SEC504 Hacker Tools Techniques Exploits and Incident Handling FAQs
What is SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling Exam?
The Exam allows candidates to understand tactics and strategies for handling attacks, offering hands-on experience for locating vulnerabilities and discovering intrusions, and equipping them with a comprehensive incident handling plan.
Who should take the SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling Exam?
The SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling Exam is suitable for candidates who are responsible to work with the incident handling team. The exam is suitable for candidates working as –
- General security practitioners
- System administrators
- Security architects
What are the skills acquired?
- Learn how to prepare for a breach in the future.
- Recognize the methods and tactics employed by cybercriminals.
- Explain each level of a computer attack’s proactive and reactive defences.
- Learn how to spot active assaults and compromises and how to respond to them.
- An overview of the most recent computer attack vectors, as well as how to deal with them.
- Learn how to stop assaults in their tracks.
- Plan ahead of time to prevent the attackers from returning.
- Learn how to recover from computer assaults and reinstall corporate systems.
- Learn how to utilise hacking tools and techniques and how to use them effectively.
- An overview of the detection techniques and tools for each type of assault
- Learn about the vulnerabilities, threats, and defences that exist at the application level.
What is the topics covered in SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling Exam?
The SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling exam covers the following topics –
- Describe Incident Response and Computer Crime Investigations
- Describe Recon, Scanning, and Enumeration Attacks
- DescribePublic-Facing and Drive-By Attacks
- Evasion and Post-Exploitation Attacks
- Describe Capture the Flag Event
What if I fail an exam?
If you fail a GIAC Certification Exam, you can purchase a retake by going to the Certification Attempts area of the GIAC Certification Portal and clicking on the “Purchase Retake” link. Retakes are non-refundable and non-transferable once ordered.
If you fail the GIAC test, you must purchase a retake within 30 days of the exam’s expiration date.
How are the exams delivered?
Without SANS training, GIAC certification attempts will be activated in your SANS/GIAC account within 24 hours of purchase. GIAC certification attempts purchased through SANS training will be activated 7 days after the conference ends in your SANS/GIAC account. When your certification attempt has been activated in your account, you will receive an email notice in both situations. You will have 120 days to complete your certification attempt from the date of activation. All of the GIAC Certification tests are online and must be proctored. There are two proctoring options: ProctorU for remote proctoring and PearsonVUE for onsite proctoring.
Can I see what I got wrong on my exam?
GIAC is unable to give a breakdown of your scores by question. You will receive a report detailing your performance on each exam goal once you have completed an exam. This may be seen in your account’s Certification Attempts area. Please see the GIAC Exam Feedback Procedure for further details.
Can I keep my current Pearson VUE appointment instead of scheduling with ProctorU?
You are free to keep your Pearson VUE appointment. We recommend that you confirm with the test centre that they will be able to deliver your exam on time. If Pearson VUE testing is not an option, GIAC has offered the ProctorU alternative to ensure that you may finish your certification attempt before the deadline.
