GIAC Cloud Security Architecture and Design Certification _ Cybersecurity Certification

Uploaded by

Tarek Khafaga

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

107 views

GIAC Cloud Security Architecture and Design Certification _ Cybersecurity Certification

Uploaded by

Tarek Khafaga

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 6

1/5/25, 12:05 PM GIAC Cloud Security Architecture and Design Certification | Cybersecurity Certification

GIAC Cloud Security Architecture and

Design (GCAD)
Practitioner Certification

The GIAC Cloud Security Architecture and Design (GCAD) certification validates a practitioner’s
understanding of cloud provider frameworks and design approaches for secure architecture in the cloud.
GCAD certification holders have demonstrated knowledge of the strategies and design techniques for
topics such as workforce identity, conditional access, network security controls, and centralized logging.

The GIAC Cloud Security Architecture and Design (GCAD) is currently available for presale and can
only be purchased in conjunction with an affiliated course purchase.

Areas Covered
Identity and access management
Design and implement Zero-Trust concepts
Network architecture and design
Data protection
Configuring centralized monitoring

https://w w w .giac.org/certifications/cloud-security-archtecture-design-gcad/ 1/6

1/5/25, 12:05 PM GIAC Cloud Security Architecture and Design Certification | Cybersecurity Certification

Who is GCAD for?

Anyone working in a cloud environment
Cloud architects
Operations, DevOps, software engineers
System administrators
Security analysts, engineers, consultants
Auditors, risk managers

Exam Format
Delivery
NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two
proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE.
Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been
approved and according to the terms of your purchase. Details on delivery will be provided along
with your registration confirmation upon payment. You will receive an email notification when your
certification attempt has been activated in your account. You will have 120 days from the date of
activation to complete your certification attempt.

Exam Certification Objectives & Outcome

Statements
Architecting Cross-Cloud Identity
The candidate will demonstrate knowledge of cross-cloud identity solutions, including Service
Principles and Open ID Connect.
Centralizing Shared Network Services
The candidate will be familiar with methods of centralizing shared cloud network services via
VPC gateways and interface endpoints.
Cloud Application Identity
The candidate will be familiar with cloud application identity implementations, including Entra
ID and Cognito.
Cloud Identity
The candidate will be familiar with fundamental cloud identity management (IAM), including
IAM roles and trust policies.
Cloud Network Micro Segmentation
The candidate will be familiar with methods of implementing network micro-segmentation in
the cloud.
Comprehensive Logging and Aggregation
https://w w w .giac.org/certifications/cloud-security-archtecture-design-gcad/ 2/6
1/5/25, 12:05 PM GIAC Cloud Security Architecture and Design Certification | Cybersecurity Certification

The candidate will be familiar with various approaches to centralized logging and log
aggregation in cloud environments.
Conditional Access Policies
The candidate will demonstrate understanding of implementing cloud-based conditional
access policies.
Data Classification and Resource Tagging
The candidate will be familiar with data classification conventions and resource tagging
methodology.
Data Security
The candidate will demonstrate understanding of data security frameworks and best practices.
Defending Data in the Cloud
The candidate will demonstrate understanding of how to defend cloud-based data repositories
using ACLs, encryption, and monitoring.
Enabling Response with Secure Processes
The candidate will demonstrate understanding of cloud security automation best practices,
including quarantine methods and break-glass accounts.
Federated Access and SSO
The candidate will be familiar with Identity Federation, including SSO operation, SAML, cloud
identity services.
Hierarchical Cloud Structures
The candidate will demonstrate understanding of cloud architecture principles, including
Foundational OU design and resource hiearchies.
Implementing Zero Trust
The candidate will demonstrate understanding of Zero Trust archtitecture concepts, including
and EUC tickets and micro-segmentation.
Incident Response in the Cloud
The candidate will demonstrate understanding of cloud-based SOC best pratices, including
centralized log aggregation and cloud-based packet capture.
Key Management Architecture
The candidate will be familiar with various digital key management system architectures and
best practices.
Managing Cloud Networks at Scale
The candidate will demonstrate understanding of managing large cloud-based networks using
shared VPCs and cloud-based firewalls.
Network Firewalls and Traffic Inspection
The candidate will be familiar with various cloud-based load balancing and traffic inspection
architectures.

Other Resources
Training is available in a variety of modalities including live training and OnDemand.
Practical work experience can help ensure that you have mastered the skills necessary for
certification.
College level courses or self paced study through another program or materials may meet the
needs for mastery.
Get information about the procedure to contest exam results.

https://w w w .giac.org/certifications/cloud-security-archtecture-design-gcad/ 3/6

1/5/25, 12:05 PM GIAC Cloud Security Architecture and Design Certification | Cybersecurity Certification

Practice Tests
These tests are a simulation of the real exam allowing you to become familiar with the test
engine and style of questions.
Practice exams are a gauge to determine if your preparation methods are sufficient.
The practice bank questions are limited so you may encounter the same question on practice
tests when multiple practice tests are purchased.
Practice exams never include actual exam questions.
GIAC recommends leveraging additional study methods for test preparation.

Find Affiliate Training

Prepare for your GIAC exam with affiliate training.

"Distributing our workloads and data to the public cloud increases our perimeter, which is
often protected only by identity-based security controls. With the network perimeter being
lifted, the margin for error is slim. Even with this grim reality, we can still be optimistic.
Migrating to the cloud enables our most innovative technologies and presents an opportunity
for the security sector to evolve and mature.
If armed with the correct foundational design principles, we can build a more secure future,
with greater availability and confidentiality than ever possible on-premises. Transitioning to
the new cloud-native, zero-trust world may be bumpy, but we are here to help shepherd you
along the journey." - Eric Johnson, David Hazar