GIAC GISP : GIAC Information Security Professional Exam
The primary audience for the GIAC GISP: GIAC Information Security Professional exam is security professionals who wish to fill the gaps in their understanding of technical information security, as well as system, security, and network administrators who wish to understand the applications of the Common Body of Knowledge. Other potential candidates for the GISP exam include managers wanting a better understanding of information security and who have some experience in information systems and networking.
Prior to taking the 250 question GISP exam, candidates are encouraged to prepare for the exam by taking the optional training course MGT414: SANS® +S™ Training Program for the CISSP® Certification Exam. During the actual exam, candidates will have a five hour time limit and must obtain a score of at least 70% in order to pass. If successful, candidates must renew their certification every four years.
The GIAC GISP exam tests a candidate's knowledge of laws, regulations, compliance, and investigations. To show that they are knowledgeable in this area, candidates must be able to prove they possess an understanding of the role that both law and ethical standings play in handing incident investigations. Additionally, candidates may be tested on their knowledge of access controls, business continuity and disaster recovery planning, cryptography, information security governance and risk management, physical and environmental security, security architecture and design, security operations, software development security, and telecommunications and network security.