the applicant or recipient. GICSP exam candidates who begin taking their certification exams on or after November 19th, 2018, will need to achieve a passing score of 71% based on a scientific study of passing points.
ICS Operating System Security Hardening
The candidate can describe how to secure Windows and Unix-like operating systems in an ICS environment. Endpoint security software, as well as hardening and patching are necessary.
Compromises and Communications in the ICS
They should be able to explain how communications in an industrial control system are structured and how they can be hacked. At a basic level, the candidate should also explain how cryptography protects communications.
Intelligence gathered by the ICS.
WHEN NECESSARY, an ICS threat landscape can be determined by investigating information leakage points and logs and honeypots.
ICS Level 0 and 1 Technology Overview and Compromise
The candidate should be able to describe and summarize devices and technologies at levels 0 and 1 and the methods used to target and attack those devices and technologies.
ICS Level 2 and 3 Technology Overview and Compromise
They should be able to describe and summarize level 2 and level 3 devices/technologies and their use in various attacks.
ICS Overview and Concepts
The candidate can summarize high-level assets in the Purdue model levels zero through three. The candidate will make SCADA versus DCS comparisons.
The fundamentals of ICS procurement, architecture, and design
By contrast, the candidate will be able to explain how ICS differs from more traditional IT structures. The candidate will demonstrate an understanding of how procurement and physical security can be integrated into an ICS network architecture that is secure and dependable. – Each level and zone of the secure ICS architecture, as well as the devices deployed at each level and zone, will be summarized by the candidate.
ICS Program and Policy Development
The candidate will summarize building and enforcing security policies for an ICS.
Compromises and Wireless ICS Technologies.
They should summarize the various wireless communication technologies used in an ICS, their target, and defense mechanisms.
Risk-Based Disaster Recovery and Incident Response.
Disaster recovery and incident response can be guided by the candidate's knowledge of risk measurement.
Discover the science and thoughts of leaders in the Skills-First Economy. Fill in your email to subscribe to monthly updates.
Through years of experience working with more than 1000 top companies in the world, we ́ve architected the Readynez method for learning. Choose IT courses and certifications in any technology using the award-winning Readynez method and combine any variation of learning style, technology and place, to take learning ambitions from intent to impact.