• Training
    • Overview
    • Schedule
    • Catalog
    • Training Reviews
    • Delivery Options
    • About Our Training
    • Exam Pass Guarantee
    • Student Funding
    • Alpine Security GSA Schedule
    • DoD 8570/8140 Approved Training
  • Services
    • Overview
    • Medical Device Cybersecurity
    • CISO-as-a-Service
    • Penetration Testing
    • DFARS and CMMC Compliance Audit
    • Breach Prevention Audit
    • Cybersecurity Risk Management Program
    • Enterprise Security Audit
    • Alpine Services Reviews
  • Blog
  • News
  • About Us
    • About Us
    • Meet The Team
    • Why Alpine?
  • Contact
CISO Global (formerly Alpine Security)CISO Global (formerly Alpine Security)
CISO Global (formerly Alpine Security)CISO Global (formerly Alpine Security)
  • Training
    • Overview
    • Schedule
    • Catalog
    • Training Reviews
    • Delivery Options
    • About Our Training
    • Exam Pass Guarantee
    • Student Funding
    • Alpine Security GSA Schedule
    • DoD 8570/8140 Approved Training
  • Services
    • Overview
    • Medical Device Cybersecurity
    • CISO-as-a-Service
    • Penetration Testing
    • DFARS and CMMC Compliance Audit
    • Breach Prevention Audit
    • Cybersecurity Risk Management Program
    • Enterprise Security Audit
    • Alpine Services Reviews
  • Blog
  • News
  • About Us
    • About Us
    • Meet The Team
    • Why Alpine?
  • Contact

ECSA Review by a Senior Penetration Tester

ECSA Review by a Senior Penetration Tester

 ECSA Pen Testing Certification

A few months ago, I took EC Council’s “EC Council Certified Security Analyst” (ECSA) course.  ECSA is EC Council’s next step in its course hierarchy for penetration testers, which culminates in the LPT (Licensed Penetration Tester) Master certification.

 EC-Council iLabs. A cyber range used for exploition and the ECSA practical. EC-Council iLabs. A cyber range used for exploition and the ECSA practical.

The ECSA takes the material covered in the Certified Ethical Hacker (CEH) course and applies structure and a disciplined methodology to it.  The class consists of lecture and hands on exercises in EC Council’s “iLabs” environment, with 30 days of access included in the price of the course.  iLabs allows you to practice your hacking skills against a network of computers, right from your browser anywhere in the world with internet access!  The exercises guide you through various tools and hacking techniques, but you can also go “free range” if you like, to experiment with other tools and tactics.

The first part of the ECSA exam is the hands-on pentest, which consists of about a dozen “challenges,” which are pentesting tasks with particular objectives specified.  The objective may be obtaining the hash of a protected file, using a particular method to break into a machine, and even one task of obtaining evidence against a corporate spy!  The actual tools you need to use for each challenge are not specified, but some of the challenges will naturally lead you to using one tool over another.  As you progress through the challenges, they get increasingly, well…challenging.  The latter challenges require you to apply multiple tools in multiple steps to get you closer to the objective.  The variety of objectives, tools, and tactics really makes the hands-on section interesting and even fun.  It will, however, require persistence, ingenuity, and research to complete.  Once you are done with the challenge tasks, you will be required to submit a pentest report.  The pentest report is not exactly like a real pentest report, in that the objectives were specified for you.  And the only section of the pentest template that you will be required to submit will be section 2.0, entitled “Comprehensive Technical Report”, where you detail the steps of what you did, how you did it, and your recommended fixes.

 Windows Snipping Tool. Useful for screen captures. Windows Snipping Tool. Useful for screen captures.

Since iLabs does not have the ability to upload or download files to the Virtual Machines, you are required to illustrate your work with screen captures.  This can make the final document, including the template portions that are not required to be modified, a little bulky.  My final report came to 95 pages.

