EC-Council’s Licensed Penetration Tester(Master) is a natural evolution and extended value addition to its series of security related professional certifications. The LPT (Master) standardizes the knowledge base for penetration testing professionals by incorporating best practices followed by experienced experts in the field.
The objective of the LPT (Master) is to ensure that each professional licensed by EC-Council follows a strict code of ethics, is exposed to the best practices in the domain of penetration testing and aware of all the compliance requirements required by the industry.
The objective of Certified Security Analyst “pen testing” certification is to add value to experienced Information Security professionals
Unlike a normal security certification, the LPT (Master) is a program which trains security professionals to analyze the security posture of a network exhaustively and recommend corrective measures authoritatively. For many years EC-Council has been certifying IT Security Professionals around the globe to ensure these professionals are proficient in network security defense mechanisms. EC-Council’s license vouches for their professionalism and expertise thereby making these professionals more sought after by organizations and consulting firms globally.
Conteúdo do curso
To earn the prestigious EC-Council LPT (Master) Credential, you must successfully pass our most challenging practical exam available. The LPT (Master) practical exam is the capstone to EC-Council’s entire information security track; from the Certified Ethical Hacker Program (CEH) to the EC-Council Certified Security Analyst (ECSA) Program. It all culminates with the ultimate test of your career as a penetration tester – the Licensed Penetration Tester practical exam.
You will need to demonstrate a mastery of the skills required to conduct a full blackbox penetration test of a network provided to you by EC-Council on our cyber range. You will follow the entire process taught to you through CEH and ECSA, taking you from reconnaissance, through scanning, enumeration, gaining access, maintaining access, then exploiting vulnerabilities that you will have to seek out in a network that only a true professional will be able to break. EC-Council will provide the entire cyber-range through its cloud based cyber range, iLabs. All toolsets are provided to you, you bring the skill.
To successfully pass the LPT (Master) practical, you must fully document your pen test in a complete, professional penetration test report. This report will follow formats learned in the ECSA program, following industry acceptable, penetration testing and reporting procedures used by only the top professionals in the industry. This report will be reviewed and scored based on a complex rubric by other penetration testing professionals dedicating to upholding the value of EC-Council’s LPT (Master) Credential, and enhancing the professionalization of cyber security as a field.
While the Certified Ethical Hacker course teaches threat agents that can compromise the security posture of an organization, and the EC-Council Security Analyst program provides a repeatable and documentable methodology for deep analysis of an organizations security posture, the Licensed Penetration Tester exam tests the mastery of the skill-sets required to be a true professional penetration tester – Technical Analysis and Report Writing.
To build on the technical skills taught in the CEH course, the ECSA course emphasizes application of a suitable methodology and report writing. The LPT (Master) practical exam thoroughly tests the application of this knowledge and the skills required in an examination that even our reviewers have called “extremely challenging”. The LPT (Master) Exam is the final step after the intense training and certification that you would have received in the Certified Ethical Hacker and the EC-Council Certified Security Analyst programs.
Many have described report writing as one of least preferred, yet arguably one of the most critical parts of any penetration testing engagement. While so many courses are offered globally to cover various subjects in the information security realm, hardly any are dedicated to this very important skill, especially almost half of all time spent at any penetration testing engagement can revolve around writing and reporting the core findings of the engagement to the client. Explaining a highly technical finding in an elaborate penetration test engagement to someone not technical like the CEO of a company, the senior management or even the board of directors can be very challenging and frustrating at times. Mastery of communication, research and report writing is required to make sense of technically complex topics like specific vulnerabilities and their resulting exploits in a meaningful manner than an organization can use to make educated decisions to improve their own security posture.