Certified Security Analyst

Course ID


Course Description

The EC Council Certified Security Analyst (ECSA) program is a comprehensive, standards-based, methodology intensive training program which teaches information security professionals to conduct real life penetration tests by utilizing EC Council's published penetration testing methodology. The ECSA Program is a 5-day complete hands-on training program. This Penetration Testing training course uses real-time scenarios to train students in penetration testing methodologies. EC Council's Certified Security Analyst (ECSA) course will help you master a documented penetration testing methodology that is repeatable and that can be used in a penetration testing engagement, globally.


There are no prerequisites for this course


Network server administrators, firewall administrators, information security analysts, system administrators, and risk assessment professionals all benefit from the ECSA program.

Course Content

    Course Content

    Need for Security Analysis
  • Information Security Measures
  • Risk Analysis
  • Hardening Security
  • Security Policies
  • Sample Policies
  • Information Security Standards
  • Information Security Acts and Laws

    TCP/IP Packet Analysis
  • Introduction to TCP/IP
  • TCP/IP Connection
  • Introduction to IPv6
  • TCP/IP Security
  • Internet Control Message Protocol (ICMP)
  • TCP/IP in Mobile Communications

    Penetration Testing Methodologies
  • Introduction to Penetration Testing
  • Types of Penetration Testing
  • Penetration Testing Methodology
  • Pen Test Strategies
  • Ethics of a Licensed Penetration Tester

    Customers and Legal Agreements
  • Why Do Organizations Need Pen Testing?
  • Penetration Testing Rules of Behavior
  • Legal Issues in Penetration Testing
  • Penetration Testing Contract

    Rules of Engagement
  • Rules of Engagement (ROE)
  • Steps for Framing ROE
  • Clauses in ROE

    Penetration Testing Planning and Scheduling
  • Test Plan and Its Purpose
  • Content of a Test Plan
  • Building a Penetration Test Plan
  • Test Plan Identifier
  • Test Deliverables
  • Penetration Testing Planning Phase
  • Skills and Knowledge Required
  • Internal Employees
  • Penetration Testing Teams
  • Tiger Team
  • Meeting with the Client
  • Contents of a Pen Testing Project Plan
  • Work Breakdown Structure or Task List
  • Penetration Testing Schedule
  • Penetration Testing Hardware/Software Requirements

    Pre penetration Testing Steps

    Information Gathering
  • Information Gathering Terminologies
  • Information Gathering Steps
  • Tools to Extract Company's Data
  • Search Telephone Numbers Using
  • Geographical Location Search Using Google Earth
  • People Search Online Services
  • Link Popularity Search Online Services
  • Competitive Intelligence
  • Price Comparison Services
  • DNS Interrogation Tools
  • Domain Research Tool (DRT)
  • DNS Interrogation Tools
  • DNS Interrogation Online Tools
  • Traceroute Analysis
  • Website Mirroring Tools
  • Email Tracking Tools
  • GHDB Screenshot

    Vulnerability Analysis
  • Why Assessment
  • Vulnerability Classification
  • Types of Vulnerability Assessment
  • How to Conduct a Vulnerability Assessment
  • How to Obtain a High Quality Vulnerability Assessment
  • Vulnerability Assessment
  • Timeline

    External Penetration Testing
  • External Intrusion Test and Analysis
  • Client Benefits
  • External Penetration Testing
  • Traffic Sniffing and Analysis Tool Tstat
  • DNS Interrogation Tools
  • WHOIS Lookup Tools
  • Common Ports List
  • Scanning Tools
  • Hping2 IPID Example
  • Look for Invalid Ranges in Input Fields
  • Attempt Escape Character Injection
  • Examine Server Side Includes (SSI)
  • Recommendations to Protect Your System from External Threats

    Internal Network Penetration Testing
  • Internal Testing
  • Steps for Internal Network Penetration Testing
  • Sniffer Tools
  • Copying Commands in Knoppix
  • Microsoft Diagnostics and Recovery Toolset (DART)
  • Reset the Administrator's Password
  • Keyloggers and Spy Softwares
  • WinMend Folder Hidden
  • Whitespace Steganography
  • Vulnerability Scanning Tools

    Firewall Penetration Testing
  • Firewall Overview
  • Packet Filtering
  • Firewall Logging Functionality
  • Periodic Review of Information Security Policies
  • Firewall Implementation
  • Build a Firewall Ruleset
  • Maintenance and Management of Firewall
  • Hardware Firewall
  • Software Firewall
  • Types of Firewalls
  • Firewall Penetration Testing Tools
  • Firewall Identification

