GIAC GSNA : GIAC Systems and Network Auditor Exam
Though it's not required, the SANS training course: AUD507: Auditing Networks, Perimeters & Systems may help to prepare exam candidates for the GIAC GSNA: GIAC Systems and Network Auditor exam. Regardless of whether the candidate takes the training course, they should have the knowledge and abilities to apply risk analysis techniques and technical audits of essential information systems prior to taking the exam.
The GIAC GSNA exam bestows a certification which lasts for four years. In order to gain certification, candidates must achieve a score of 70% or better on the 150 question exam. Candidates will have a time limit of four hours to take the GSNA exam.
During the GIAC GSNA exam, candidates will be tested on their grasp of basic auditing terms and concepts. They will need to prove that they have familiarity with the entire audit process, including baselines, time based security concepts, and how risk assessment is used. Examples of systems that the candidate needs to have the ability to audit include Firewall, Intrusion Detection, web applications, Windows access and permissions, and Intrusion Prevention. Candidates must also demonstrate their ability to run a vulnerability assessment.