ECSS - EC-Council Certified Security Specialist


EC-Council Certified Security Specialist (ECSS) allows students to enhance their skills in three different areas namely information security, network security, and computer forensics.

Information security plays a vital role in most organizations. Information security is where information, information processing, and communications are protected against the confidentiality, integrity, and availability of information and information processing. In communications, information security also covers trustworthy authentication of messages that covers identification of verifying and recording the approval and authorization of information, non-alteration of data, and the non-repudiation of communication or stored data.


Who Should Attend

This course will benefit students who are interested in learning the fundamentals of information security, network security, and computer forensics.


Course Outline

Module 01: Information Security Fundamentals

Data Breach Statistics

Data Loss Statistics

The Global State of Information Security Survey 2016

Information Security

Need for Security

Elements of Information Security

The Security, Functionality, and Usability Triangle

Security Challenges

Information Security Attack Vectors

Information Security Threat Categories

Types of Attacks on a System

Trends in Security

Information Security Laws and Regulations

Module 02: Networking Fundamentals


Types of Networks

OSI (Open Systems Interconnection) Reference Model

OSI Reference Model: Diagram

EC-Council Certified Security Specialist Exam ECSS

Course Outline

Application Layer

Presentation Layer

Session Layer

Transport Layer

Network Layer

Data Link Layer

Physical Layer

OSI Layers and Device Mapping


TCP/IP Model

Comparing OSI and TCP/IP

Network Security

Essentials of Network Security

Data Security Threats over a Network

Basic Network Security Procedures

Network Security Policies

Types of Network Security Policies

Data Policy: Example

Computer Usage Policy: Example

E-mail Policy

Module 03: Secure Network Protocols



Secure Network Protocols

E-mail Security Protocol – S/MIME

E-mail Security Protocol – PGP

Web Security Protocol – SSL

Steps tEstablish Connection Between Browser and Web server using SSL

Web Security Protocol – SSH (Secure Shell)

Web Security Protocol – HTTPS

EC-Council Certified Security Specialist Exam ECSS

Course Outline

VPN Security Protocol – IPSec

VPN Security Protocol – PPTP

VPN Security Protocol – L2TP

Wireless Security Protocol – WEP

VoIP Security Protocol – H.323

VoIP Security Protocol – SIP

Public Key Infrastructure (PKI)

Access Control List (ACL)

Authentication, Authorization, and Accounting (AAA)



Internet Key Exchange Protocol (IKE)

Module 04: Information Security Threats and Attacks

The Global State of Information Security Survey 2016

Understanding Threat, Vulnerability and Exploit

Internal Threats


Sniffing Countermeasures

ARP Spoofing

ARP Spoofing Diagram

ARP Spoofing Countermeasures

External Threats

Malware Attacks


Introduction tViruses

Virus History

Stages of Virus Life

Indications of Virus Attack

How does a Computer Get Infected by Viruses?

Computer Worms

EC-Council Certified Security Specialist Exam ECSS

Course Outline

How is a Worm Different from a Virus?

Virus Detection Methods

Virus and Worms Countermeasures

Anti-Virus Tools


What is a Trojan?

Purpose of Trojans

Indications of a Trojan Attack

Different Ways a Trojan Can Get inta System

How tDetect Trojans?

Trojan Countermeasures

Anti-Trojan Softwares

Social Engineering



Eavesdropping Countermeasures

Password Cracking

Password Complexity

Password Cracking Techniques

Wire Sniffing

Password Sniffing

Man-in-the-Middle and Replay Attack

Password Guessing


Non-Electronic Attacks

Default Passwords

Password Cracker



Cain & Abel


EC-Council Certified Security Specialist Exam ECSS

Course Outline

How tDefend against Password Cracking?


Scanning Countermeasures

Denial-of-Service (DoS)

DoS Countermeasures

Distributed DoS (DDoS)

Distributed DoS Diagram


IP Spoofing

IP Spoofing Diagram and Countermeasures

Man-in-the-Middle Attack (MITM)

TCP Session Hijacking

Session Hijacking Countermeasures

Corporate Espionage

Accidental Security Breach

Automated Computer Attack

Module 05: Social Engineering

What is Social Engineering?

Behaviors Vulnerable tAttacks

Why is Social Engineering Effective?

Impact on the Organization

Common Targets of Social Engineering

Types of Social Engineering

Technical Support Example

Authority Support Example

Human-based Social Engineering


Shoulder Surfing

Dumpster Diving


EC-Council Certified Security Specialist Exam ECSS

Course Outline

In Person

Third-Party Authorization

Reverse Social Engineering


Computer-based Social Engineering

Computer-based Social Engineering: Phishing

Social Engineering Through Impersonation on Social Networking Sites

Identify Theft

How tSteal an Identity?

Social Engineering Countermeasures

How tDetect Phishing Emails?

Anti-Phishing Toolbar: Netcraft

Identity Theft Countermeasures

Module 06: Hacking Cycle

What is Hacking?

Whis a Hacker?

