Get an 12.9" iPad Pro, Surface Pro or $400 Off Online Training - Only 2 Days Left!

GIAC FAQs

GIAC Certification provides an independent method of assuring that security professionals meet a minimum standard of technical competency. Individuals who hold a GIAC Certification have demonstrated both that they know what needs to be done to secure and administer systems, and have demonstrated that they can put that knowledge into practice.

SANS Training provides a core set of educational courses designed to help you master the practical steps necessary for defending your systems and networks against the most dangerous threats - the ones being actively exploited.

For information on SANS training, registration, and portal accounts, please visit the SANS FAQ at uk.sans.org/why-sans-training/faqs.

We can be reached by e-mail at info@giac.org If you are currently enrolled in the GIAC certification program, please include your username and the email address with which you registered. Please be sure that you can receive email from giac.org, giac.net, and sans.org to ensure that you receive all correspondence from SANS and GIAC.

A certification attempt sets an objective standard or measurement of ability. Candidates who successfully pass a given certification are assumed to possess a minimum level of knowledge and skill. How well a given certification sets and measures that standard, whether the certification has value or is considered a "paper" certification, depends largely on how that certification is designed and administered.

There are a number of factors that set GIAC apart from other certification programs:

  1. Emphasis on the practical application of knowledge. While GIAC places importance on the theories and best practices behind information security, we also place a very strong emphasis on the practical application of that knowledge to "real world" situations. GIAC ensures that not only do you "know the stuff," you can also "do the work."
  2. Demonstrated ability. Students who complete technical research papers are publicly posted to the GIAC web site, both to demonstrate their ability and to help to educate others in the security field.
  3. Community focus. Both SANS and GIAC place a strong emphasis on the security community as a whole. We all must share information and learn from each other if we are to successfully protect and defend our networks and systems. There is a strong emphasis on "giving back to the community", through SANS Consensus Projects, incidents.org, student papers, and the Information Security Reading Room, to name a few.

The primary difference is that the CISSP focuses on concepts, which is of course essential. GIAC covers concepts, but focuses more on the practical skills needed to apply those concepts on the job. Another difference is that you must be a security professional with a minimum of three years of experience in the field before you are even allowed to sit for the CISSP. There is no experience requirement to sit for any of the GIAC certifications. Additional information on GIAC can be found at the FAQ link, above, or the GIAC home page at https://www.giac.org.

Current or prospective employers recognise GIAC certification as an indication of your demonstrated knowledge and skill in computer security. There are two basic differences between a GIAC certification and any other education or certification program. First, no one else covers this material! We have gone to extreme effort to fill in the gap, to identify the skills and knowledge that organizations wish their employees had and to find the faculty that could produce those courses. Second, you must master this material to pass. The "certificate suitable for framing" is not the purpose of the program. You are going to know the information and possess the skills that your employer desperately wants you to have. In fact, to earn a GIAC certification, you must prove you know how to do the tasks required. Employers who have reviewed the materials and the requirements have been unanimous in saying: "People who have this certification are exactly what we are looking for in our organization." In other words, the certifications will have the most valuable recognition of all - they'll be used to select employees for hiring and promotion.

No. Earning a GIAC certification is a separate process. Simply completing the course does not mean that you are GIAC certified.

No. SANS Training and GIAC Certification are separate programs (though GIAC certifications are based on SANS training). SANS Training is intended to provide students with the best available education in the key areas of information security. GIAC Certifications are designed to provide an objective "benchmark" to show that an individual meets a minimum standard of skill and knowledge for people who want to demonstrate this ability for themselves or for a current or prospective employer. You do not have to take the certification if you take the course, though you have the option to do so.

GIAC certification exams are non-transferable and non-refundable after you receive access to the exam material.

For information on the GIAC Certification renewal process please visit http://www.giac.org/certifications/renewal.

GIAC Certification Exams

If you fail a GIAC Certification Exam, you may purchase a retake exam for by clicking on the "Purchase Retake" link in the Certification Attempts section of the GIAC Certification Portal. Once purchased, retakes are non-refundable and non-transferable. Please click here for current pricing.

Following any GIAC exam failure, you must purchase the retake within 30 days of your listed expiration date.

When purchasing a SANS training course, the cost for the corresponding exam is $629. You may purchase an exam without formal SANS training; it is called a GIAC Certification attempt- The cost to challenge an exam is $1,099. The fee includes 2 practice exams and 1 proctored exam. Each exam will have an expiration date of 120 days (4 months) accessible from your SANS Portal Account.

Exams must be completed at a Pearson Vue testing center. For more information on the GIAC Proctor Program and its requirements, please visit http://www.giac.org/proctor

Candidates may purchase a 45-day GIAC extension. Please click here for current pricing.

15 days before your exam expires, an extension option will appear in your portal account. The extension adds 45 days to your current deadline. A maximum of 10 extensions can be purchased per certification attempt. Once you have reached this limit, your attempt cannot be extended any further. If you have purchased your GIAC exam in conjunction with an online training course, your online course access will be extended to match your GIAC deadline; however, please note associated course access will only be guaranteed for a total of one year, regardless of the number of certification attempt extensions you purchase.

