In 1999, the SANS Institute founded GIAC to provide assurance that a certified security professional has the required level of knowledge and skill set necessary to practice in the important field of information security. GIAC certifications pertain to a range of essential skills, including entry-level and broad-based security “must-haves” as well as advanced skills in such areas as auditing, designing firewalls and providing appropriate perimeter protection, forensics, hacker techniques, incident handling, intrusion detection, and Windows and UNIX operating system security. GIAC assesses the practitioners’ knowledge and tests their ability to apply such knowledge to real-world exploits. Because of the importance of continual learning in order to keep abreast of new developments and security issues in the field, GIAC certifications expire every two to four years. To retain their certification, practitioners must continually review newly released information and periodically rewrite examinations. Currently, GIAC is the primary assurance certification for advanced technical subjects in information security. Northcutt, S. GIAC Certification Overview. [Online, 2004.] SANS Institute Website. http://www.giac.org/overview.php.