Skip to main content
New

GIAC Cloud Security Architecture and Design (GCAD)

Practitioner Certification
GIAC Cloud Security Architecture and Design (GCAD)
Register nowRenew
dora
nis2
Jump to:

Demonstrate readiness to secure our most innovative technologies in the cloud, armed with zero-trust strategies and foundational architecture principles. 

The GIAC Cloud Security Architecture and Design (GCAD) certification validates a practitioner’s expertise in cloud provider frameworks and design approaches for secure architecture in the cloud. GCAD certification holders are proficient in strategies and design techniques to implement workforce identity, conditional access, network security controls, and centralized logging.

Areas Covered

  • Identity and access management
  • Design and implement Zero-Trust concepts
  • Network architecture and design
  • Data protection
  • Configuring centralized monitoring

Who is GCAD for?

  • Anyone working in a cloud environment
  • Cloud architects
  • Operations, DevOps, software engineers
  • System administrators
  • Security analysts, engineers, consultants
  • Auditors, risk managers

Instructor Testimonial

Distributing our workloads and data to the public cloud increases our perimeter, which is often protected only by identity-based security controls. With the network perimeter being lifted, the margin for error is slim. Even with this grim reality, we can still be optimistic. Migrating to the cloud enables our most innovative technologies and presents an opportunity for the security sector to evolve and mature. If armed with the correct foundational design principles, we can build a more secure future, with greater availability and confidentiality than ever possible on-premises.

Eric Johnson and David HazarCo-Authors of SANS SEC549: Cloud Security Architecture

Exam Format

  • 1 proctored exam
  • 2 hours
  • Minimum passing score of 63%
  • 75 questions

Note: GIAC periodically reviews and may update certification specifications to ensure fairness, validity, and reliability. Using a psychometric standard-setting study, GIAC has set the passing score for the GCAD exam at 63% for all candidates who receive the exam version released on or after January 25, 2025.

To confirm the exam format and passing score that apply to your specific attempt, please refer to the Certification Information section of your GIAC account: https://exams.giac.org/pages/attempts.

Certification Delivery

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

Woman Staring at Tablet

Exam Certification Objectives & Outcome Statements

  • Architecting Cross-Cloud IdentityThe candidate will demonstrate knowledge of cross-cloud identity solutions, including Service Principles and Open ID Connect.
  • Centralizing Shared Network ServicesThe candidate will be familiar with methods of centralizing shared cloud network services via VPC gateways and interface endpoints.
  • Cloud IdentityThe candidate will be familiar with fundamental cloud identity management (IAM), including IAM roles and trust policies.
  • Cloud Network Micro SegmentationThe candidate will be familiar with methods of implementing network micro-segmentation in the cloud.
  • Comprehensive Logging and AggregationThe candidate will be familiar with cloud-native approaches to log staging and aggregation in cloud environments.
  • Conditional Access PoliciesThe candidate will demonstrate understanding of implementing cloud-based conditional access policies.
  • Customer Identity and Access ManagementThe candidate will demonstrate understanding of implementing customer identity and access management (CIAM) solutions.
  • Data Classification and Resource TaggingThe candidate will be familiar with data classification conventions and resource tagging methodology.
  • Data SecurityThe candidate will demonstrate understanding of data security frameworks, best practices, and disaster recovery.
  • Defending Data in the CloudThe candidate will demonstrate understanding of how to defend cloud-based data repositories using ACLs, encryption, and monitoring.
  • Federated Access and SSOThe candidate will be familiar with Identity Federation, including SSO operation, SAML, cloud identity services.
  • Hierarchical Cloud StructuresThe candidate will demonstrate understanding of cloud architecture principles, including Foundational OU design and resource hiearchies.
  • Implementing Zero TrustThe candidate will demonstrate understanding of Zero Trust archtitecture concepts, including and EUC tickets and micro-segmentation.
  • Incident Response in the CloudThe candidate will be familiar with enabling SOC teams with cloud-native data.
  • Key Management ArchitectureThe candidate will be familiar with various digital key management system architectures and best practices.
  • Managing Cloud Networks at ScaleThe candidate will demonstrate understanding of managing large cloud-based networks using shared VPCs and cloud-based firewalls.
  • Network Firewalls and Traffic InspectionThe candidate will be familiar with various cloud-based load balancing and traffic inspection architectures.
  • Orchestrating Log Integrations for Operational ValueThe candidate will demonstrate understanding of cloud-native log forwarding to better enable alerting and incident response activities.

Practice Tests

  • Practice exams are a simulation of the real exam, allowing you to become familiar with the test engine and style of questions
  • Practice exams can serve as a gauge to determine if your preparation methods are sufficient
  • The bank of practice questions is limited, so you may encounter the same question on multiple practice tests
  • Practice exams never include actual exam questions
  • Purchase a GCAD practice test here

How To Prepare

Other Resources

  • Training is available  in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification
  • College level courses or self-paced study through other programs or materials may meet the needs for mastery
  • Understand the procedure to  contest exam results
  • Use this justification letter to share key details of this certification opportunity with your boss

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.

Find Training Now

Subscribe to GIAC’s Monthly Newsletter

Receive expert insights, priority access to certifications, essential updates on regulatory changes and industry developments.