EC-Council Certified Security Analyst (ecsa)

Course Description

You are an ethical hacker. In fact, you are a Certified Ethical Hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep. You have sufficient knowledge and an arsenal of hacking tools and you are also proficient in writing custom hacking code.
Can you become an industry accepted security professional? Will organizations hire you to help them protect their systems? Do you have any knowledge in applying a suitable methodology to conduct a penetration test for an enterprise client?

Underground Hacking Tools

The hacking tools and techniques in each of these five phases are provided in detail in an encyclopedic approach to help you identify when an attack has been used against your own targets. Why then is this training called the Certified Ethical Hacker Course? This is because by using the same techniques as the bad guys, you can assess the security posture of an organization with the same approach these malicious hackers use, identify weaknesses and fix the problems before they are identified by the enemy, causing what could potentially be a catastrophic damage to your respective organization.
We live in an age where attacks are all susceptible and come from anyplace at any time and we never know how skilled, well-funded, or persistent the threat will be. Throughout the CEH course, you will be immersed in a hacker’s mindset, evaluating not just logical, but physical security. Exploring every possible point of entry to find the weakest link in an organization. From the end user, the secretary, the CEO, misconfigurations, vulnerable times during migrations even information left in the dumpster.

The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH)

and elevates your ability into full exploitation by teaching you how to apply the skills learned in the CEH

The utilizing EC-Council’s published penetration testing methodology

  • Focuses on pentesting methodology with an emphasis on hands-on learning
  • The exam will now have a prerequisite of submitting a pentesting report
  • The goal of these changes is to make passing ECSA more difficult; therefore making it a more respected certification
  • From the commencement of the 5 day class and the activation of the ECSA Dashboard on ASPEN

    you will have 60 days in total to submit your penetration testing report based on

    the challenge scenario to EC-Council, which will prove that you undestand the concepts thought in the course.

    This is the eligibility criterion to enable you to challenge the ECSA exam.


    The Final ECSA Exam is a Multiple Choice Question Exam.

    The ECSA v9 exam includes 2 required stages.


    Report writing stage requires candidates to perform various penetration testing exercises on EC-Council’s iLabs

    before submitting a penetration test report to EC-Council for assessment. Candidates that submit reports to

    the required standards will be provided with exam vouchers for the multiple choice exam.


    Multiple choice exams are proctored online through the EC-Council Exam portal:

  • Security Analysis and Penetration Testing Methodologies
  • TCP IP Packet Analysis
  • Pre-penetration Testing Steps
  • Information Gathering Methodology
  • Vulnerability Analysis
  • External Network Penetration Testing Methodology
  • Internal Network Penetration Testing Methodology
  • Firewall Penetration Testing Methodology
  • IDS Penetration Testing Methodology
  • Web Application Penetration Testing Methodology
  • SQL Penetration Testing Methodology
  • Database Penetration Testing Methodology
  • Wireless Network Penetration Testing Methodology
  • Mobile Devices Penetration Testing Methodology
  • Cloud Penetration Testing Methodology
  • Report Writing and Post Test Actions
  • Ethical Hackers
  • Penetration Testers
  • Network server administrators
  • Firewall Administrators
  • Security Testers
  • System Administrators and Risk Assessment professionals