Course Code: 2378

EC- Council Certified Security Analyst (ECSA) v10 Penetration Testing

Class Dates:
5 Days
Class Time:
Virtual Instructor-Led Training


  • Course Overview
  • ECSAv10 includes updated curricula and an industry recognized comprehensive step-bystep penetration testing methodology. This allows a learner to elevate their ability in applying new skills learned through intensive practical labs and challenges.

    This course is a part of the VAPT Track of EC-Council. This is a “Professional” level course, with the Certified Ethical Hacker being the “Core” and the Licensed Penetration Tester being the “Master” level certification. In the new ECSAv10 course, students that passes the knowledge exam are given an option to pursue a fully practical exam that provides an avenue for them to test their skills, earning them the ECSA (Practical) credential. This new credential allows employers to validate easily the skills of the student. Suggested Duration: 5 days, Minimum 40 hours
  • Audience
  • Ethical Hackers, Penetration Testers, Security Analysts, Security Engineers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators, and Risk Assessment Professionals.


  • Only candidates that successfully complete the penetration test in the iLabs Cyber Range environment will be allowed to challenge the ECSA exam.

    ECSA Exam: The ECSA exam aims to test a candidate’s knowledge and application of critical penetration testing methodologies.
    Candidates that successfully pass the multiple-choice exam will be awarded the ECSA credential.
    As a powerful addition to the ECSA exam, the new ECSA (Practical) exam is now available adding even more value to the ECSA certification.

    Eligibility Criteria for ECSA Exam: Attend offical training via an EC-Council accedited training channel or Possess a minimum of 2 years of working experience in a related InfoSec domain.

Course Details

  • Course Outline
  • Introduction to Penetration Testing and
  • Penetration Testing Scoping and Engagement
  • Open Source Intelligence (OSINT) Methodology
  • Social Engineering Penetration Testing
  • Network Penetration Testing Methodology -
  • Network Penetration Testing Methodology -
  • Network Penetration Testing Methodology -
  • Web Application Penetration Testing
  • Database Penetration Testing Methodology
  • Wireless Penetration Testing Methodology
  • Cloud Penetration Testing Methodology
  • Report Writing and Post Testing Actions
  • Self Study Modules
  • Penetration Testing Essential Concepts
  • Password Cracking Penetration Testing
  • Denial-of-Service Penetration Testing
  • Stolen Laptop, PDAs and Cell Phones Penetration Testing
  • Source Code Penetration Testing 6. Physical Security penetration Testing
  • Surveillance Camera Penetration Testing
  • VoIP Penetration Testing
  • VPN Penetration Testing
  • Virtual Machine Penetration Testing
  • War Dialing
  • Virus and Trojan Detection
  • Log Management Penetration Testing
  • .
  • File Integrity Checking
  • Telecommunication and Broadband
  • Communication Penetration Testing
  • Email Security Penetration Testing
  • Security Patches Penetration Testing
  • Data Leakage Penetration Testing
  • SAP Penetration Testing
  • Standards and Compliance
  • Information System Security Principles
  • Information System Incident Handling and Response
  • Information System Auditing and Certification
  • ECSA v10
  • Exam Title: EC-Council Certified Security Analyst v10
  • Number of Questions: 150
  • Duration: 4 hours
  • Availability: ECC Exam Centre
  • Test Format: Multiple Choice
  • Passing Criteria: 70%
  • ECSA (Practical)
  • Exam Title:EC-Council Certified Security Analyst (Practical)
  • Number of challenges: 8
  • Duration: 12 hours
  • Availability: Aspen- iLabs
  • Test Format: iLabs cyber range
  • Passing Score: 5 out of 8 challenges and submission of an acceptable penetrationtesting report
  • Eligibility Criteria for ECSA (Practical) Exam
  • To be eligible to apply to sit for the ECSA (Practical) Exam, candidate must either:
  • Be an ECSA member in good standing (Your USD 100 application fee will be waived):
  • or Have a minimum of 2 years working experience in InfoSec domain (You will need to pay USD 100 as a non-refundable application fee);
  • or Have any other industry equivalent certifications such as OSCP or GPEN cert (You will need to pay USD 100 as a non-refundable application fee).