Persons with this certification have demonstrated the knowledge needed to proactively monitor, detect, prevent, and mitigate threats as they arise in real time.They have also shown that they can set up and deploy analysis tools, intrusion detection tools, syslog servers, SIEMs to find and in many cases, prevent, exploits. They will have demonstrated an ability to detect cyber attacks and deploy blue team tactics to help prevent future attacks. Plus an ability to effectively communicate suggestions and procedures.