WIXLIB

Issue Date: April 2019ECSA Candidate HandbookECSA Candidate Handbook01

Table of Contents1Objective of ECSA Candidate Handbook 012About EC-Council 023What is the ECSA credential? 034ECSA Testimonials 045Steps to Earn the ECSA credential 056To Attempt the ECSA Exam 077Retakes & Extensions 128EC-Council Special Accommodation Policy 139EC-Council Exam Development & Exam Item Challenge10EC-Council Certification Exam Policy 2211ECSA Credential Renewal 2712EC- Council Continuing Education (ECE) Policy13ECSA Career Path 3314Code of Ethics 3415Ethics Violation 3616Appeal Process 3817Change in Certification Scope 4318Logo Guidelines 4419FAQ 491828Appendix A 51Appendix B 54

Objective of ECSA Candidate HandbookThe ECSA Candidate Handbook outlines the following:a. Impartiality and objectivity is maintained in all matters regardingcertification.b. Fair and equitable treatment of all persons in certification process.c. Provide directions for making decisions regarding granting,maintaining, renewing, expanding and reducing EC-Councilcertification/sd. Understand boundaries/limitations and restrictions of certifications.ECSA Candidate Handbook01

About EC-CouncilThe International Council of E-Commerce Consultants (EC-Council) is a member-basedorganization that certifies individuals in various e-business and information security skills.It is the owner and creator of the world famous Certified Ethical Hacker (CEH), ComputerHacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA),License Penetration Tester (LPT) certification, and as well as many others certificationschemes, that are offered in over 87 countries globally.EC-Council mission is “to validate information security professionals who are equippedwith the necessary skills and knowledge required in a specialized information securitydomain that will help them avert a cyber war, should the need ever arise”. EC-Council iscommitted to withhold the highest level of impartiality and objectivity in its practices,decision making and authority in all matters related to certification.As of Oct 31st 2018, EC-Council has certified over 200,000 security professionals.Individuals who have achieved EC-Council certifications include those from some of thefinest organizations around the world such as the US Army, the FBI, Microsoft, IBM andthe United Nations.Many of these certifications are recognized worldwide and have received endorsementsfrom various government agencies including the US Federal Government via theMontgomery GI Bill, National Security Agency (NSA) and the Committee on NationalSecurity Systems (CNSS). Moreover, the United States Department of Defense hasincluded the CEH program into its Directive 8570, making it as one of the mandatorystandards to be achieved by Computer Network Defenders Service Providers (CND-SP).EC-Council has also been featured in internationally acclaimed publications and mediaincluding Fox Business News, CNN, The Herald Tribune, The Wall Street Journal, TheGazette and The Economic Times as well as in online publications such as the ABC News,USA Today, The Christian Science Monitor, Boston and Gulf News.For more information about EC-Council Certification,please visit https://cert.eccouncil.org/ECSA Candidate Handbook02

WHAT IS THE ECSA CREDENTIAL?TME C SAEC-Council Certified Security AnalystThe ECSA penetration testing course provides you with a realworld hands-on penetration testing experience and is a globallyaccepted hacking and penetration testing class available thatcovers the testing of modern infrastructures, operating systemsand application environments while teaching the students how todocument and write a penetration testing report.The ECSA pentest program takes the tools and techniques you learned in the Certified EthicalHacker course (CEH) and elevates your ability into full exploitation by teaching you how to applythe skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology Focuses on pentesting methodology with an emphasis on hands-on learning The exam will now have a prerequisite of submitting a pentesting report The goal of these changes is to make passing ECSA more difficult; therefore, making it a morerespected certificationECSA Candidate Handbook03

