Giac Security Leadership Certification (Gslc)

Certification-Ready Training Aligned with SANS LDR512 for Aspiring Security Leaders

What you'll learn

Security Program Foundations

Security Policy and Organizational Structure

Network and Host Security Architecture

Cloud Security and Identity Management

Cryptography and Privacy Engineering

Application Security and DevSecOps

Securing AI and Emerging Technologies

Security Program Management

Vendor Management and Team Leadership

Security Monitoring and SOC Operations

Incident Response and Continuity Planning

Requirements

Basic Understanding of IT and Security Concepts

Some Exposure to Security or IT Management Tasks

Interest in Strategic Thinking and Leadership

Optional: Familiarity with Common Frameworks

Description

This course is your all-in-one preparation for the GIAC Security Leadership Certification (GSLC)—one of the most respected credentials for cybersecurity managers, team leads, and aspiring CISOs. Aligned fully with the SANS LDR512 training curriculum, this course goes beyond theory to help you apply leadership, strategy, and technical understanding in real-world security environments.You’ll explore essential topics including:Security governance, frameworks (NIST, ISO), and risk managementSecurity architecture across networks, endpoints, and cloud platformsCryptography, data protection, and privacy engineeringSecure application development and DevSecOps integrationSecurity operations, SIEM, SOC, and incident responseGenerative AI risks, Zero Trust, and emerging threatsVendor management, human risk, and organizational leadershipEach section is supported by clear lectures, real-world case studies, downloadable templates, quizzes, and guidance aligned with the GSLC exam format (115 questions, 3 hours, 70% passing score).Whether you're new to security leadership or preparing for GSLC certification, this course equips you with the clarity, confidence, and competence to lead security programs effectively and strategically.Prepare to pass. Train to lead. Start your GSLC journey today.This course is ideal for:Security managers, engineers, or IT professionals moving into leadership rolesCISOs, team leads, and architects needing to align with security frameworksProfessionals preparing for the GSLC certification examLeaders seeking a deeper understanding of policy, risk, and operational strategyAnyone wanting to build a business-aligned, threat-ready security programNo prior certification is required, but basic familiarity with IT or security concepts will help you get the most out of the experience.

Overview

Section 1: Introduction

Lecture 1 About Course

Lecture 2 Meet Course Designer and Training Architect

Lecture 3 Why GIAC Certifications?

Lecture 4 Do you need SANS or GIAC-affiliated training?

Lecture 5 Pre-requisite for this course

Section 2: Security Program Foundations

Lecture 6 Role of a Modern Security Leader

Lecture 7 Cybersecurity Frameworks: Control, Program, and Risk Models

Lecture 8 The NIST Risk Management Framework

Lecture 9 Understanding ISO Standards

Lecture 10 Case Scenario: Choosing the Right Framework

Lecture 11 Risk Fundamentals and Calibration for Managers

Lecture 12 Case Scenario: One Risk, Many Perspectives

Lecture 13 Practical Risk Assessment and Risk Management Techniques

Lecture 14 Case Scenario: Too Many Risks, Too Little Time

Section 3: Security Policy and Organizational Structure

Lecture 15 Developing Effective and Actionable Security Policies

Lecture 16 Common Security Policies in Organizations

Lecture 17 Planning and Managing the Policy Lifecycle

Lecture 18 Understanding Policy Documents in Cybersecurity Program

Lecture 19 Structuring a Security Program: Governance and Reporting Lines

Lecture 20 Understanding the Three Lines of Defense

Lecture 21 Roles, Responsibilities, and Security Functions

Lecture 22 Common Roles in the Enterprise

Lecture 23 Case Scenarios

Section 4: Network and Host Security Architecture

Lecture 24 Security Architecture Principles, Models, Trends and Frameworks

Lecture 25 Cyber Defense Matrix: Mapping Controls to Function

Lecture 26 Case Scenario: Mid-Size Healthcare Provider (MedSecure Health)

Lecture 27 Layered Network Security (Layer 1 to Application Layer)

Lecture 28 Network Security: Layer 1 and 2: Overview and attacks

Lecture 29 Network Security: Layer 3: VPNs and IPSec

Lecture 30 Essentials of IPSec

Lecture 31 Network Security: Layer 4: TCP and UDP

Lecture 32 Understanding the TCP/IP Model: Layers, Functions, and Best Practices

Lecture 33 Network Security: Application Layer: Proxies, NGFW, IDS/IPS, NSM

Lecture 34 Host security: Malware and Attack Examples

Lecture 35 Host Security Controls: EPP, EDR, HIDS/HIPS, FIM, Allowlisting, Sandboxing

