GIAC GCIA : GIAC Certified Intrusion Analyst Exam
The GIAC GCIA: GIAC Certified Intrusion Analyst Exam will test a candidate on their knowledge, skills, and abilities to configure and monitor detection systems. Additionally, a candidate is also going to need to know how to read, interpret, and analyze network traffic and other related log files and data.
The GIAC GCIA exam is proctored. The test itself will contain a range of 150 questions. A candidate will be allotted approximately four hours to complete the exam, and in order to pass, he or she is going to need to obtain a minimum score of 67.3%. In order to prepare for the test, a candidate may choose to enroll in the SANS training course: SEC503: Intrusion Detection In-Depth, which is an online training course.
There will be a number of different topics that will appear on the GCIA exam. One such example is Advanced Snort Concepts. Here, a candidate will be required to demonstrate their knowledge of advanced Snort concepts such as rule ordering and reduction of false negatives and positives.
Other common topics that will be appearing on this test include Domain Name System, Examining Packet Header Fields, Network Traffic Analysis, and Microsoft Protocols. A candidate should be prepared to answer additional questions about related material.