🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
GISF
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
GISF GIAC Certifications Coming Soon

GISF

The GISF certification teaches foundational cybersecurity terminology, network and host security basics, access control, password management, and security policy fundamentals, enabling beginners to recognize threats and apply essential controls.

120
Minutes
75
Questions
71/100
Passing Score
$979
Exam Cost

Who Should Take This

It is ideal for entry‑level IT professionals, recent graduates, or career changers who have limited hands‑on security experience but want to build a solid knowledge base. These learners aim to validate their understanding of core security concepts and prepare for roles such as security analyst, junior administrator, or compliance associate.

What's Covered

1 Domain 1: Cybersecurity Terminology and Concepts
2 Domain 2: Network Security Fundamentals
3 Domain 3: Host Security
4 Domain 4: Access Control and Password Management
5 Domain 5: Security Policy and Risk Management

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

74 learning goals
1 Domain 1: Cybersecurity Terminology and Concepts
4 topics

Core Security Principles

  • Define the CIA triad including confidentiality, integrity, and availability and describe how each principle applies to protecting information assets in an organization.
  • Identify the concepts of non-repudiation, authentication, and authorization and describe how they support accountability in information security systems.
  • Describe the defense-in-depth security model and identify how layered controls including physical, technical, and administrative safeguards reduce overall risk exposure.
  • Differentiate between preventive, detective, corrective, deterrent, and compensating security controls and identify appropriate examples of each type.

Threat Landscape

  • Identify common threat actors including nation-states, hacktivists, insider threats, organized crime, and script kiddies and describe their typical motivations and capabilities.
  • Define common attack vectors including phishing, drive-by downloads, watering hole attacks, supply chain compromise, and removable media and recognize indicators of each.
  • Describe the cyber kill chain model phases including reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives.
  • Analyze a given attack scenario to identify which phase of the cyber kill chain is being executed and recommend appropriate defensive measures for disruption.

Malware and Malicious Software

  • Identify major malware categories including viruses, worms, Trojans, ransomware, spyware, adware, rootkits, and keyloggers and describe the primary propagation method of each.
  • Describe how antivirus and anti-malware tools use signature-based detection, heuristic analysis, and behavioral monitoring to identify and quarantine malicious software.
  • Analyze symptoms of a malware infection including unexpected network traffic, degraded system performance, unauthorized file modifications, and suspicious process activity.

Social Engineering and Human Factors

  • Define social engineering attack types including phishing, spear phishing, whaling, vishing, smishing, pretexting, baiting, and tailgating and identify the psychological principles each exploits.
  • Apply social engineering awareness training principles to identify red flags in suspicious emails including spoofed sender addresses, urgent language, and mismatched URLs.
  • Evaluate the effectiveness of organizational security awareness programs and recommend improvements based on phishing simulation results and user reporting metrics.
2 Domain 2: Network Security Fundamentals
4 topics

Network Models and Protocols

  • Identify the seven layers of the OSI model and describe the primary function and common protocols associated with each layer from physical through application.
  • Describe the TCP/IP protocol suite including the roles of TCP, UDP, IP, ICMP, ARP, and DNS in enabling network communication and name resolution.
  • Describe the TCP three-way handshake process including SYN, SYN-ACK, and ACK packets and explain how connection state management supports reliable data delivery.
  • Differentiate between IPv4 and IPv6 addressing schemes including address format, subnet notation, and the security implications of each protocol version.

Network Security Devices and Technologies

  • Describe the functions of firewalls including packet filtering, stateful inspection, and application-layer gateways and identify where each type is deployed in a network architecture.
  • Identify the differences between network-based intrusion detection systems and intrusion prevention systems and describe how signature-based and anomaly-based detection methods function.
  • Apply network segmentation principles using VLANs, DMZ architecture, and network access control lists to isolate sensitive systems and reduce the attack surface.
  • Describe the purpose and operation of proxy servers, reverse proxies, and web application firewalls in protecting web-facing applications and filtering traffic.
  • Evaluate a network diagram to identify security weaknesses including missing segmentation, exposed management interfaces, and inadequate monitoring points.

