EC-Council Certified

Security Specialist

START YOUR
CYBERSECURITY
TRAINING TODAY!
Learn the Fundamentals
of 3 Core Domains of
Cybersecurity
- NETWORK DEFENSE
- ETHICAL HACKING
- DIGITAL FORENSICS
 COURSE
DESCRIPTION

EC-Council Certified Security Specialist (ECSS) is an entry level security program covering the fundamental
concepts of Network Defense, Ethical Hacking, and Digital Forensics. It enables students to identify
information security threats which reflect on the security posture of the organization and implement
general security controls. This program will give a holistic overview of the key components of Network
Defense, Ethical Hacking, and Digital Forensics. This program provides the solid fundamental knowledge
required for a career in information security.

2
ECSS •G
 ain Foundational Knowledge in Cybersecurity

EMPOWERS •P
 ractice Essentials Skills such as how to defend
networks and investigate them
INDIVIDUALS •C
 hallenge Industry recognized exams and earn
TO: cybersecurity credentials to build and further your career

WHY IS ECSS
IMPORTANT?

It provides professional
It facilitates your entry understanding about
into the world of the concepts of Network
Information Security. Defense, Ethical Hacking,
and Digital Forensics.

It provides best practices It enhances your skills

to improve organizational as a Security Specialist
security posture. and increases your
employability.

3
 WHO IS IT
FOR?

TARGET AUDIENCE
High School Students
• Who wants to get an early start to their cybersecurity career and master the fundamentals of security online.
• Who wants to prepare for a cybersecurity career and aid their IT education.

College University/Students
• Who wants to get into a cybersecurity field and don't know where to start their education journey.

Working Professionals
• Who wants to get into a cybersecurity field and don’t know where to start their education journey.

JOB ROLES
• ECSS helps to prepare to apply for entry level job roles in Network Defense, Ethical Hacking
and Digital Forensics.

DURATION: 5 DAYS OR 40 HOURS

EXAM DETAILS
EXAM TITLE: EC-COUNCIL
CERTIFIED SECURITY SPECIALIST

NUMBER OF QUESTIONS: 100 PASSING SCORE: 70%

EXAM AVAILABILITY: DURATION: 3 HOURS
EC-COUNCIL EXAM PORTAL TEST FORMAT: MULTIPLE CHOICE

4
 5

COURSE
OUTLINE

NETWORK DEFENSE
ESSENTIALS

1. Network Security Fundamentals

2. Identification, Authentication, and Authorization

3. Network Security Controls: Administrative Controls

4. Network Security Controls: Physical Controls

5. Network Security Controls: Technical Controls

6. Virtualization and Cloud Computing

7. Wireless Network Security

8. Mobile Device Security

9. IoT Device Security

10. Cryptography and the Public Key Infrastructure

11. Data Security

12. Network Traffic Monitoring

13. Information Security Fundamentals

5
ETHICAL HACKING
ESSENTIALS

14. Ethical Hacking Fundamentals

15. Information Security Threats and Vulnerability Assessment

16. Password Cracking Techniques and Countermeasures

17. Social Engineering Techniques and Countermeasures

18. Network Level Attacks and Countermeasures

19. Web Application Attacks and Countermeasures

20. Wireless Attacks and Countermeasures

21. Mobile Attacks and Countermeasures

22. IOT & OT Attacks and Countermeasures

23. Cloud Computing Threats and Countermeasures

24. Penetration Testing Fundamentals

6
 7

DIGITAL FORENSICS
ESSENTIALS

25. Computer Forensics Fundamentals

26. Computer Forensics Investigation Process

27. Understanding Hard Disks and File Systems

28. Data Acquisition and Duplication

29. Defeating Anti-forensics Techniques

30. Windows Forensics

31. Linux and Mac Forensics

32. Network Forensics

33. Investigating Web Attacks

34. Dark Web Forensics

35. Investigating Email Crimes

36. Malware Forensics

7
 WHAT WILL YOU
LEARN?
Students going through ECSS training will learn:

Network Security • Fundamentals of network security

Fundamentals: • Network security protocols that govern the flow of data

Identification,
• Access control principles, terminologies, and models
Authentication, and
Authorization: • Identity and access management (IAM)

Network Security • Regulatory frameworks, laws, and acts

Controls: Administrative • Security policies, and how to conduct security and awareness training
Controls

• Importance of physical security and physical security controls

Network Security
Controls: Physical • Physical security policies and procedures
Controls • Best practices to strengthen workplace security
• Environmental controls

• Types of bastion hosts and their role in network security

Network Security
Controls: Technical • IDS/IPS types and their role in network defense
Controls • Types of honeypots and virtual private networks (VPNs)
• Security incident and event management (SIEM)

8
 • Key concepts of virtualization and OS virtualization security
Virtualization
and Cloud • Cloud computing fundamentals and cloud deployment models
Computing • Cloud security best practices

