ECSA: EC-Council Security Analyst


Exam Name: EC-Council Certified Security Analyst (ECSA)

Exam Code: ECSA

The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and enhances your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology. It focuses on pentesting methodology with an emphasis on hands-on learning



EC-Council ECSA Exam Summary:


Exam Name
EC-Council Certified Security Analyst (ECSA)
Exam Code  
ECSA
Exam Price  
$999 (USD)
Duration 
240 mins 
Number of Questions  
150
Passing Score  
170% 
Books / Training  
Sample Questions  
Practice Exam  

EC-Council ECSA v10 Exam Syllabus Topics:


Topic Details Weights
Penetration Testing Essential Concepts - Computer Network Fundamentals
- Network Security Controls and Devices
- Windows and Linux Security
- Web Application and Web Server Architecture and Operations
- Web Application Security Mechanisms
- Information Security Attacks
- Information Security Standards
20.72%
Introduction to Penetration Testing Methodologies - Penetration Testing Process and Methodologies & Benefits
- Types, Areas and Selection of Pentesting
5.63%
Penetration Testing Scoping and Engagement Methodology - Penetration Testing Scoping and Rules and Engagement
- Penetration Testing Engagement Contract and Preparation
5.38% 
Open-Source Intelligence (OSINT) Methodology - OSINT Through World Wide Web (WWW), Website Analysis, DNS Interrogation
- Automating your OSINT Effort Using Tools/Frameworks/Scripts
4.80%
Social Engineering Penetration Testing Methodology - Social Engineering Penetration Testing Techniques & Steps
- Social Engineering Penetration testing using E
5.26%
Network Penetration Testing Methodology – External - External Network Information & Reconnaissance
- Scanning, and Exploitation
5.84% 
Network Penetration Testing Methodology – Internal - Internal Network Information Reconnaissance and Scanning
- Internal Network Enumeration and Vulnerability Scanning
- Local and Remote System Exploitation
8.62% 
Network Penetration Testing Methodology - Perimeter Devices - Firewall Security Assessment Techniques
- iDs Security Assessment Techniques
- Router and Switch Security Assessment Techniques
7.84% 
Web Application Penetration Testing Methodology - Web Application Content Discovery and Vulnerability Scanning
- SQL Injection Vulnerability Penetration Testing
- XSS, Parameter Tampering, Weak Cryptography, Security Misconfiguration and Client side scripting, vulnerabilities penetration techniques
- Authentication, Authorization, session, Web Server Vulnerabilities Penetration Testing
11.30%
Database Penetration Testing Methodology - Database Penetration Testing Techniques & Information Reconnaissance
- Database Enumeration & Exploitation
5.10% 
Wireless Penetration Testing Methodology - WLAN Penetration Testing Techniques
- RFID and NFC Penetration Testing Techniques
- Mobile Device Penetration Testing Techniques
- loT Penetration Testing Techniques
9.22% 
Cloud Penetration Testing Methodology - Cloud Specific Penetration Testing Techniques and Recommendations
- Cloud Specific Penetration Testing Methods
4.65% 
Report Writing and Post Testing Actions - Penetration Testing Report Writing Process
- Penetration Testing Reporting Formats
5.63% 

0 comments:

Post a Comment