Wireless and Remote Access Security

  • Identify wireless security protocols including WEP, WPA, WPA2, and WPA3 and describe the encryption mechanisms and known vulnerabilities of each standard.
  • Describe VPN technologies including IPsec and SSL/TLS VPN tunnels and explain how they provide confidentiality and integrity for remote access connections.
  • Recognize common wireless attacks including evil twin access points, deauthentication attacks, and rogue access points and describe countermeasures for each.
  • Assess wireless network configurations to determine whether appropriate security controls including WPA3-Enterprise, 802.1X authentication, and SSID management are in place.

Common Network Attacks

  • Identify common network attacks including denial of service, distributed denial of service, man-in-the-middle, ARP spoofing, DNS poisoning, and SYN flooding.
  • Describe how port scanning tools such as Nmap perform host discovery and service enumeration and recognize the security implications of open ports and running services.
  • Analyze network traffic patterns to differentiate between normal traffic and indicators of common attacks including port scans, SYN floods, and brute force attempts.
3 Domain 3: Host Security
4 topics

Operating System Security

  • Describe operating system hardening techniques including disabling unnecessary services, removing default accounts, applying security baselines, and configuring host-based firewalls.
  • Identify the security differences between Windows and Linux operating systems including user privilege models, file permission systems, and built-in security features.
  • Describe the importance of patch management processes including vulnerability scanning, patch testing, deployment scheduling, and rollback procedures.
  • Evaluate host security configurations to determine compliance with security baselines such as CIS Benchmarks and identify deviations requiring remediation.

Endpoint Protection

  • Describe endpoint protection technologies including antivirus software, endpoint detection and response agents, host-based intrusion prevention, and application whitelisting.
  • Apply mobile device security controls including device encryption, remote wipe capabilities, mobile device management enrollment, and app store restrictions.
  • Describe data loss prevention strategies including classification labeling, content inspection, endpoint DLP agents, and removable media controls.

Web and Application Security Basics

  • Identify common web application vulnerabilities from the OWASP Top 10 including injection, broken authentication, cross-site scripting, and insecure deserialization.
  • Describe secure browsing practices including HTTPS verification, certificate validation, browser security settings, and the role of content security policies.
  • Assess the risk of a web application vulnerability by considering its exploitability, potential impact on confidentiality and integrity, and available mitigations.

Data Protection and Backup

  • Describe data backup strategies including full, incremental, and differential backups and identify appropriate retention policies and off-site storage requirements.
  • Apply data classification schemes including public, internal, confidential, and restricted labels and describe appropriate handling procedures for each classification level.
  • Describe secure data disposal methods including degaussing, physical destruction, cryptographic erasure, and secure overwriting standards for different media types.
4 Domain 4: Access Control and Password Management
4 topics

Authentication Mechanisms

  • Identify the three authentication factors including something you know, something you have, and something you are and provide examples of each factor type.
  • Describe multi-factor authentication implementation including TOTP, hardware tokens, push notifications, and biometric verification and explain why MFA reduces credential theft risk.
  • Describe single sign-on and federated identity concepts including SAML, OAuth, and OpenID Connect and identify the trust relationships required for federated authentication.
  • Evaluate an authentication architecture to determine whether it meets security requirements for a given risk level considering factors such as user experience and threat model.

Access Control Models

  • Define access control models including discretionary access control, mandatory access control, role-based access control, and attribute-based access control and describe their enforcement mechanisms.
  • Apply the principle of least privilege to assign user permissions and describe how separation of duties and need-to-know restrictions limit unauthorized access to sensitive resources.
  • Describe account lifecycle management processes including provisioning, periodic access reviews, privilege escalation procedures, and timely deprovisioning upon role change or termination.
  • Assess an access control implementation to identify violations of least privilege including excessive permissions, orphaned accounts, and shared credential usage.

Password Security

  • Describe password security best practices including minimum length requirements, complexity rules, password history enforcement, and the benefits of passphrase-based approaches.
  • Identify common password attack methods including brute force, dictionary attacks, credential stuffing, rainbow table lookups, and password spraying and describe countermeasures for each.
  • Describe how password hashing algorithms including bcrypt, scrypt, and Argon2 store credentials securely and explain the role of salting in preventing rainbow table attacks.
  • Apply password manager usage principles to reduce credential reuse and describe how organizational password vaults improve security posture across enterprise environments.