    IDS Penetration Testing
  • Introduction to IDS
  • Application-based IDS
  • Multi-Layer Intrusion Detection Systems
  • Wireless Intrusion Detection Systems (WIDSs)
  • Common Techniques Used to Evade IDS Systems
  • IDS Penetration Testing Steps
  • Packet Fragmentation
  • TCP Flags
  • Intrusion Detection Tools

    Password Cracking Penetration Testing
  • Password
  • LM Authentication
  • NTLM Authentication
  • Kerberos Authentication
  • LM, NTLMv1, and NTLMv2
  • People Search
  • Dictionary Maker Tool Word List Compiler
  • Packet Sniffing Tools
  • Man in the Middle Attack Using Ettercap
  • Elcomsoft Distributed Password Recovery
  • Password Cracking Tools
  • Keyloggers

    Social Engineering Penetration Testing
  • Social Engineering Pen Testing
  • Impact of Social Engineering on the Organization
  • Common Targets of Social Engineering
  • Requirements of Social Engineering
  • Steps in Conducting Social Engineering Penetration Test
  • Steps for Dumpster Diving
  • Accomplice
  • Identity Theft
  • Satellite Picture of a Organization
  • Telephone Recorders and Call Recorders
  • Vehicle/Asset Tracking System Examples
  • Spy Gadgets

    Web Application Penetration Testing
  • Introduction to Web Applications
  • Web Application Components
  • Web App Pen Testing Phases
  • Connection String Injection
  • Connection String Parameter Pollution (CSPP) Attacks
  • Connection Pool DoS
  • Web Services
  • Web Services XML Poisoning
  • SOAP Injection

    SQL Penetration Testing
  • Introduction to SQL Injection
  • SQL Injection Attacks
  • SQL Injection Penetration Testing Steps
  • SQL Injection Detection
  • Blind SQL Injection Attack
  • Best Practices to Prevent SQL Injection

    Penetration Testing Reports and Post Testing Actions
  • Penetration Testing Deliverables
  • Writing Pen Testing Report
  • Collect and document the information
  • Pen Testing Report Format
  • Result Analysis
  • Post Testing Actions
  • Report Retention

    Router and Switches Penetration Testing
  • Router Testing Issues
  • Test for HTTP Configuration Vulnerabilities in Cisco Routers
  • Analyze the Router Configuration
  • Need for Router Testing
  • General Requirements
  • Technical Requirements
  • Steps for Router Penetration Testing
  • The Process to Get Access to the Router
  • Privileged Mode Attacks
  • SNMP Community String
  • TFTP Testing
  • Router Testing Report
  • Penetration Testing Steps for Switches
  • Recommendations for Router and Switches Penetration Testing

    Wireless Network Penetration Testing
  • Wireless Penetration Testing
  • Wireless Security Threats
  • Wi Fi Discovery Tools
  • Active Wireless Scanner inSSIDer
  • Wireless Packet Sniffers
  • Wi Fi Jamming Devices
  • WEP Cracking Tool
  • WPA Brute Forcing Using Cain & Abel
  • WPA PSK Cracking Tool Elcomsoft Wireless Security Auditor
  • Wireless Penetration Testing Tools

    Denial of Service Penetration Testing
  • Distributed Denial of Service Attack
  • How Do Distributed Denial of Service Attacks Work?
  • How to Conduct DoS Penetration Testing
  • DoS Vulnerability Scanner GFI LanGuard
  • Recommendations to Prevent Denial of Service

    Stolen Laptop, PDAs, and Cell Phones Penetration Testing
  • Stolen Digital Data
  • Type of Information Lost in Laptop Theft
  • Penetration Testing Steps
  • Penetration Testing in Mobiles Using CORE IMPACT Pro
  • Tools to Extract the Personal Information in Cell Phones
  • Pen Testing Tools for the Pocket PC
  • Pen Testing for the Pocket PC Using MiniStumbler
  • Cookies Screenshot
  • Install Software

    Source Code Penetration Testing
  • Introduction
  • Need for Source Code Penetration Testing
  • Prerequisites for Source Code Penetration Testing
  • Vulnerable Components in an Application
  • Attacker's Goals
  • Threat Models
  • Application Decomposition
  • Identify and Rank Threats
  • Discover the Countermeasures and Mitigation
  • Threat Analysis
  • Steps for Source Code Penetration Testing
  • Tools for Automated Source Code Penetration Testing for Java
  • Tools for Automated Source Code Penetration Testing for C, C++, and .NET
  • STRIDE Threat Model Countermeasures
  • Authentication Countermeasures
  • Authorization Countermeasures
  • Countermeasures

    Physical Security Penetration Testing
  • Physical Attacks
  • Steps in Conducting Physical Security Penetration Testing
  • Google Maps Image

