Use this quick start guide to collect all the information about EC-Council ECSA Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the EC-Council Security Analyst (ECSA) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual EC-Council Certified Security Analyst (ECSA) certification exam.
The EC-Council ECSA certification is mainly targeted to those candidates who want to build their career in Cyber Security domain. The EC-Council Certified Security Analyst (ECSA) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of EC-Council ECSA v10.
EC-Council ECSA Exam Summary:
Exam Name | EC-Council Certified Security Analyst (ECSA) |
Exam Code | ECSA |
Exam Price | $999 (USD) |
Duration | 240 mins |
Number of Questions | 150 |
Passing Score | 70% |
Schedule Exam | Pearson VUE |
Sample Questions | EC-Council ECSA Sample Questions |
Practice Exam | EC-Council ECSA Certification Practice Exam |
EC-Council ECSA v10 Exam Syllabus Topics:
Topic | Details | Weights |
Penetration Testing Essential Concepts
|
- Computer Network Fundamentals - Network Security Controls and Devices - Windows and Linux Security - Web Application and Web Server Architecture and Operations - Web Application Security Mechanisms - Information Security Attacks - Information Security Standards |
20.72% |
Introduction to Penetration Testing Methodologies
|
- Penetration Testing Process and Methodologies & Benefits - Types, Areas and Selection of Pentesting |
5.63% |
Penetration Testing Scoping and Engagement Methodology
|
- Penetration Testing Scoping and Rules and Engagement - Penetration Testing Engagement Contract and Preparation |
5.38% |
Open-Source Intelligence (OSINT) Methodology
|
- OSINT Through World Wide Web (WWW), Website Analysis, DNS Interrogation - Automating your OSINT Effort Using Tools/Frameworks/Scripts |
4.80% |
Social Engineering Penetration Testing Methodology
|
- Social Engineering Penetration Testing Techniques & Steps
- Social Engineering Penetration testing using E |
5.26% |
Network Penetration Testing Methodology – External
|
- External Network Information & Reconnaissance - Scanning, and Exploitation |
5.84% |
Network Penetration Testing Methodology – Internal
|
- Internal Network Information Reconnaissance and Scanning - Internal Network Enumeration and Vulnerability Scanning - Local and Remote System Exploitation |
8.62% |
Network Penetration Testing Methodology - Perimeter Devices
|
- Firewall Security Assessment Techniques - iDs Security Assessment Techniques - Router and Switch Security Assessment Techniques |
7.84% |
Web Application Penetration Testing Methodology
|
- Web Application Content Discovery and Vulnerability Scanning - SQL Injection Vulnerability Penetration Testing - XSS, Parameter Tampering, Weak Cryptography, Security Misconfiguration and Client side scripting, vulnerabilities penetration techniques - Authentication, Authorization, session, Web Server Vulnerabilities Penetration Testing |
11.30% |
Database Penetration Testing Methodology
|
- Database Penetration Testing Techniques & Information Reconnaissance - Database Enumeration & Exploitation |
5.10% |
Wireless Penetration Testing Methodology
|
- WLAN Penetration Testing Techniques - RFID and NFC Penetration Testing Techniques - Mobile Device Penetration Testing Techniques - loT Penetration Testing Techniques |
9.22% |
Cloud Penetration Testing Methodology
|
- Cloud Specific Penetration Testing Techniques and Recommendations - Cloud Specific Penetration Testing Methods |
4.65% |
Report Writing and Post Testing Actions
|
- Penetration Testing Report Writing Process - Penetration Testing Reporting Formats |
5.63% |
To ensure success in EC-Council ECSA v10 certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for EC-Council Security Analyst (ECSA) exam.