Specialized - EC-Council Certied Security Analyst

(ECSA) v8

Code: 3402
Lengt h: 5 days
URL: View Online

The EC-Council Certied Security Analyst (ECSA) program teaches information security professionals to conduct
realistic penetration tests by using EC-Council's published penetration testing methodology.

This course is a ve-day hands-on training program that uses real-time scenarios. In this course, you will learn
about penetration testing methodology that is repeatable and that can be used in a penetration testing
engagement, globally.

Why EC-Council Certied Security Analyst is Best

Presents industry accepted comprehensive penetration testing standards on 44 domains

Covers advanced topics such as mobile, cloud, and virtual machine penetration testing

Completely maps to the National Initiative for Cybersecurity Education (NICE)'s workforce framework, which

includes:

Protect and defend

Operate and collect

Analyze specialty area

Covers all the requirements of National Information Assurance Training Standard For Information Systems

Security Ocers (CNSS - 4014) and National Training Standard for System Certiers (NSTISSI - 4015)

Benets of Becoming ECSA

Data security program-advanced penetration testing

The curriculum is backed by and designed by the best in the eld

Students earn greater industry acceptance as seasoned security professionals

Certied Security Analysts learn to analyze the outcomes of security tools and security testing techniques.

The ECSA sets students on the path toward achieving the LPT certication

Certication:
EC-Council Certied Security Analyst (ECSA)

Licensed Penetration Tester (LPT)

The ECSA program provides one voucher to sit for the ECSA v8 exam. The ECSA certicate is provided on
successfully passing the online ECSA exam. The ECSA sets students on the path toward achieving the Licensed
Penetration Tester (LPT) certication.

Skills Gained
 Perform network and application penetration testing using both automated and manual techniques

Design and perform audits of computer systems to ensure they are operating securely and that data is

protected from both internal and external threats

Assess assigned system to determine system security status

Design and recommend security policies and procedures

Ensure compliance to policies and procedures

Evaluate highly complex security systems according to industry best practices to safeguard internal

information systems and databases

Lead investigations of security violations and breaches and recommend solutions; prepare reports on

intrusions as necessary and provide an analysis summary for management

Respond to more complex queries and request for computer security information and report from both internal

and external customers

Who Can Benet

Network server administrators

Firewall administrators

Information security analysts

System administrators

Risk assessment professionals

Prerequisites

While the Certied Ethical Hacker (CEH) certication is not a prerequisite for the ECSA course, we strongly
advise candidates to take the Certied Ethical Hacker v8 course to attain the CEH prior to the commencement
of the ECSA course.

Course Details

Core Modules

1. Need for Security Analysis

2. T CP IP Packet Analysis

3. Penetration Testing Methodologies

4. Customers and Legal Agreements

5. Rules of Engagement

6. Penetration Testing Planning and Scheduling

7. Pre-penetration Testing Steps

8. Information Gathering

9. Vulnerability Analysis

10. External Penetration Testing

11. Internal Network Penetration Testing

12. Firewall Penetration Testing

13. IDS Penetration Testing

14. Password Cracking Penetration Testing

15. Social Engineering Penetration Testing

16. Web Application Penetration Testing

17. SQL Penetration Testing

18. Penetration Testing Reports and Post Testing Actions

Self-Study Modules

19. Router and Switches Penetration Testing

20. Wireless Network Penetration Testing

21. Denial-of-Service Penetration Testing

22. Stolen Laptop, PDAs and Cell Phones Penetration Testing

23. Source Code Penetration Testing

24. Physical Security Penetration Testing

25. Surveillance Camera Penetration Testing

26. Database Penetration Testing

27. VoIP Penetration Testing

28. VPN Penetration Testing

29. Cloud Penetration Testing

30. Virtual Machine Penetration Testing

31. War Dialing

32. Virus and Trojan Detection

33. Log Management Penetration Testing

34. File Integrity Checking

35. Mobile Devices Penetration Testing

36. Telecommunication and Broadband Communication Penetration Testing

37. Email Security Penetration Testing

38. Security Patches Penetration Testing

39. Data Leakage Penetration Testing

40. SAP Penetration Testing

41. Standards and Compliance

42. Information System Security Principles

43. Information System Incident Handling and Response

44. Information System Auditing and Certication

Available target machines are completely virtualized allowing us to control and reset machines quickly and easily
with no required instructor or administrative interaction.

Lab 1: T CPIP Packet Analysis

TCP/IP Packet Analysis Using Wireshark

Lab 2: Information Gathering

Information Gathering

Lab 3: Vulnerability Analysis

 Vulnerability Analysis Using the Nessus Tool

Lab 4: External Penetration Testing

Exploring and Auditing a Network Using Nmap

ExitC ertied C orporation and iMVP are registered tradem arks of ExitC ertied ULC and Generated Jul 4 8:40:38 UTC 2017
ExitC ertied C orporation and Tech Data C orporation, respectively
C opyright 2017 Tech Data C orporation and ExitC ertied ULC & ExitC ertied C orporation.
All Rights Reserved.