GICSP Exam Format | Course Contents | Outline | Syllabus | Objectives

GICSP Exam Syllabus & Study Guide

Before you start practicing with our exam simulator, it is essential to understand the official GICSP exam objectives. This course outline serves as your roadmap.

The information below reflects the 2026 syllabus defined by GIAC.

Below are complete topics detail with latest syllabus and course outline, that will help you good knowledge about exam objectives and topics that you have to prepare. These contents are covered in questions and answers pool of exam.

Exam Duration: 3 hours Passing Score: 71% Number of Questions: 82 questions Hardening & Protecting Endpoints The candidate will be able to describe how to implement endpoint security software along with hardening and patching, to secure the Windows and Unix style operating systems commonly found in an ICS environment. ICS Components & Architecture The candidate will be able to categorize assets that comprise Purdue Reference Architecture levels zero through three and describe how they can be implemented in a securable architecture. The candidate will also be able to summarize the use of levels and zones in defining a secure ICS architecture, as well as the devices deployed at each level and zone. ICS Overview & Concepts The candidate will be able to summarize the function of high-level ICS processes as well as ICS roles and responsibilities. The candidate will also be able to compare and contrast high-level differences between ICS and IT, including physical security considerations. ICS Program & Policy Development The candidate will be able to summarize the steps and best practices used in building a security program and creating enforceable security policies for an ICS. Intelligence Gathering & Threat Modeling The candidate will be able to determine the threat landscape of an ICS and high-level concepts of threat modeling. PERA Level 0 & 1 Technology Overview and Compromise The candidate will be able to describe level 0 and level 1 devices and technologies and summarize how those devices and technologies are targeted and attacked. PERA Level 2 & 3 Technology Overview and Compromise The candidate will be able to describe level 2 and level 3 devices and technologies and summarize how those devices and technologies are targeted and attacked. Protocols, Communications, & Compromises The candidate will be able to describe the basic structures, protocols, and defense of communications within an ICS and summarize how they can be compromised. This includes TCP/IP as well as ICS specific protocols. The candidate will also be able to, at a basic level, describe the cryptography used to protect communications. Risk Based Disaster Recovery & Incident Response The candidate will be able to describe how risk is measured and how it can be used to inform disaster recovery and incident response. Wireless Technologies & Compromises The candidate will be able to summarize the different wireless communication technologies used in an ICS, how they are targeted, and how they can be defended.