Certified Security Analyst (ECSA)
Certified Security Analyst (ECSA)
The ECSA class includes updated curricula and an industry recognized comprehensive step-by-step penetration testing methodology.
This allows a learner to elevate their ability in applying new skills learned through intensive practical labs and challenges. Unlike most other pen testing programs that only follow a generic kill chain methodology, the ECSA presents a set of distinguishable comprehensive methodologies that are able to cover different pen-testing requirements across different verticals.
This is a highly interactive, comprehensive, standards based, intensive training program that teaches information security professionals how professional real-life penetration testing are conducted.
Building on the knowledge, skills and abilities covered in the CEH class, EC-Council has simultaneously re-engineered the ECSA course to be the natural next step in the knowledge progression.
Organizations today demand a professional level pen-testing program and not just pen-testing programs that provide training on how to hack through applications and networks. Such professional level programs can only be achieved when the core of the curricula maps with and is compliant to government and/or industry published pen-testing frameworks.
This course is a part of EC-Council’s “VAPT” track. This is a professional level course, with the Certified Ethical Hacker (CEH) being the core/associate level, and the Licensed Penetration Tester (LPT) being the master/expert level certification.
Certified Security Analyst (ECSA) Training for EC-Council Certification
- for a student to be able to write a professional pen test report
ECSA is the only certification course, offered by a major certification body, that employs a live cyber range to simulate a realistic network environment and requires students to deploy the knowledge and tools from the class, to discover live vulnerabilities.
Pre-Requisite Knowledge Advisory
We recommend that a potantial student should possess a minimum of 2 years work experience in an InfoSec domain.
The following EC-Council class is available/recommended to help you achieve the prerequisite advisory level of knowledge:
Certified Network Defender (CND)
Exam Required for Certified Security Analyst (ECSA) Certification
To gain ECSA certification, the student must pass the following exam:
- Exam: EC-Council Certified Security Analyst
Number of questions: 150
Test duration: 4 hours
Test format: Part 1, report writing ++ Part 2, multi-choice
Passing score: 70%
Students that pass the ECSA knowledge exam are given an option to pursue a fully practical exam that provides an avenue for them to test their skills, earning them the “ECSA (Practical)” credential. This new credential allows employers to easily validate the student’s skills.
Certified Security Analyst (ECSA) Course Outline
Module 1: Introduction to Penetration Testing and Methodologies
Module 2: Penetration Testing Scoping and Engagement Methodology
Module 3: Open Source Intelligence (OSINT) Methodology
Module 4: Social Engineering Penetration Testing Methodology
Module 5: Network Penetration Testing Methodology – External
Module 6: Network Penetration Testing Methodology – Internal
Module 7: Network Penetration Testing Methodology – Perimeter Devices
Module 8: Web Application Penetration Testing Methodology
Module 9: Database Penetration Testing Methodology
Module 10: Wireless Penetration Testing Methodology
Module 11: Cloud Penetration Testing Methodology
Module 12: Report Writing and Post Testing Actions