Wireless • Fundamentals of wireless networks and encryption mechanisms

Network • Wireless network authentication methods
Security • Implementing wireless network security measures

• Mobile device connection methods and management

Mobile • Mobile use approaches in enterprises
Device • Security risks and guidelines associated with enterprise mobile usage policies
Security • Implement various enterprise-level mobile security management solutions
• Best practices on mobile platforms

IoT Device • IoT devices, application areas, and communication models

Security • How security works in IoT-enabled environments

• Cryptographic tools, security techniques, and algorithms

Cryptography
• Public key infrastructure (PKI) to authenticate users and
and PKI
devices in the digital world

• Data security and its importance

Data • Security controls for data encryption
Security • Perform data backup and retention
• Implement data loss prevention concepts

• Network traffic monitoring concepts.

Network Traffic
Monitoring • Traffic signatures for normal and suspicious network traffic.
• Perform network monitoring to detect suspicious traffic

Information • Information security fundamentals

Security
Fundamentals • Information security laws and regulations

9
10

• Cyber Kill Chain methodology

Ethical Hacking
• Hacking concepts, hacking cycle, and different hacker classes
Fundamentals
• Ethical hacking concepts, scope, and limitations

Information • Detect various threat sources and vulnerabilities in a network or system

Security Threats and
Vulnerabilities • Different types of malwares

Password Cracking
Techniques and •Types of password cracking techniques
Countermeasures

Social Engineering • Social engineering concepts and techniques

Techniques and
Countermeasures • Insider threats and identity theft concepts

Network-Level • Packet sniffing concepts and types

Attacks and • Sniffing techniques and countermeasures
Countermeasures • DoS and DDoS attacks under sniffing attacks

• Web Server Attacks

• Web Application Attacks
Web Application • Web Application Architecture and Vulnerability
Attacks and
Countermeasures Stack Web Application Threats and Attacks
• SQL Injection Attacks
• Types of SQL Injection Attacks

• Wireless Terminology
Wireless • Types of Wireless Encryption
Attacks and
Countermeasures • Wireless Network-specific Attack Techniques Bluetooth Attacks
• Wireless Attack Countermeasures

Mobile • Mobile Attack Anatomy

Attacks and
Countermeasures • Mobile Attack Vectors and Mobile Platform Vulnerabilities

10
 IoT Attacks OT Attacks

IoT and OT • IoT Devices, their need • Understand OT Concepts

Attacks and and Application Areas • OT Challenges and Attacks
Countermeasures • IoT Threats and Attacks • OT Attacks Countermeasures

• Cloud Computing Concepts

Cloud Computing • Container Technology
Threats and
Countermeasures • Cloud Computing Threats
• Cloud Computing Countermeasures

Penetration • Fundamentals of Penetration Testing and its Benefits

Testing • Various Types and Phases of Penetration Testing
Fundamentals • Guidelines and Recommendations for Penetration Testing

• Fundamentals of computer forensics and digital evidence

Computer • Objectives of forensic readiness to reduce the cost of investigation
Forensics
Fundamentals • Roles and responsibilities of a forensic investigator.
• Legal compliance in computer forensics

Computer Forensics • Forensic investigation process and its importance

Investigation
Process • Forensic investigation phases

• Types of disk drives and their characteristics

Understanding
Hard Disks and File • Booting process of Windows, Linux, and Mac operating systems
Systems • Examine file system records during an investigation

Data • Data acquisition fundamentals, methodologies, and their different types

Acquisition and
Duplication • Determine the data acquisition format

Defeating • Anti-forensics techniques and their

Anti-forensics
Techniques countermeasures

11
12

• How to gather volatile and non-volatile information

Windows • Perform Windows memory and registry analysis
Forensics • Analyze the cache, cookie, and history recorded in web browsers
• Examine Windows files and metadata

• Volatile and non-volatile data in Linux

Linux and Mac • Analyze filesystem images using the sleuth kit
Forensics • Demonstrate memory forensics
• Mac forensics concepts

• Network forensics fundamentals

Network • Event correlation concepts and types
Forensics • Identify indicators of compromise (IoCs) from network logs
• Investigate network traffic for suspicious activity

• Web application forensics and web attacks

Investigating
• Understand IIS and Apache web server logs
Web Attacks
• Detect and investigate various attacks on web applications

Dark Web • Dark web forensics investigation and how it works.

Forensics • Tor browser forensics

Investigating • Email basics and how it can be used as evidence

Email Crime • Techniques and steps used in email crime investigation

• Malware, its components, and distribution methods

Malware • Malware forensics fundamentals and types of malware analysis
Forensics • Perform static malware analysis and dynamic malware analysis
• Conduct system and network behavior analysis

12
 WHERE DOES
ECSS FITS IN EC-COUNCIL
CAREER PATH?

13
 EC-COUNCIL
CERTIFIED SECURITY SPECIALIST
www.eccouncil.org

www.eccouncil.org