Section 5: Cloud Security and Identity Management

Lecture 36 Cloud Security Fundamentals

Lecture 37 Microsoft/AWS Security Reference Architecture

Lecture 38 Cloud Security Attack Examples and Controls

Lecture 39 Cloud Security Tools: CSPM, CWPP, CASB

Lecture 40 Cloud Security Models: CSA, CAF, Well-Architected Framework

Lecture 41 IAM Overview: Authentication Factors & Access Risks, IAM Security Capabilities

Lecture 42 Zero Trust: Principles and Best Practices, ZTNA and Variable Trust

Lecture 43 Additional Materials

Section 6: Cryptography and Privacy Engineering

Lecture 44 Introduction to Security Engineering

Lecture 45 Cryptography Essentials: CIA, Non-repudiation, Hashing, Digital Signatures

Lecture 46 Hashing: Tools and Practices for Students

Lecture 47 Symmetric vs. Asymmetric Encryption and Key Exchange

Lecture 48 Applied Encryption: TLS, PKI, Blockchain, Quantum

Lecture 49 Privacy vs. Security: Concepts and Legal Foundations

Lecture 50 Privacy Engineering and Compliance Controls

Lecture 51 Wi-Fi Security Protocols, Policies, and Tools to Monitor and Defend

Section 7: Application Security and DevSecOps

Lecture 52 Secure Application Development: SDLC and Threats

Lecture 53 Application Attacks: OWASP Top 10

Lecture 54 Application Security: Application Security Testing Tools

Lecture 55 DevSecOps, Toolchains and CI/CD Pipeline

Lecture 56 Infrastructure as Code (IaC)

Lecture 57 Container Security

Section 8: Securing AI and Emerging Technologies

Lecture 58 Introduction to GenAI and Transformer Architectures

Lecture 59 Security Risks in LLMs: OWASP Top 10 for LLMs, MITRE ATLAS, Key Threats

Lecture 60 MITRE ATLAS

Lecture 61 GenAI Risk Mitigations and NIST AI RMF Controls

Lecture 62 NIST AI Risk Management Framework

Lecture 63 Building Secure AI Policies

Lecture 64 AI Security Tools and Mitigations

Section 9: Security Program Management

Lecture 65 Security Leadership in Action: Traits and Mindsets

Lecture 66 Vulnerability Management Lifecycle and PIACT Process

Lecture 67 Prioritizing Vulnerabilities with CVSS and Context

Lecture 68 Finding, Fixing and Communicating Vulnerabilities

Lecture 69 Security Awareness Program: Maturity Model

Section 10: Vendor Management and Team Leadership

Lecture 70 Human Risk Factors and Cultural Transformation

Lecture 71 Security Negotiation Strategies for Influence

Lecture 72 Vendor and Product Analysis Using AHP

Lecture 73 Case Scenario: Selecting the Best EDR Solution using AHP

Lecture 74 Project Management for Security Initiatives

Lecture 75 Project Management Knowledge Areas (PMBOK Guide 6th Edition)

Lecture 76 Leading High-Performance Security Teams

Section 11: Security Monitoring and SOC Operations

Lecture 77 Logging, Monitoring, and Visibility Fundamentals

Lecture 78 SIEM Deployment and Optimization Best Practices

Lecture 79 Security Operations Center Models and Functions

Lecture 80 Tiered vs. Tierless SOC Structures

Section 12: Incident Response and Continuity Planning

Lecture 81 Incident Response Lifecycle Using PICERL

Lecture 82 Business Continuity Planning (BCP) Fundamentals

Lecture 83 General Notes on Using BCP Template

Lecture 84 Disaster Recovery (DR) Strategies and Testing

Lecture 85 How to Use Disaster Recovery Plan (DRP) Template

Lecture 86 What is a Contingency Plan?

Lecture 87 Physical Security Controls and Risk Examples

Section 13: Additional Resources for Reading

Lecture 88 Types of Controls in Cybersecurity

Lecture 89 Access Controls: Your First Line of Defense in Cybersecurity

Lecture 90 Understanding RAID: Redundant Array of Independent Disks

Lecture 91 Common Techniques for Making Informed Project Decisions

Lecture 92 What is Steganography and its usage?

Lecture 93 Understanding the MITRE ATT&CK Framework: Phases, Tactics, and Techniques

Section 14: Course Conclusion

Lecture 94 Key Takeaway for You as a Security Leader

Lecture 95 Continued learning resources

Lecture 96 Certification Guidance and Format

Lecture 97 Course Feedback and closing remarks

Section 15: Practice Tests

Security managers, engineers, or IT professionals moving into leadership roles,CISOs, team leads, and architects needing to align with security frameworks,Professionals preparing for the GSLC certification exam,Leaders seeking a deeper understanding of policy, risk, and operational strategy,Anyone wanting to build a business-aligned, threat-ready security program