GIAC Certified Enterprise Defender (GCED)

Home > Products > GIAC Certified Enterprise Defender (GCED)

GIAC Certified Enterprise Defender (GCED)

The GIAC Certified Enterprise Defender (GCED) certification builds on the security skills measured by the GIAC Security Essentials certification. It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. GCED certification holders have validated knowledge and abilities in the areas of defensive network infrastructure, packet analysis, penetration testing, incident handling and malware removal.

Duration :5 Days
Exam :SEC501
Language :English
Level :Intermediate

Unlock Special Offers Today!

Use Code TWO10 for 10% Off When You Book Two Seats.

Special Offers

GIAC Certified Enterprise Defender (GCED)

Course Details:

Duration : 5 Days
Language : English

See Price Now

Course Summary

The experience of continuous adversary activity, of increasing magnitude, leading to frequent attacks, and the inevitable compromise which too often results in data loss and leakage. Enterprises must have cross-trained professionals fully prepared to contribute meaningfully to CERT/CSIRT activities when required. Experienced technologists who are exploring cyber career pathways and looking for hands-on practical experience with cutting-edge tools of the trade will find what they need in SEC501: Advanced Security Essentials-Enterprise Defender. It is the only course that provides training across cybersecurity sub-disciplines in the tools and techniques used daily to defend the enterprise. Full-day course topics cover defending network architecture, penetration testing, security operations, DFIR/CERT/CSIRT, and malware analysis. Twenty five labs, conducted in-class, provide hands-on experience with real-world tools (e.g., Cisco routers, Covenant, Metasploit, Nessus, Nmap, Procmon, Snort, SOF-ELK, TShark, Wireshark, etc.) in each of these areas, demonstrating:

active defense
attacks against network devices (and defenses)
digital artifact collection
forensic data recovery
interactive behavioral analysis of malware
intrusion detection and Snort signature creation
log aggregation and correlation
manual code reversing
network forensics
network scanning and enumeration
packet and protocol analysis
password cracking
super timeline analysis
system exploitation and post-expolitation pivoting
vulnerability assessment
web application scanning and attacks

Defending Network Protocols
The candidate will demonstrate an understanding of commonly-used network protocols and how to defend against protocol attacks. The candidate will demonstrate knowledge of audit techniques and the Center for Internet Security’s benchmarks and Critical Security Controls.
Defensive Infrastructure and Tactics
The candidate will demonstrate basic knowledge of network and cloud-based infrastructure defensive measures, including common detective and preventive controls.
Digital Forensics Concepts and Application
The candidate will demonstrate an understanding of methods and practices of digital forensics. The candidate will demonstrate proficiency in identification of forensic artifacts.
Incident Response Concepts and Application
The candidate will demonstrate an understanding of continuous incident response processes, and their relationship to threat intelligence practices and the Cyber Kill Chain.
Interactive and Manual Malware Analyses
The candidate will demonstrate an understanding of interactive malware behavior analysis, knowledge of analysis tools, and ability to interpret the analysis results. The candidate will demonstrate an understanding of manual malware code reversal, disassembly and decompiling, and of code obfuscation techniques used by malware.
Intrusion Detection and Packet Analysis
The candidate will demonstrate an understanding of intrusion prevention systems, their placement in the enterprise, and their configuration and tuning. The candidate will demonstrate proficiency in taking action in response to alerts.
Malware Analysis Concepts and Basic Analysis Techniques
The candidate will demonstrate an understanding of the various types of malware, identify symptoms of infection, and methods to analyze malware safely. The candidate will demonstrate an understanding of the benefits and disadvantages of automated and static malware analysis techniques, and to interpret their results.
Network Forensics, Logging, and Event Management
The candidate will demonstrate an understanding of using logs and flows in network forensics, the importance of logging and event management in security operations, and the usage of a SIEM and Security Analytics.
Network Security Monitoring Concepts and Application
The candidate will demonstrate knowledge of devices that are used in SOCs to monitor networks, their understanding of packet types, packet capture tools, the practice of continuous network monitoring, and advanced issues such as monitoring encrypted traffic.
Penetration Testing Application
The candidate will demonstrate familiarity and proficiency using penetration testing tactics and tools against typical types of penetration test targets.
Penetration Testing Concepts
The candidate will demonstrate knowledge of penetration testing scoping, rules of engagement, the tools and tactics used in penetration tests, and reporting test results to the intended audience.

There are currently no prerequisites for this course. However it is recommended that students take 's SEC401: Security Essentials: Network, Endpoint, and Cloud course or similar skills.

proctored exam 115 questions 3 hours Minimum passing score of 69%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.

Send as a Prefilled Cart Request Custom Delivery

Questions About This Course?

Other Popular Courses

Next Generation Mindfulness

Duration: 1 Days
Language: English
Level: Foundation
Exam: NGM

Select options

See Price

Dates & Details

Nutanix Multicloud Infrastructure Design (NMC...

Duration: 1 Days
Language: English
Level: Advanced
Exam: Nutanix Certifi

Select options

See Price

Dates & Details

CertNexus: CyberSec First Responder (CFR)

Duration: 5 Days
Language: English
Level: Advanced
Exam: CFR-410

Select options

See Price

Dates & Details

Find Your Course

AI, Machine learning, Analytics & Robotics

Business Applications

Cloud

IT & Cyber Security

IT Enterprise Systems & Architecture

IT Infrastructure & Networking

IT Service Management

Project, Agile & Programme Management

Soft Skills - Leadership & Communication

Software Engineering