GIAC GPEN : GIAC Penetration Tester Exam
Security personnel who assess target networks and systems to find security vulnerabilities on a regular basis are eligible to take the GIAC GPEN: GIAC Penetration Tester exam. The GPEN exam has a time limit of four hours and contains 150 questions. In order to pass and gain certification, participants must score no lower than 74.7% on the GPEN exam.
The SANS Training Course: SEC560: Network Penetration Testing and Ethical Hacking is recommended prior to taking the exam, though it is not a required prerequisite. After successfully passing the GPEN exam, the participant's certification will last for four years.
Successful candidates will come to the GIAC GPEN exam with a complete understanding of penetration-testing. This includes methodologies, the legal issues involved, and how to conduct a penetration test. Additionally, candidates must have knowledge in the best practice technical and non-technical techniques relating to a penetration test.
Specific knowledge on how to use a proxy to attack a web application, exploitation fundamentals, and advanced hash manipulation are required. Candidates also need to understand the difference between command shell and terminal access, as well as the benefits each possess.