Exam description
ECSA (Practical) is a 12 hours’ rigorous practical exam. The candidates are required to demonstrate the application of penetration testing methodology presented in the ECSA program to perform a comprehensive security audit of the organization.
You will start with challenges requiring you to perform advanced network scans beyond perimeter defenses, leading to automated and manual vulnerability analysis, exploit selection, customization, launch and post exploitation maneuvers.
ECSA (Practical) also tests your skills to perform threat and exploit research, skills to understand exploits in the wild, writing your own exploits, customize payloads and your ability to make critical decisions at different phases of a pen testing engagement that can make or break the whole assessment.
You will also be required to create a professional pen testing report with essential elements and guidance for the organization in the scenario to act on.
The ECSA (Practical) credential provides an assurance that the candidate possesses the skills required on the field and will stand a testimony of your ability to undergo the rigor of the profession.