    Surveillance Camera Penetration Testing
  • Introduction to Surveillance Systems
  • Pen Testing Requirements
  • Surveillance Camera Network Architecture
  • Need for Surveillance System Pen Testing
  • Steps for Surveillance Camera Penetration Testing
  • Try to Manipulate Resolution
  • Check the Compression
  • Check the Frame Rate

    Database Penetration Testing
  • Database Penetration Testing Steps
  • McAfee Security Scanner for Databases
  • Oracle Auditing Wrong Statements Logged
  • Possible Attacks Against Oracle Database Vault
  • Try to Retrieve Sysxlogins Table Views
  • SQL Server System Tables
  • Oracle Server Testing
  • Port Scanning Basic Techniques
  • Port Scanning Advanced Techniques
  • Oracle TNS Listener Screenshot
  • Finding the TNS Listener
  • Listener Modes
  • Database Password Cracking and Testing Tools

    VoIP Penetration Testing
  • Vulnerability Assessment
  • Penetration and Vulnerability Testing
  • VoIP Risks and Vulnerabilities
  • VoIP Security Threat
  • VoIP Penetration Testing Steps
  • SNMP Enumeration Tools
  • VoIP Tools

    VPN Penetration Testing
  • Virtual Private Network (VPN)
  • VPN Penetration Testing Steps
  • Port Scanning Tools
  • Check for Split Tunneling
  • Try to Recover and Decrypt Pre Shared Key (PSK)
  • SSL VPN Scan Tool

    Cloud Penetration Testing
  • What Is Cloud Computing?
  • Cloud Computing Model
  • Types of Cloud Computing Services
  • Separation of Responsibilities in Cloud
  • Security Benefits of Cloud Computing
  • Security Risks Involved in Cloud Computing
  • Key Considerations for Pen Testing in the Cloud
  • Scope of Cloud Pen Testing
  • Cloud Penetration Testing Steps

    Virtual Machine Penetration Testing
  • Prerequisites to Virtual Machine Pen Testing
  • Virtualization Security Scenario
  • Virtualization Security Issues
  • Virtual Environment Pen Testing
  • Virtual Machine Penetration Testing Steps
  • Vulnerability Assessment Tool VMinformer
  • Configuration Management Tool
  • Virtualization Best Practices

    War Dialing
  • War Dialing
  • Recommendations to Improve Modem Security

    Virus and Trojan Detection
  • Indications of a Trojan or Virus Attack
  • Different Ways a Trojan/Virus Can Get into a System
  • How Does a Computer Get Infected by a Trojan/Virus?
  • Port Monitoring Tools
  • Process Monitoring Tools
  • Registry Entry Monitoring Tools
  • Device Drivers Monitoring Tools
  • Windows Services Monitoring Tool Process Hacker
  • Windows 7 Startup Registry Entries
  • Startup Programs Monitoring Tools
  • File and Folder Integrity Checkers
  • Detecting Trojans and Viruses with Capsa Network Analyzer
  • Anti Trojan/Anti-Spyware Tools
  • Anti Virus Tools
  • Trojan Countermeasures
  • Virus and Worms Countermeasures

    Log Management Penetration Testing
  • Steps for Log Management Penetration Testing
  • Log Management Tools
  • Log Monitoring Tools
  • Checklist for Secure Log Management

    File Integrity Checking
  • Process to Check Integrity by Comparing CRC Checksum
  • Checking and Comparing CRC Value
  • Hash Value Calculation Tools
  • Automated File Integrity Verification Tools
  • Challenges in File Integrity Checking
  • Recommendations

    Mobile Devices Penetration Testing
  • Requirements for Mobile Device Penetration Testing
  • Mobile Devices Market Share
  • Pen Testing Android
  • Android Architecture
  • Penetration Testing iOS based Devices
  • iOS Architecture
  • Major iOS Vulnerabilities and Attacks
  • Jailbreaking
  • BlackBerry Network Architecture
  • Vulnerabilities in BlackBerry
  • Bluetooth Stack
  • Penetration Testing Steps for Bluetooth-enabled Devices
  • Recommendations

    Telecommunication and Broadband Communication Penetration Testing
  • Broadband Communication
  • Risks in Broadband Communication
  • Steps for Broadband Communication Penetration Testing
  • Cookies Analysis Tool IECookiesView
  • Wardriving Tools
  • WEP Cracking Tools
  • Guidelines for Securing Telecommuting and Home Networking Resources

    Email Security Penetration Testing
  • Commonly Used Email Service Protocols
  • SMTP Enumeration Tool NetScanTools Pro
  • Vulnerability Scanners
  • Patch Management Tools
  • Anti-Phishing Tools
  • Common Spam Techniques
  • Anti-Spamming Tools

    Security Patches Penetration Testing
  • Patch Management
  • Patch and Vulnerability Group (PVG)
  • Steps for Security Patches Penetration Testing
  • Security Patches Penetration Testing Tools

