My Guide for EC-Council Exam 412-79

Study Note : ByteHacker
EC-Council Certified Security Analyst (ECSA) (412-79)


Credit Towards Certification:

* EC-Council Certified Security Analyst


Exam Objectives and Sub-Objectives:

Need to have competency in the following objectives to be certified as an ECSA:

1. Understand the five stages of a common penetration test attack methodology

* Understand how to structure and organize security tests
* Analyze the tactical application of each phase



2. Define the five main professional categories

* Compare and contrast the different job roles in the security testing and analysis industry



3. Understand the three most common present vulnerability types

* Identify the potential impact of Information Vulnerabilities
* Identify the risks of Network Vulnerabilities
* Understanding the different types of System Vulnerabilities and their impact



4. Understand the scoping process of designated target systems

* Know the rules of engagement as they pertain to client target networks/systems
* Knowing what results are expected at the end of the test



5. Demonstrate understanding of the field of Competitive Intelligence

6. Develop skills involved in competitive intelligence gathering

7. Demonstrate understanding of Informational Vulnerabilities in depth



8. Engage in Passive network discovery techniques

* Use advanced web resource skills to research identified targets in depth
* Formulate a picture of network boundaries, using IP and DNS information
* Analyze documents for potential Information Vulnerabilities



9. Demonstrate understanding of Network Vulnerabilities in depth

* Build a secure network design, and analyze it for vulnerabilities using threat modeling
* Explore the role of modems and Virtual Private Networks in Perimeter breaches
* Understand common vulnerabilities with 802.11 Wireless



10. Analyze and map live network hosts using multiple correlated modalities

* Employ common and advanced tools to identify live hosts leveraging output from previous discovery processes
* Analyze e-mail headers to enumerate target network resources for location, type and other data points



11. Install various Packet Sniffers

12. Demonstrate skills in deploying Packet Sniffers for the purpose of packet analysis

* Demonstrate use of Packet Sniffers to intercept user-names and passwords
* Demonstrate use of Packet Sniffers in intrusion signature analysis
* Understand the output and results from common Packet Sniffers



13. Demonstrate knowledge of vulnerabilities in routers

*

Understanding many Informational Vulnerabilities, as well as network vulnerabilities present in many routers
*

Analyzing Cisco packet captures for information disclosure and cracking Cisco passwords.

14. Demonstrate knowledge of vulnerabilities in various network devices

*

Explore the role of Network Appliances such as printers and PBX's in potential security violation
*

Using Man-in-the-Middle Attacks to intercept secured and encrypted traffic



15. Demonstrate knowledge of tools and techniques for enumerating specific hosts and services

16. Use commonly available Microsoft Resource Kits for advanced Windows enumeration

*

Use Null Sessions for advanced Windows enumeration
*

Use various common tools in Linux for Linux and Unix enumeration



17. Employ Automated Vulnerability Scanners

*

Understand the strengths and weaknesses of Automated Scanners
*

Using Nessus to refine target information
*

Analyzing the results given by Nessus and other Automated Scanners



18. Understand the specifics of common classes of System Vulnerabilities

*

Understand Stack-based overflows
*

Understand Format String vulnerabilities
*

Understand Heap-based overflows
*

Develop and execute proof of concept Stack-based overflows
*

Develop and execute proof of concept Understand Format String vulnerabilities
*

Develop and execute proof of concept Understand Heap-based overflow

19. Demonstrate understanding of aspects of an exploit, in terms of threat agents

*

Verify payload differences across multiple operating systems§ Demonstrate ability to use
*

Exploits against targets in a non-destructive manner
*

Use a debugger to find the Return Address
*

Develop proof-of-concept code to generate a working exploit
*

Execute actual exploit code to compromise target servers
*

Demonstrate understanding how passwords work in common operating systems
*

Demonstrate knowledge of the Windows password schemes (PWL, LANMAN, NTLM, Kerberos)
*

Demonstrate knowledge of Linux/Unix authentication mechanisms
*

Demonstrate knowledge of alternate authentication mechanisms (SASL, LDAP, PAM, etc)

20. Understand threat posed by inside and outside human threat agents

*

Define coherent policy and policy enforcement
*

Analyze implicit vulnerabilities resulting from improper policy design and enforcement
*

Understand Operational Security doctrine and Information Vulnerabilities as they pertain to personnel
*

Employ methods for testing personnel security compliance


Exams Detail:



Number of Question:
50
Type of Questions: Multiple Choice
Passing Score: 70 %
Time Duration: 120 min


http://www.clubedowarchalking.com.br/index.php?option=com_content&view=article&id=32&Itemid=61