You may purchase and schedule GIAC exams simultaneously. Each exam will have an expiration date of 120 days (4 months) accessible from your SANS Portal Account. Test dates will need to be scheduled prior to expiration. Should you decide to train via the SANS OnDemand online slides, notes, and assessments, you may only register for one course at a time. This training venue will only allow you to purchase and gain access to the exam separately.

GIAC exams are NOT given the day after the conference ends.

GIAC certification attempts purchased without SANS training will be activated in your SANS/GIAC account within 24 hours of purchase. GIAC certification attempts purchased with SANS training will be activated in your SANS/GIAC account 7 days after the end of the conference. In both cases, you will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam. GIAC exams are delivered online through a standard web browser.

It may take up to 4-6 weeks for your certificate to arrive in the mail. Once you pass your exam, you will be asked to confirm your name and address. Please review this information carefully to ensure for accurate and timely delivery.

No, you do not have to purchase a framed certificate. If you opt out of receiving the framed certificate, you will automatically be mailed the copy of your official paper certificate.

The 10" by 13" wall-mountable wooden frame is free, but there is an additional charge for shipping and handling:

UK: $45

GIAC does not distribute electronic copies of certificates. For proof of certification beyond the framed certificate option, your record of certification is reflected our official Certified Professionals directory: https://www.giac.org/certified-professionals/directory

Under the GIAC Proctor Policy, students are required to take their GIAC certification exams in a proctored environment. For detailed information regarding the proctor requirements, please see https://www.giac.org/proctor.

A GIAC qualified proctor will verify the identity of the student and ensure that the student does not use a phone, instant messaging software, or speak with any person during an exam. GIAC exams are open book and the student is permitted to reference texts, notes, indexes, written reference materials.

Unfortunately, we can't provide a question-by-question breakdown of what you got right and what you got wrong. If we did so, it would reveal too much information about the exam and possibly compromise the exam's integrity for future students. If you had issues with specific questions, you can note that in your exam evaluation form or send an email to examreview@giac.org We do review the exams regularly for quality and review any questions that a student flags as potentially problematic. For information regarding the Exam Feedback Procedure, please see https://www.giac.org/feedback.php

The exam breakdown is listed in the Examination section of the "Certification Information - READ ME FIRST" page in your portal account. You can also review the Certification Objectives on the Certification page.

GIAC has selected Pearson VUE as our primary partner to deliver proctored exams through their network of host locations. Pearson VUE is an industry leader and offers more than 3,500 testing centres worldwide. Please click here to find a Pearson VUE testing centre near you.

If you will be taking a GIAC proctored exam in the future and do not see a testing centre within a reasonable driving distance (1-2 hours), please email proctor@giac.org. GIAC will then contact you to help you set up an approved proctored environment. GIAC will also work with Pearson VUE to establish new testing centres where there are identified coverage gaps.

During the practice tests, each time you choose a wrong answer, you will receive the correct answer and an explanation that will help to reinforce the subject matter presented in the question. The practice tests also include a counter that shows the current number of questions that you answered either correctly or incorrectly and how many questions are left in the test.

You can tell others what you have learned, however, you cannot share the course materials, in either hard copy or electronic format of PDFs and MP3 files. A policy agreement is confirmed and accepted in the registration process that your training is not to be shared. You cannot train anyone in your organization using any of our material for any reason, even as a back-up position to you.

An additional exam attempt can be purchased. Please click here for current pricing.

Following any GIAC exam failure, there is a 30-day waiting period before a candidate can sit for the exam again. Purchasing an additional exam attempt after an exam failure extends the final certification deadline by 60 days; this includes the 30-day waiting period. The 30-day waiting period provides candidates with additional time that should be used to master the certification objectives.

The option to purchase an additional exam attempt will be made available through the Certification Attempt section of the GIAC Certification Portal.

The courses and certifications are designed to be taken either independently, or in series. Students can pursue individual courses and certifications to focus on specific areas of interest or responsibility. Or, they can be taken sequentially, to provide a progressive education in information security, from basic concepts to in-depth technical knowledge. The certification listing is sorted by category to show areas of similar study. 300 level courses are the lowest level, going up to 700 level being the most advanced courses. The GSEC is intended to ensure that graduates have a strong grounding in the fundamentals of information security and are prepared for the more specialized, technical certifications.

GIAC certifications require one proctored exam. The exam will be delivered in a proctored environment through your portal account. For more information regarding the GIAC Proctor requirements, please see https://www.giac.org/proctor. The exams are designed to test your knowledge of a subject and your ability to put that knowledge into practice. For specific certification requirements, please see the Certification Roadmap at https://www.giac.org/certifications/roadmap.php. For information on GIAC Gold certification, information will be posted at https://www.giac.org/gold as it becomes available.

