GIAC Security Essentials (GSEC) Certification

  1. GSEC Information

5 Myths of Cloud Computing - HP

7 Deadly Network Security Sins: A Guide for Protection

Best Practices for Making BYOD Simple and Secure




What is the GSEC certification?
The GIAC Security Essentials (GSEC) Certification is a vendor-neutral I.T. security certification aimed at experienced I.S. security professionals. It is administered by the Global Information Assurance Certification (GIAC) which is an organization that specializes in both technical and practical certifications. The GIAC was founded by the SANS Institute (a private U.S. company) back in 1999 and this is reflected in the commonality between the GSEC exam and training courses offered by the SANS Institute. Candidates are not, however, required to undergo SANS training in order to take the GSEC exam.
Who is the GSEC certification for?
The GSEC certification is aimed at I.T. professionals who wish to demonstrate proficiency and understanding when dealing with the myriad of security challenges facing modern corporate I.T. environments. For I.T. professionals who deal with security issues as part of their everyday duties the GSEC credential implies an understanding of information security beyond a cursory level. As the name implies, the exam tests security ‘essentials’, meaning that a broad range of topics are tested. The GSEC certification is not the most in-depth security credential on the market, but neither is it an entry-level security credential.
Are there any prerequisites needed for the GSEC certification?
There are no special prerequisites for taking the GSEC exam. Candidates are not required to undertake any specific training, have any minimum relevant work experience, nor hold any previous security certification.
What does the GSEC exam cover?
There are over 60 specialist areas of expertise tested in the GSEC exam, including:
  • Access Control
  • Contingency Planning
  • Crypto Concepts
  • DNS
  • Firewalls
  • IPv6
  • Linux/Unix
  • Network Design
  • Physical Security
  • Risk Management
  • TCP
  • UDP
  • Viruses
  • Windows Auditing
  • Wireless, etc.
For a full list of topics potentially covered in the exam, click here.
How do I earn the GSEC certification?
Candidates wanting to earn the GSEC certification need to pass one computer-based exam consisting of 180 questions with a 5-hour time limit (candidates may take one 15-minute break during the exam at their own discretion). The passing score for the GSEC exam is 73%.

The exam is ‘open book’ meaning that candidates may bring into the testing facility with them any printed notes, text books and other similar material that they wish. Candidates may not bring in smart phones, tablets, USB drives or similar electronic devices, nor have access to searchable files such as word documents, PDF’s and the like.
How much does the GSEC exam cost?
The GIAC Certified Forensics Analyst (GSEC) exam costs US$1049. The fees must be paid up front and the candidate has 4 months from the approval of their application to take the exam.
Where can I take the GSEC exam?
GSEC exams are proctored through Pearson VUE testing facilities worldwide. Before paying the GSEC exam fee make sure to check ahead with your nearest testing facility to ascertain their location, current exam costs and availability of the GSEC exam.

Before scheduling an exam date, candidates will need to register an account with SANS/GIAC.
GSEC recertification requirements
The GSEC credential is valid for 4 years. Before the end of the 4 year period the candidate will need to earn a total of 36 Continuing Professional Education (CPE) credits (during the latter two years of their certification life-cycle) in order to renew their certification. To earn those credits, candidates have the option to either retake the GSEC exam (worth all 36 credits) or earn the required amount of CPE’s through a variety of ways such as attending accredited training (either as a student or trainer), work experience, GIAC/SANS community participation, published work, etc. The amount of CPE’s earned for each activity varies. Candidates should refer to the current CPE earning options published on the GIAC website, here.

Candidates who hold more than one GIAC certification are required to complete the CPE requirement for each exam every four years.

Irrespective of the renewal method chosen, a certification maintenance fee is required to be paid. At the time of writing this was set at US$399 every four years.

Candidates who do not pay the required fee and meet the recertification requirements will be listed as ‘GSEC expired’.