Objectives

The ECSA program offers a seamless learning progress continuing where the CEH program left off. The new ECSAv10 includes updated curricula and an industry recognized comprehensive step-by-step penetration testing methodology. This allows a learner to elevate their ability in applying new skills learned through intensive practical labs and challenges.

Unlike most other pen testing programs that only follow a generic kill chain methodology; the ECSA presents a set of distinguishable comprehensive methodologies that are able to cover different pentesting requirements across different verticals.

It is a highly interactive, comprehensive, standards based, intensive 5-days training program that teaches information security professionals how professional real-life penetration testing are conducted.

This course is a part of the VAPT Track of EC-Council. This is a “Professional” level course, with the Certified Ethical Hacker being the “Core” and the Licensed Penetration Tester being the “Master” level certification. In the new ECSAv10 course, students that passes the knowledge exam are given an option to pursue a fully practical exam that provides an avenue for them to test their skills, earning them the ECSA (Practical) credential. This new credential allows employers to validate easily the skills of the student.

Who Should Attend

Ethical Hackers, Penetration Testers Network server administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment professionals.

ECSAv10 Course – EC-Council Certified Security Analyst

Core Modules
  • Module 1 : Introduction to Penetration Testing and Methodologies
  • Module 2 : Penetration Testing Scoping and Engagement Methodology
  • Module 3 : Open Source Intelligence (OSINT) Methodology
  • Module 4 : Social Engineering Penetration Testing Methodology
  • Module 5 : Network Penetration Testing Methodology - External
  • Module 6 : Network Penetration Testing Methodology - Internal
  • Module 7 : Network Penetration Testing Methodology - Perimeter Devices
  • Module 8 : Web Application Penetration Testing Methodology
  • Module 9 : Database Penetration Testing Methodology
  • Module 10 : Wireless Penetration Testing Methodology
  • Module 11 : Cloud Penetration Testing Methodology
  • Module 12 : Report Writing and Post Testing Actions
Self-study Modules
  • Module 1 : Penetration Testing Essential Concepts
  • Module 2 : Password Cracking Penetration Testing
  • Module 3 : Denial-of-Service Penetration Testing
  • Module 4 : Stolen Laptop, PDAs and Cell Phones Penetration Testing
  • Module 5 : Source Code Penetration Testing
  • Module 6 : Physical Security Penetration Testing
  • Module 7 : Surveillance Camera Penetration Testing
  • Module 8 : VoIP Penetration Testing
  • Module 9 : VPN Penetration Testing
  • Module 10 : Virtual Machine Penetration Testing
  • Module 11 : War Dialing
  • Module 12 : Virus and Trojan Detection
  • Module 13 : Log Management Penetration Testing
  • Module 14 : File Integrity Checking
  • Module 15 : Telecommunication and Broadband Communication
  • Module 16 : Email Security Penetration Testing
  • Module 17 : Security Patches Penetration Testing
  • Module 18 : Data Leakage Penetration Testing
  • Module 19 : SAP Penetration Testing
  • Module 20 : Standards and Compliance
  • Module 21 : Information System Security Principles
  • Module 22 : Information System Incident Handling and Response
  • Module 23 : Information System Auditing and Certification