GIAC Critical Infrastructure Protection (GCIP)
What is GCIP?
The bulk electric system or “the grid” is arguably the most critical of the critical infrastructures demanding that personnel charged with supporting it, understand the impact of their actions and inactions with regard to system reliability, safety and security. The GIAC Critical Infrastructure Protection will help validate that the professionals who access, support and maintain the critical systems that keep the grid running have an understanding of the regulatory requirements of NERC CIP as well as practical implementation strategies to achieve both regulatory compliance and its cyber security objectives.
Who Should Attend?
This course is designed for:
- ICS cyber security practitioners
- Field support personnel
- Security operations analysts
- Incident response analysts
- Compliance staff
- Team leaders and managers
- Vendors
- Auditor
Learning Objectivies:
The topic areas for each exam part following:
- BES Cyber System Categorization: Knowledge of Attachment 1 Criteria, Operational Effects and Impacts, NERC Functional Model, BES Reliability Operating Services, BES Cyber Asset Identification
- Configuration Change Management and Vulnerability Assessments: Knowledge of Change Management, Configuration Monitoring, Vulnerability Assessment, Transient Cyber Assets, Removable Media
- Electronic Security Perimeter(s): Knowledge of Electronic Security Perimeter Architecture, External Routable Connectivity communication, Access Rules, Dial-Up, Malicious Communication Detection, Intermediate Systems and Interactive Remote Access, Multi-factor Authentication
- Incident Reporting and Response Planning: Knowledge of Incident Response Plan, Incident Response Plan Testing and Exercise, Incident Response Plan Reporting
- Information Protection: Knowledge of Information Protection Program, Identification, Classification, Protection, Disposal, Reuse
- NERC CIP Terms and Definitions: Knowledge of terms and definitions relevant to BES, NERC, and CIP
- Personnel & Training: Knowledge of Awareness Program, Cybersecurity Training Program, Personnel Risk Assessment, Access Management Program
- Physical Security of BES Cyber Systems: Knowledge of Physical Security Plan, Physical access controls, Visitor control program, Maintenance and Testing, Monitoring, Logging and Alerting
- Recovery Plans for BES Cyber Systems: Knowledge of Recovery Plan, Recovery Plan Testing and Exercise, Recovery Plan Reporting
- Security Management Controls: Knowledge of Senior Manager Requirements, Policies, Low facility Requirements
- Standards Development: Knowledge of Compliance Monitoring and Enforcement Program, Request For Interpretation, Standards Authorization Request, Urgent Action Request, Balloting, Violation Severity Level, Violation Risk Factor
- Standards Enforcement: Knowledge of Audit Prep, Enforcement Treatment, Reliability Standards Auditor Worksheet, Reliability Assurance Initiative, Interactive Remote Access, Internal Controls Evaluation
- System Security Management: Knowledge of Port and Service management, Patch Management, Malicious Code Prevention, System Logging, Authentication Requirements, Account management, Monitoring and Alerting
Benefits of GCIP:
- BES cyber system identification and strategies for lowering their impact rating
- Nuances of NERC defined terms and CIP standards applicability
- Strategic implementation approaches for supporting technologies
- Recurring tasks and strategies for CIP program maintenance
Exam format
- 1 proctored exam
- 75 questions
- Time limit of 3 hours
- Minimum Passing Score of 70%
General Information
- Training is available in a variety of modalities including live conference training, online, and self study.
- Practical work experience can help ensure that you have mastered the skills necessary for certification
- College level courses or study through another program may meet the needs for mastery.
- The procedure to contest exam results can be found at https://www.giac.org/about/procedures/grievance.