EC Council Certified Security Analyst Course Outline
The ECSAV9 penetration testing course is designed to enhance the skills based competency of a penetration tester. This course is intensively hands-on and a tremendous amount of emphasis is placed on the practical competency of the student.
Unlike the previous version of ECSA exam, in the new ECSAv9, a student will only be allowed to challenge the ECSA exam after meeting certain eligibility requirements.
To become eligible, a student must conduct a detailed penetration test through the EC-Council Cyber Range iLabs environment and submit a written report via EC-Councilís ASPEN system.
Only candidates that successfully complete the penetration test in the Cyber Range iLabs environment are allowed to challenge the ECSA exam.
You will conduct a penetration test on a company that has various departments, subnets and servers, and multiple operating systems with defense mechanisms architecture that has both militarized and non-militarized zones.
The design of the course is such that the instructor in the class will actually take you through the core concepts of conducting a penetration test based on EC-Councilís published penetration testing methdology and guide you through the report writing process for this organization.
Who Is It For?
Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals.
The ECSA exam aims to test a candidateís knowledge and application of critical penetration testing methodologies.
To be eligible to attempt the exam, candidates are required to perform real-world penetration testing over EC-Councilís secure cyber range and to produce a penetration test report that clearly documents the vulnerabilities found. This report will be graded by our professionals. Candidates that successfully submit an acceptable report will proceed on to a multiple-choice exam that tests a candidateís knowledge.
Candidates that successfully pass the multiple-choice exam will be awarded the ECSA credential.
1. Security Analysis and Penetration Testing Methodologies
2. TCP IP Packet Analysis
3. Pre-penetration Testing Steps
4. Information Gathering Methodology
5. Vulnerability Analysis
6. External Network Penetration Testing Methodology
7. Internal Network Penetration Testing Methodology
8. Firewall Penetration Testing Methodology
9. IDS Penetration Testing Methodology
10. Web Application Penetration Testing Methodology
11. SQL Penetration Testing Methodology
12. Database Penetration Testing Methodology
13. Wireless Network Penetration Testing Methodology
14. Mobile Devices Penetration Testing Methodology
15. Cloud Penetration Testing Methodology
16. Report Writing and Post Test Actions
1. Password Cracking Penetration Testing
2. Router and Switches Penetration Testing
3. Denial-of-Service Penetration Testing
4. Stolen Laptop, PDAs and Cell Phones Penetration Testing
5. Source Code Penetration Testing
6. Physical Security Penetration Testing
7. Surveillance Camera Penetration Testing
8. VoIP Penetration Testing
9. VPN Penetration Testing
10. Virtual Machine Penetration Testing
11. War Dialing
12. Virus and Trojan Detection
13. Log Management Penetration Testing
14. File Integrity Checking
15. Telecommunication and Broadband Communication Penetration Testing
16. Email Security Penetration Testing
17. Security Patches Penetration Testing
18. Data Leakage Penetration Testing
19. SAP Penetration Testing
20. Standards and Compliance
21. Information System Security Principles
22. Information System Incident Handling and Response
23. Information System Auditing and Certi¨cation
Note: Self-study modules are available in ASPEN portal
View outline in Word