    Data Leakage Penetration Testing
  • Data Leakage
  • Data Leakage Statistics
  • Data Leakage Statistics Types of Incidents
  • How Data Can Be Leaked
  • Data Leakage Penetration Testing Steps
  • Data Privacy and Protection Acts
  • Data Protection Tools

    SAP Penetration Testing
  • SAP World
  • The SAP RFC Library
  • Methodology and Goals
  • Setting Up the Assessment Platform
  • Sapyto Architecture
  • Connectors and Targets
  • Installation of Sapyto
  • SAP Penetration Testing

    Standards and Compliance
  • Incident Handling
  • Incident Response
  • Need for Incident Response
  • Goals of Incident Response
  • Parameters of Investigations
  • Laws
  • Compliance Checklists
  • Intellectual Property Rights
  • Privacy Act
  • Standards of Conduct
  • Legal Issues Affecting Information Assurance

    Information System Security Principles
  • Defense in Depth
  • System Interconnection
  • Monitoring Systems Interconnection
  • System Interconnection Policy
  • Aggregation
  • Inference and Object Reuse
  • Polyinstantiation
  • How Security is Affected
  • Threat from Aggregation
  • Basic Security Requirements
  • Information Valuation
  • States of Information
  • Protection Profiles
  • Security Target
  • Account Management
  • Security Policy for Account Administration
  • Peer to Peer Security
  • Configuration Management
  • Change Control
  • Configuration Management Plan
  • Cryptanalysis
  • Digital Signature
  • Steganography and Watermarking
  • Non Repudiation
  • Message Digest Tools
  • Key Management
  • Electronic Key Management System (EKMS)
  • EKMS Requirements
  • Public Key Infrastructure (PKI)
  • Need for Public Key Infrastructure (PKI)
  • Public Key Infrastructure Requirements
  • Email Security
  • Life Cycle Security
  • System Security Plan (SSP)
  • Access Control Models
  • Business Aspects of Information Security
  • Information Warfare (INFOWAR)
  • Intellectual Property Rights
  • System Security Architecture
  • Software Piracy
  • Addressing Account Management
  • Policy for Redeploying Classified Systems
  • Hardware Asset Management Program
  • Key Management Infrastructure (KMI)
  • Development of Configuration Control Policies
  • Report to the DAA the Deficiencies/Discrepancies in the Configuration Control Policy
  • Improvements to the Security Plans Developed by Site Personnel
  • Security Domains
  • Administrative Security Procedures Appropriate for the System Certification
  • Security Features Necessary to Support Site Operations
  • Maintenance Procedures to Ensure Security against Unauthorized Access
  • Procedures to Counter Potential Threats from Insiders or Outsiders of the Organization
  • Physical Security

    Information System Incident Handling and Response
  • Emergency/Incident Response Team
  • Education, Training, and Awareness (ETA)
  • Concept of Operations (CONOP)
  • Business Continuity Plan (BCP)
  • Business Organization Analysis
  • Disaster Recovery Planning (DRP)
  • Business Continuity Plan Development and Planning
  • Resource Requirements for Business Continuity Plan
  • Security Policy for Backup Procedures
  • Generally Accepted Systems Security Principles (GASSP)
  • Personal Information Security Breaches
  • Investigation of Personal Information Security Breaches
  • Process of Responding to and Reporting Security Incidents
  • Agency Specific Security Policies and Procedures

    Information System Auditing and Certification
  • Certification and Accreditation
  • National Information Assurance Partnership (NIAP)
  • Information Technology Security Evaluation Criteria (ITSEC)
  • Discuss the Concepts of Availability, Integrity, Confidentiality, Authentication, and Non-repudiation
  • Key Participants of the Certification and Accreditation Process
  • Information System Security Auditing and Logging
  • Information Systems Monitoring Process
  • Evaluation Assurance Levels (EALs)
  • Assessment Use During Certification of Information Systems
  • Systems Security Plan
  • Budget/Resources Allocation/ Scheduling
  • Information System Security Certification Requirements
  • System Architectural Description Document
  • Agency specific C&A Guidelines
  • Security Processing Mode
  • Change Control Management Process
  • Security Accreditation Package
  • Life Cycle Security Planning Introduction

For More Information

For training inquiries, call 850-308-1376

or email us at eramos@gbsi.com

Course Details

Duration - 5 days
Price - $2995.00 USD

(Discounts may apply. Call for more information.)

Course Actions

Acceletrain Collaborative Learning Environment (formerly know as VILT) places industry certified and expert instructors, peers, learners and multi-media components into a "borderless classroom", and interactive learning environment that can span multiple physical locations. VILT combines the benefits of the traditional brick-and-mortar classroom with innovative learning techniques and the cost savings of internet-based training.