Professional Documents
Culture Documents
3
The ECSA/LPT program is a comprehensive, standards-based, methodological approach to training and validating IT security professionals Penetration Testing and IS Security Auditing capabilities. The ECSA/LPT Program consists of two components: ECSA Training and the LPT Practical Exam. ECSA is a 3-day, completely hands-on training program. It uses simulated real-time scenarios to train students in standard penetration testing methodologies. LPT is a 2-day practical exam designed to evaluate students pen testing skills.
The ECSA/LPT ecosystem contains a set of pen testing standards, methodologies, real-time simulated pen testing challenges, pen testing licence accreditation, automated report writing suite, and reporting template.
4
Why did EC-Council Combine Two Programs in to One Training?
The ECSA program provides the necessary skills and training on various penetration testing and security auditing methodologies whereas LPT evaluates the professionals capabilities of performing penetration tests in real-time scenarios. The LPT credential proves your efficiency in what you have learnt in the ECSA training.
5
What is the ECSA/LPT Program Flow?
Can I Take The ECSA Training Only and Skip The LPT License?
Yes. However, we strongly recommend that candidates go for the LPT licence, as it can be a major milestone in your career and help you achieve your goals in the world of Penetration Testers and Information Security Auditors.
7
What is ECSA?
EC-Council Certified Security Analyst (ECSA) is an advanced penetration testing and security assessment training program. It focuses on training information security professionals and auditors in groundbreaking network penetration testing training methods and techniques. The ECSA certification helps students perform the intensive assessments required to effectively identify and mitigate risks to the information security of an infrastructure. This makes the ECSA certification a relevant milestone toward achieving EC-Councils Licensed Penetration Tester (LPT) credentials because in addition to rigorous training, the student will also learn the business aspect of network penetration testing. The objective of the ECSA certification is to add value to experienced information security professionals by providing computer security training that will help them analyze the outcomes of their vulnerability assessments.
Why ECSA
The ECSA program provides standard-based, methodological training designed to prepare students for real-time penetration testing and auditing assignments. The ECSA is a highly labintensive program relying on performance-based learning - helping students practice what they learn in the class.
Target Audience
Network server administrators, firewall administrators, information security analysts, system administrators, and risk assessment professionals all benefit from the ECSA program.
10
Self-Study Modules
19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. Router and Switches Penetration Testing Wireless Network Penetration Testing Denial-of-Service Penetration Testing Stolen Laptop, PDAs and Cell Phones Penetration Testing Source Code Penetration Testing Physical Security Penetration Testing Surveillance Camera Penetration Testing Database Penetration Testing VoIP Penetration Testing VPN Penetration Testing Cloud Penetration Testing Virtual Machine Penetration Testing War Dialing Virus and Trojan Detection Log Management Penetration Testing File Integrity Checking Mobile Devices Penetration Testing Telecommunicationand Broadband Communication Penetration Testing Email Security Penetration Testing Security Patches Penetration Testing Data Leakage Penetration Testing SAP Penetration Testing Standards and Compliance Information System Security Principles Information System Incident Handling and Response Information System Auditing and Certification
11
12
How to Become ECSA?
Pass the required ECSA exam to obtain the ECSA certificate.
13
Where can I Attend Training?
14
15
16
EC-Councils Licensed Penetration Tester (LPT) certification is a natural evolution of its series of security-related professional certifications. The LPT standardizes the knowledge requirements for penetration testing professionals by incorporating the best practices followed by experienced experts in the field. The objective of the LPT is to ensure that each professional licensed by EC-Council follows a strict code of ethics, is exposed to the best practices in the domain of penetration testing, and is aware of the compliance requirements of the industry. Unlike other security certifications, the LPT is a program which trains security professionals to analyze the security posture of a network and recommend corrective measures confidently. EC-Councils LPT vouches for the holders professionalism and expertise thereby making these professionals more sought after by organizations like consulting firms around the world.
What is LPT?
17
What is LPT Framework?
18
How Does the LPT License help me in conducting pen tests?
The LPT licence provides assurance to your employer or prospective clients that you possess the ability to perform a methodological security assessment. It also helps you join the EC-Councils elite Tiger Team, which provides you a platform to showcase your skills and earn real-world pen testing experience.
How is LPT framework different from other pen testing frameworks and standards?
Unlike other proprietary pen testing frameworks that are used only within a particular organization, EC-Councils LPT framework is available to the public. The LPT framework was developed based on a thorough analysis of all the available frameworks and standards in the industry. The LPT is further bolstered by incorporating the strengths of other frameworks into one certification.
19
What is Tiger Team?
Tiger Team is an elite set of professionals who hold LPT credential that engage in Penetration Testing projects worldwide. Members of Tiger Team have high chances of participating in Penetration Testing assignments worldwide. The list will be displayed on our website and will act as an endorsement of the professionals skills and ethics.
What is VampireTest?
VampireTest is a tool designed to be used by penetration testers to input penetration test data results. The program accepts various inputs and delivers a final, cohesive report of the data content.
20
EC-Council
6330 Riverside Plaza Ln NW Suite 210 Albuquerque, NM 87120 Tel: +1.505.341.3228 Fax: +1.505.341.0050 http://www.eccouncil.org E-mail: info@eccouncil.org