“ECSA TestimonialsI am happy to announce that I amalready an EC Council ECSA certificateholder. I definetely can recommend the ECSAprogramme for those of you who are lookingfor shaping their penetration testing skills andestablishing a sophisticated framework ofvulnerability assessment methodology.- Lyubomir Tulev, CCISO, ECSA, CEH, CHFI, CEI“MyEC-Council’slearningexperiencewas exceptional. I was astonished by thecomprehensive curriculum of the ring this with my earlier experience, ECSAis just outstanding. Penetration testing and itsmethodologies were the most attractive part of thecomplete program.InfoSec professionals should opt for this industriallyaccepted program as it enhances your ability tounderstand the approach of a malicious hacker andto take countermeasures, accordingly.- Lokman Hakim, ECSA“Just received my ECSA certificate fromEC-Ccouncil, it’s the second one this monthand the third one in the past 20 days. Don’t listento those who say you can’t do it. Listen to yourselfand just go ahead breaking the notion of what’spossisble and what isn’t. Loving every moment of it!- Aditya Anand, ECSA“EC-Council gave me an experience that Iwill never forget! The whole lightened me with advanced information securityknowledge. I feel my existing technical knowledgehas reached another level with the EC-CouncilCertified Security Analyst (ECSA) program. This isthe first program that I really loved. It has real-timevirtual lab sessions with the latest hacking tools,intelligent trainer, and the simplified, yet detailedtraining content.I’d recommend the ECSA program to all the ITprofessionals who want to sharpen their penetrationtesting skills.- Yuan Zheng, ECSA“Once I started learning ethical hackingwith Certified Ethical Hacker (C EH),I desired to learn more about it. That’s whenI decided to opt for the EC-Council CertifiedSecurity Analyst (ECSA) program. The coursewarewas incredible and everything that I learned wassolidified with the real-time lab sessions. It was anamazing experience to use advanced hacking tools,techniques, and methodologies which summed upthe whole program. The best part is that I don’t feellike I attended a “death by PowerPoint” boot camp.I know I walked away with real knowledge andpractically applicable skills that can immediately beput to use.ECSAliterallycoverseverythingthatasecurity analyst or a pen tester requires. I knowmy acquired skills give me an upper hand over theother InfoSec professionals. I am completely inawe of the whole experience and I would definitelyrecommend the ECSA and C EH programs ofEC-Council.- Joshua Banes, ECSA“My exceptional experience with EC-CouncilCertified Security Analyst (ECSA) programincludes the brilliantly designed training contentand state-of-the-art tools and techniques involved. Ialso enjoyed the hands-on practical demonstrationof penetration testing in a real-time environment.The program covers all the major updates in theinformation security domain.Along with that, following the NICE framework,the ECSA credential can get you a suitable jobmeant for your acquired professional skills. I wouldrecommend ECSA to all information securityprofessionals because it expands your existingknowledge to another extent.- Franky Gunawan, ECSA“As I was aspiring to be into ethical hackingand penetration testing, I realized thatEC-Council ECSA credential is really valuable to bea pentester. The course is interesting with lots ofcontent to study and learn. The trainer is cooperativeand highly professional.The course material and the practical labs helpedme to prepare for the exam and earn the credential.I recommend ECSA for every individual who is insecurity domain and want to be a great pentester.C EH is for learning methodologies and will be agood start for all aspiring ethical hackers.- Aishwarya K, ECSAECSA Candidate Handbook04

STEPS TO EARN THE ECSA CREDENTIALCandidates will be granted the EC-Council Certified Security Analyst credential by passing aproctored ECSA exam. The exam will be for 4 hours with 150 multiple choice nonymous requests/new to provide you with the locationsof the nearest test centers that proctor the ECSA exam.You will be tested in the following domains:Penetration Testing Essential ConceptsIntroduction to Penetration Testing MethodologiesPenetration Testing Scoping and Engagement MethodologyOpen-Source Intelligence (OSINT) MethodologySocial Engineering Penetration Testing MethodologyNetwork Penetration Testing Methodology – ExternalNetwork Penetration Testing Methodology – InternalNetwork Penetration Testing Methodology - Perimeter DevicesWeb Application Penetration Testing MethodologyDatabase Penetration Testing MethodologyWireless Penetration Testing MethodologyCloud Penetration Testing MethodologyReport Writing and Post Testing ActionsIf you are interested in knowing the objectives of the ECSA exam, or the minimum competenciesrequired to pass the ECSA exam, please refer to Appendix A: ECSA Exam Blueprint.Upon successfully passing the exam you will receive your digital ECSA certificate within 7 workingdays.ECSA Candidate Handbook05

The E CSA credential is valid for 3-year periods but can be renewed each period by successfullyearning EC-Council Continued Education (ECE) credits. Certified members will have to achievea total of 120 credits (per certification) within a period of three years. For more details about ECEplease refer to the next section.All EC-Council-related correspondence will be sent to the email address providedduring exam registration. If your email address changes it is your responsibility to notifyhttps://eccouncil.zendesk.com/anonymous requests/new ; failing which you will not be ableto receive critical updates from EC-Council.ECSA Candidate Handbook06

TO ATTEMPT THE E CSA EXAMIn order to be eligible to attempt the ECSA certification examination, you may: -A. Completed Official TrainingCompleted an official ECSA instructor-led training (ILT), online live training, academiclearning or has been certified in a previous version of the credential.Prior to attempting the exam, you are required to AGREE to:a. EC-Council Non-Disclosure Agreement termsb. EC-Council Candidate Application Agreement termsc. EC-Council Candidate Certification Agreement termsYou should NOT attempt the exam unless you have read, understood and accepted theterms and conditions in full. BY ATTEMPTING THE EXAM, YOU SIGNIFY THE ACCEPTANCEOF THE ABOVE MENTIONED AGREEMENTS available on Appendix B. In the event thatyou do not accept the terms of the agreements, you are not authorized by EC-Council toattempt any of its certification examsB. Attempt Exam without Official TrainingIn order to be considered for the EC-Council certification exam without attending officialtraining, candidate must:a. Have at least two years of work experience in the Information Security domain.b. Educational Background that reflects specialization in information security.c. Remit a non-refundable eligibility application fee of USD 100.00d. Submit a completed Exam Eligibility Application Form.e. Purchase an official examhttps://store. eccouncil.org/ECSA Candidate HandbookvoucherDIRECTLYfromEC-Councilthrough07