Once you have submitted your pentest report, you wait a few days to be contacted by email by an EC Council representative, who will tell you if you passed or failed.  If you passed, you may then schedule the second part of your exam, a four-hour, 150 question multiple choice exam.  I highly recommend taking the few days between the notification and your exam to go back and study the ECSA materials thoroughly!  The written exam is much more challenging than the CEH.  It goes into much more detail about the actual tools and techniques than the CEH does.  Keep in mind that just because a topic didn’t get much coverage on the CEH test, that doesn’t mean that it won’t be covered on the ECSA in depth!  So, don’t give any of the topics short shrift, because you will be required to know all of the material covered.  Once you complete the exam, you will know immediately whether you passed or failed.  Once you pass, you will receive your ECSA certificate within a few days.

The ECSA is great certification for demonstrating that you didn’t just memorize answers to a test, but that you can apply the tools and principles in a realistic scenario.  The skills you learn in the ECSA course will be directly applicable to real-word pentesting engagements.

Author Bio

 Doc Sewell in Dandong, China, across the Yalu River from Shinuiju, North Korea Doc Sewell in Dandong, China, across the Yalu River from Shinuiju, North Korea

Daniel “Doc” Sewell works as a Senior Cyber Security Engineer for Alpine Security in Fairview Heights, Illinois. He currently holds nine security-related certifications, including EC Council Certified Security Analyst (ECSA), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP) and Certified Secure Software Lifecycle Professional (CSSLP). Doc has many years of experience in software development, working on web interfaces, database applications, thick-client GUIs, battlefield simulation software, automated aircraft scheduling systems, embedded systems, and multi-threaded CPU and GPU applications. Doc’s cybersecurity experience includes penetration testing a fighter jet embedded system, penetration testing medical lab devices, creating phishing emails and fake web sites for social engineering engagements, and teaching security courses to world-renowned organizations such as Lockheed Martin and the Hong Kong Police Department. Doc’s hobbies and interests include home networking, operating systems, computer gaming, reading, movie watching, and traveling.

Tags: CEHDaniel SewellEC-Council Certified Security AnalystECSAethical hackingLicensed Penetration TesterLPTpen testingpenetration testing
Share

You also might be interested in

7 Hardest Cybersecurity Certifications
Difficult path like a videogame for a businessman

7 Hardest Cybersecurity Certifications

Mar 17, 2018

Black Box Penetration Test Advantages

Black Box Penetration Test Advantages

Feb 13, 2017

Online Password Cracking: The Attack and the Best Defense Against It
Digitally generated cyber hacking image

Online Password Cracking: The Attack and the Best Defense Against It

Mar 26, 2017

BLOG SEARCH:

Connect with Us

Interested in our cybersecurity training or services? Complete the form below and we’ll get back with you right away. We appreciate your interest.


Recent Posts

  • The State of Ransomware 2020
  • National Cybersecurity Awareness Month: 6 Things to Practice During the Month
  • Cybersecurity Checklist for Business Closures, Consolidations, and Acquisitions
  • What Is DevSecOps?
  • Cybersecurity and a Remote Workforce: What Does the Future Look Like?
  • 6 Penetration Testing Trends to Have on Your Cybersecurity Radar
  • Incorporating Privacy and Security by Design into MedTech
  • What is the Difference Between CMMC, DFARS, and NIST 800-171?
  • At Risk: Medical Device Cybersecurity Vulnerabilities Expose Patients to Life-threatening Consequences
  • 5 Reasons to Hire a Fractional CISO
  • Why Private Cybersecurity Training Matters for Your Organization
  • Is the CEH Certification Right For You?
  • Internal Penetration Test vs Vulnerability Assessment: Which is Right for You?
  • Best Beginner Cybersecurity Certification to Get
  • Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing

Alpine Security is a member of the CISO Global family of companies.

Contact Us:

  • CISO Global
  • 6900 E. Camelback Road, Suite 900 Scottsdale, AZ 85251
  • 480-389-3444
  • info@ciso.inc
  • www.ciso.inc

Get Info

About Our Training
About Our Services
Meet the Team
Blog
Terms of Use
Privacy Policy

Join The Community

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube
  • Mail

Proud Partners

© 2021 · Alpine Security, a Cerberus Sentinel Company

Prev Next