EC-Council Certified Security Analyst (ECSA)

Kaplan Singapore

Course introduction

This ECSA course aims to test students’ knowledge and application of critical penetration testing methodologies.

It also provides students with a real-world hands-on penetration testing experience and covers key topics such as testing of modern infrastructures, operating systems, application environments, penetration testing reporting and documentation.

Course Benefits

Career Prospects And Opportunities

After completing this course, students may choose to pursue the following roles (but not limited to):

  • Penetration Tester
  • Senior Network Engineer
  • Senior Security Analyst
  • Network Security Engineer
  • Information Security Consultant

After passing the examination, students will receive the EC-Council Certified Security Analyst (ECSA) certification from EC-Council.

Course Pre-Requisites


EC-Council Certified Security Analyst (ECSA)

  • The ECSA programme requires the candidate to have two years of work experience in the Information Security domain and should be able to provide a proof of the same as validated through the application process, unless the candidate attends official training.
Who Should Attend
  • Ethical Hacker
  • Penetration Tester
  • Network Server Administrator
  • Firewall Administrator
  • Security Tester
  • System Administrator and Risk Assessment Professional

Course Outline

Mode of training: Classroom

Duration: 40 hours (5 days)

Course Structure:
Module 00:Penetration Testing Essential Concepts (Student Introduction)
Module 01:Introduction to Penetration Testing and Methodologies
Module 02:Penetration Testing Scoping and Engagement Methodology
Module 03:Open-Source Intelligence (OSINT) Methodology
Module 04:Social Engineering Penetration Testing Methodology
Module 05:Network Penetration Testing Methodology – External
Module 06:Network Penetration Testing Methodology – Internal
Module 07:Network Penetration Testing Methodology – Perimeter Devices
Module 08: Web Application Penetration Testing Methodology
Module 09:Database Penetration Testing Methodology
Module 10:Wireless Penetration Testing Methodology
Module 11:Cloud Penetration Testing Methodology
Module 12:Report Writing and Post Testing Actions

Available Course Sessions

Please click here to stay updated on upcoming sessions.

Trainer Profile

Johnson Yeo and Belly Rachdianto

Johnson Yeo

Having conducted training since 2003, his scope of training is extensive and varied, and it includes topics ranging from Operating Systems, Content Management Servers, Database Servers, Business Process Servers to application development, IT Security as well as IT Process Best Practices like ITIL.

Johnson possesses a strong belief in professionalism; he is well-liked by his students for his ability to conduct class in a lively, engaging and thought-provoking manner. Using real-life examples and use cases, he ensures that his classes are not conducted passively but instead promotes interaction through open-ended questions and sharing.

Belly Rachdianto

• EC-Council Instructor Circle of Excellence Award Winner for 2017
• IT consultant with over 22 years of professional experience and deep knowledge of computer technology and information systems
• Able to engage in system designs, developments and implementations along with multimedia presentations
• Possesses good knowledge of operating systems such as Unix/Linux flavors, Microsoft Windows and Novell Network and internetworking devices, security and multi-service network convergence
• Began his programming work on Commodore, Apple IIe and IBM PC systems in 1984
• Had prior experiences in many large-scale, mission critical projects which required software engineering, system programming, application architecture, network infrastructure and security analysis, network design and implementation, and network management
• Built multiple MIS/GIS applications, OLTP, 3-tier applications, web database, and GIS on the internet
• Delivered information technology courses for various corporate clients in Indonesia, Malaysia, Singapore, Hong Kong, Myanmar, Sri Lanka, Thailand, and Brunei
• Awarded Instructor of the Year in 2014, and Circle of Excellence Instructor for the year 2010, 2011 and 2012 from EC Council

• A+ (IT Technician)
• CCDA (Cisco Certified Design Associate)
• CCNA (Cisco Certified Network Associate)
• CEH (Certified Ethical Hacker)
• CEI (Certified EC Council Instructor)
• CHFI (Certified Hacking Forensic Investigator)
• ECES (EC Council Certified Encryption Specialist)
• ECSA (EC Council Certified Security Analyst)
• ITIL Foundation Certificate (Information Technology Infrastructure Library)
• Licensed Penetration Tester (LPT)
• MCITP (Microsoft Certified Information Technology Professional)
• MCSE (Microsoft Certified Systems Engineer)
• MCT (Microsoft Certified Trainer)
• MCTS (Microsoft Certified Technology Specialist)
• OSCP (Offensive Security Certified Professional)
• OSWP (Offensive Security Wireless Professional)
• SCSAS (Sun Certified Solaris Associate)

Kaplan reserves the right to change trainer, in light of unforeseen circumstances.