How is ECSA different from CEH?
CEH exposes the learner to various hacking tools and techniques, while
ECSA exposes the learner to the analysis and interpretation of results
obtained from using those tools and techniques.
Why should I take ECSA when I am already certified as
a security professional?
Most security certifications highlight the management aspects or the
technical aspects alone. ECSA helps you bridge the gap to a certain extent
by helping you detect the causes of security lapses and what implications
it might carry for the management. This leads you to a step closer to
becoming a Licensed Penetration Tester, where you become a complete penetration
testing professional.
How does ECSA deliver value to the enterprise’s
security team?
Having an ECSA on your enterprise security team will enhance value to
the team as you would have a professional aboard who is exposed to advanced
security testing and proficient to make studied analysis of the situation.
Benefits for having Licensed Penetration Tester (LPT)
EC-Council's endorsement as a licensed penetration testing professional
and allows them to practice as penetration testing consultant internationally.
Industry acceptance as a legal and ethical security professional
Access to proprietary EC-Council software, templates and penetration
testing methodologies.
License to practice and conduct security testing in organizations accredited
by EC-Council.
Acquire knowledge from experienced hands, on penetration testing methodologies
and latest penetration testing practices.
Requirement for the LPT is:
Achieve Certified Ethical Hacker
Achieve EC-Council Certified Security Analyst (ECSA)
Who should attend?
Network server administrators, Firewall Administrators, Security Testers,
System Administrator and Risk Assessment professionals.
Duration:
5 days (9:00 – 5:00)
Course outline:
Module 1: The Need for Security Analysis
Module 2: Advanced Googling
Module 3 : TCP/IP Packet Analysis
Module 4: Advanced Sniffing Techniques
Module 5: Vulnerability Analysis with Nessus
Module 6: Advanced Wireless Testing
Module 7: Designing a DMZ
Module 8: Snort Analysis
Module 9: Log Analysis
Module 10: Advanced Exploits and Tools
Module 11: Penetration Testing Methodologies
Module 12: Customers and Legal Agreements
Module 13: Penetration Testing Planning and Scheduling
Module 14: Pre Penetration Testing Checklist
Module 15: Information Gathering
Module 16: Vulnerability Analysis
Module 17: External Penetration Testing
Module 18: Internal Network Penetration Testing
Module 19: Router Penetration Testing
Module 20: Firewall Penetration Testing
Module 21: IDS Penetration Testing
Module 22: Wireless Network Penetration Testing
Module 23: Denial of Service Penetration Testing
Module 24: Password Cracking Penetration Testing
Module 25: Social Engineering Penetration Testing
Module 26: Stolen Laptop Penetration Testing
Module 27: Application Penetration Testing
Module 28: Physical Security Penetration Testing
Module 29: Database Penetration Testing
Module 30: VoIP Penetration Testing
Module 31: VPN Penetration Testing
Module 32: Penetration Testing Report Analysis
Module 33: Penetration Testing Report and Documentation Writing
Module 34: Penetration Testing Deliverables and Conclusion
Module 35: Ethics of a Licensed Penetration Tester