Physical Security Controls

  • Identify physical security controls including badge access systems, security cameras, mantraps, cable locks, and environmental controls and describe their role in protecting information assets.
  • Describe physical access control procedures for data centers including visitor management, escort policies, server rack locking, and environmental monitoring for temperature and humidity.
5 Domain 5: Security Policy and Risk Management
5 topics

Security Policies and Governance

  • Define the hierarchy of security documentation including policies, standards, procedures, and guidelines and describe the purpose and audience for each document type.
  • Describe the components of an acceptable use policy including authorized activities, prohibited behaviors, monitoring notice, and consequences of policy violations.
  • Identify key security governance roles including CISO, security officer, data owner, data custodian, and system administrator and describe their responsibilities.

Risk Management Fundamentals

  • Define risk management terminology including threat, vulnerability, risk, impact, likelihood, asset value, and exposure and describe how these elements relate in a risk equation.
  • Describe qualitative and quantitative risk assessment methods including risk matrices, single loss expectancy, annual loss expectancy, and annual rate of occurrence calculations.
  • Identify risk treatment options including risk avoidance, risk mitigation, risk transfer, and risk acceptance and describe when each strategy is appropriate.
  • Evaluate a risk scenario to recommend appropriate treatment strategies based on asset value, threat likelihood, vulnerability severity, and organizational risk appetite.

Regulatory Compliance and Legal Considerations

  • Identify major regulatory frameworks and standards including HIPAA, PCI DSS, GDPR, SOX, and NIST Cybersecurity Framework and describe their scope and primary requirements.
  • Describe the purpose of security audits, compliance assessments, and third-party risk evaluations in maintaining regulatory adherence and organizational accountability.
  • Describe legal concepts relevant to information security including intellectual property, privacy law, computer crime statutes, and data breach notification requirements.

Incident Response and Business Continuity

  • Describe the phases of the incident response lifecycle including preparation, identification, containment, eradication, recovery, and lessons learned as defined by NIST SP 800-61.
  • Describe business continuity planning concepts including business impact analysis, recovery time objectives, recovery point objectives, and disaster recovery site types.
  • Analyze an incident scenario to determine the appropriate response phase and identify the key actions required for containment and evidence preservation.

Cryptography Fundamentals

  • Define symmetric and asymmetric encryption and identify common algorithms including AES, 3DES, RSA, and elliptic curve cryptography and their typical use cases.
  • Describe the role of digital certificates, certificate authorities, and public key infrastructure in establishing trust and enabling secure communications over untrusted networks.
  • Describe hashing algorithms including MD5, SHA-1, SHA-256, and SHA-3 and explain how hashing provides integrity verification and supports digital signature operations.
  • Differentiate between encryption at rest and encryption in transit and identify appropriate protocols including TLS, IPsec, and full-disk encryption for each scenario.

Scope

Included Topics

  • All domains in the GIAC Information Security Fundamentals (GISF) certification aligned to SANS SEC301: Cybersecurity Terminology and Concepts, Network Security Fundamentals, Host Security, Access Control and Password Management, and Security Policy and Risk Management.
  • Foundational cybersecurity knowledge including the CIA triad, common threat categories, malware types, social engineering techniques, network protocols, OSI and TCP/IP models, firewall and IDS concepts, operating system hardening, password policies, authentication mechanisms, risk assessment frameworks, and security governance.
  • Core security tools and concepts including antivirus software, encryption basics, VPN fundamentals, wireless security standards, patch management, backup strategies, incident response overview, and basic security policy development.
  • Practical security awareness covering phishing identification, safe browsing practices, physical security controls, and regulatory compliance fundamentals such as HIPAA, PCI DSS, and GDPR overview.

Not Covered

  • Advanced penetration testing techniques, exploit development, and red team operations beyond the scope of SEC301.
  • Deep cryptographic algorithm implementation, key exchange protocol internals, and mathematical foundations of encryption.
  • Enterprise SIEM deployment, advanced log correlation, and SOC operations at the analyst level.
  • Cloud-native security architectures, container security, and serverless security patterns.
  • Digital forensics evidence handling, chain of custody procedures, and forensic imaging techniques.

Official Exam Page

Learn more at GIAC Certifications

Visit

GISF is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified

Trademark Notice

GIAC® is a registered trademark of Global Information Assurance Certification (a subsidiary of the SANS Institute). GIAC does not endorse this product.

AccelaStudy® and Renkara® are registered trademarks of Renkara Media Group, Inc. All third-party marks are the property of their respective owners and are used for nominative identification only.