There are no official prerequisites to take the GIAC certifications. Any candidate who feels that he or she has the knowledge and ability to pass the certification requirements may take the certification. However, students should be aware of the technical level of the course they wish to take. The 500 level courses are more advanced than the 400 and the 400 more advanced than the 300. Be certain you are not starting at a level that is more difficult than you are prepared for. Some class descriptions provide an assessment test to make sure you are prepared for that level course, such as Sec502 and Sec503 which assume that the student has a working knowledge of the technology in question and a firm grasp of TCP/IP. Please note that currently, some GIAC certifications are only offered in conjunction with a corresponding SANS training course. This is a temporary measure intended to allow us to fine-tune our certification process - to make sure that the exams are fair and objective, and that the courses themselves are comprehensive. A number of certification attempts are available for outright purchase: https://www.giac.org/registration/cert-attempt

No. Security Essentials, Operations Essentials, Audit Essentials, and Management Essentials are all good starting points for the given area of study if you want a broad overview of security topics as opposed to focusing on a specific technology.

The requirement for earning GIAC certification is one proctored exam, which demonstrates the candidate's knowledge of the subject matter. If a candidate wishes to further distinguish him or herself, GIAC Gold is a second level of certification which requires completion of a technical paper. Technical papers will cover an important area of security related to the certification the student is seeking. After completing the exam necessary to pass the GIAC certification, students will have the option to apply for GIAC Gold Certification through their portal account. Candidates will work closely with an adviser through the process of developing their technical report. Once complete, the technical report will be reviewed for acceptance into the SANS Reading Room and the student earning GIAC Gold.

Information on GIAC Gold can be seen at https://www.giac.org/gold. Further information will be posted as it becomes available.

To receive honors status, a student must hold a GIAC certification in which they have received a 90 or better on either of their exams.

By submitting your paper to GIAC, you are giving us the right to post it on our web site. We are also giving you the opportunity to be published. All certified students can find their papers posted under the appropriate certification listing. Naturally some papers are stronger or hold more community value than others. The best of the papers will also be placed in the Reading Room. It is an honor to be posted there, beyond the listing of all students.

The GIAC Security Expert (GSE) is intended to represent the elite of the information security field.

GIAC Exam Technical Issues

We have developed an automated test that you can use to help determine if you are likely to have problems during an exam. While nothing can predict with 100% accuracy whether you will or will not have problems, running this automated test will give you a much better idea of the likelihood. GIAC STRONGLY encourages all candidates to run this assessment test prior to taking a certification exam. We will be unable to provide you with any connectivity-related assistance unless the automated assessment was completed prior to the start of the exam.

Follow the steps shown below to run the automated assessment:

  1. Log into your portal account
  2. Go to uk.sans.org/assessments/math.php
  3. Click "Get your Free Exam"
  4. Click "Practice Exams"
  5. Select "Automated Math Test Exam" and click the "Select Exam" button.
  6. Carefully read the instructions then select your network connection speed.
  7. Click "Start Exam"
  8. After the exam is finished, make a note of how long the exam took, then click the "Home" button.

A good rule of thumb is that if the automated test takes more than 11 minutes then you are likely to have problems during the exam. In these cases you should look for items like the ones addressed in the questions below, make any necessary corrections, and then retest. In some cases it may be necessary to check during non-peak hours or simply to take your exam from another location if you are consistently seeing problems.

When starting the exam, if you see the error message stating that Javascript is disabled you will need to enable Javascript in your browser and/or disable any script-blocking plug-ins that are running in order to start your exam.

During an exam you occasionally get pages that take a long time (more than 30 seconds) to load while other pages load normally.

This can be caused by a number of different things. They are all generally related to a lack of available bandwidth. This is generally a greater problem for dial-up and lower speed broadband users. Some things to check include:

  • Ensuring that you are not concurrently downloading large files or multiple files from different locations.
  • That you do not have any file sharing or peer-to-peer applications running on the desktop.
  • That you do not have any additional browser windows or tabs open, especially to streaming audio or VOD sites.
  • If you have a low bandwidth connection ensure that it's not being used by other people, especially for any of the items listed above.
  • Remember that VoIP, VPNs, and items of that nature can be extremely bandwidth intensive.

Getting "The page cannot be displayed" error after submitting an answer may happen consistently or occasionally.

"The page cannot be displayed" indicates that your browser cannot connect to our exam engine. This could be caused by anything from temporary loss of Internet connectivity to improperly configured proxies and firewalls. If you get this error in the middle of an exam you will need to click the refresh button to reload the page.

Verification: Go to the following sites:

If the last octet of your IP address changes for any of the sites this is a likely indication of a load balancing firewall or proxy issue. Some organizations use multiple load balanced firewalls which makes it appear to our servers that the client machine has rolling IP address. Requests going out one firewall are routed back in through a different one and the connection is dropped as a result.

If you're having this problem, add a persistent rule for sans.org and giac.org so that the same firewall would be used all the time.