Hacker Classes


Stages of Hacking Cycle

Phase 1 – Reconnaissance

Phase 2 – Scanning

Phase 3 – Gaining Access

Phase 4 – Maintaining Access

Phase 5 – Covering Tracks

Module 07: Identification, Authentication, and Authorization

Identification, Authentication and Authorization




EC-Council Certified Security Specialist Exam ECSS

Course Outline

Need for Identification, Authentication and Authorization

Types of Authentication

Basic Authentication

Password Based Authentication

Digest Authentication

Form-based Authentication

RSA SecurID Token

Digital Certificates

Certificate-based Authentication

Biometrics Authentication

Face Recognition

Retina Scanning

Fingerprint-based Identification

Identification Based on Hand Geometry

Factors of Authentication

Module 08: Cryptography



Types of Cryptography


Advanced Encryption Standard (AES)

Data Encryption Standard (DES)

RC4, RC5, RC6 Algorithms

The DSA and Related Signature Schemes

RSA (Rivest Shamir Adleman)

Example of RSA Algorithm

The RSA Signature Scheme

Message Digest Function: MD5

Secure Hashing Algorithm (SHA)

What is SSH (Secure Shell)?

EC-Council Certified Security Specialist Exam ECSS

Course Outline

Public Key Infrastructure (PKI)

Certification Authorities

Digital Signature

SSL (Secure Sockets Layer)

Transport Layer Security (TLS)

Disk Encryption

Disk Encryption Tool: VeraCrypt

Module 09: Firewalls


Features of Firewalls

Firewall Architecture

Types of Firewall

Packet Filtering Firewall

Circuit-Level Gateway Firewall

Application-Level Firewall

Stateful Multilayer Inspection Firewall

Role of Firewalls in Network Security

Advantages of Firewall

Limitations of Firewalls

Firewall Technologies

Bastion Host

Need for Bastion Host

Positioning the Bastion Host

Types of Bastion Hosts

Basic Principles for Building a Bastion Host

Setting Up Bastion Hosts

Hardware Requirements for the Bastion Host

Selecting the Operating System for the Bastion Host

Auditing the Bastion Host

Tool: IPSentry

EC-Council Certified Security Specialist Exam ECSS

Course Outline

IPSentry: Automated Output Statistics HTML


What is DMZ?

Different Ways tCreate a DMZ

Proxy Servers

What are Proxy Servers?

Benefits of Proxy Server

Functioning of a Proxy Server

Proxy Server-to-Proxy Server Linking

Proxy Servers vs Packet Filters

Types of Proxy Servers

Transparent Proxies

Non-transparent Proxy

Application Proxy


Anonymous Proxy

Reverse Proxy

How tConfigure Proxy Server

Steps tConfigure Proxy Server on IE



Limitations of Proxy Server

List of Proxy Sites

Network Address Translation

Virtual Private Network


Types of Honeypots

Honeypot Tool: KFSensor

Honeypot Tool: SPECTER

Bypassing Firewalls

Firewall Identification

Port Scanning


Banner Grabbing

IP Address Spoofing

Source Routing

Bypass Blocked Sites Using IP Address in Place of URL

Bypass Blocked Sites Using Anonymous Website Surfing Sites

Bypass a Firewall Using Proxy Server

Module 10: Intrusion Detection System


Intrusion Detection System (IDS)

Characteristics of IDS

Importance of IDS

IDS Vs Firewalls

IDS Placement

How IDS Works?

Ways tDetect an Intrusion

General Indications of System Intrusions

General Indications of File System Intrusions

General Indications of Network Intrusions

Types of IDS

IDS for an Organization

Selecting an IDS

Deploying the IDS

Maintaining the IDS

Limitations of Intrusion Detection System

System Integrity Verifiers (SIV)

Intrusion Detection Tools


Snort for Windows

Running Snort on Windows

Testing Snort

Configuring Snort (snort.conf)

Snort Rules


OSSEC (Open Source Security)


Evading IDS

Insertion Attack


DoS Attack


False Positive Generation

Session Splicing

Unicode Evasion Technique

Module 11: Data Backup

Introduction tData Backup

Identifying Critical Business Data

Selecting Backup Media

Backup Media

Storage Area Network (SAN)

Advantages of SAN

Network Attached Storage (NAS)

Selecting Appropriate Backup Method

Choosing the Right Location for Backup

Backup Types

Selecting Backup Types: Advantages and Disadvantages

Choosing Right Backup Solution

Data Backup Software: AOMEI Backupper

Data Backup Tools

Module 12: Virtual Private Network

What is a VPN?

VPN Deployment


Types of Tunneling

Popular VPN Tunneling Protocols

VPN Security

Authentication, Authorization and Accounting (AAA)

VPN via SSH and PPP

VPN via SSL and PPP

VPN via Concentrator

Other Methods

VPN Registration and Passwords

Introduction tIPSec

IPSec Services

Combining VPN and Firewalls

VPN Vulnerabilities

Module 13: Wireless Network Security

Wireless Networks

Wireless Terminologies

Types of Wireless Networks

Wireless Standards

Wireless Network Topology

Wireless Local Area Networks (WLANs)

Wireless Personal Area Networks (WPANs)

Wireless Metropolitan Area Network (WMANs)

Wireless Wide Area Network (WWANs)


Service Set Identifier (SSID)

Types of Wireless Encryption

WEP Encryption

How WEP Works?

Limitations of WEP Security

Temporal Key Integration Protocol (TKIP) and Advanced Encryption Standard


What is WPA?

How WPA Works?

What is WPA2?

How WPA2 Works?

WEP vs. WPA vs. WPA2

Wireless Threats

Effects of Wireless Attacks on Business

Wi-Fi Chalking

Access Control Attacks

Integrity Attacks

Confidentiality Attacks

Availability Attacks

Authentication Attacks

Rogue Access Point Attack

Denial of Service Attacks

Man-in-the-Middle Attack (MITM)

Locating Rogue Access Points

Wi-Fi Discovery Tools





Wireless Security

Wireless Transportation Layer Security (WTLS)

Extensible Authentication Protocol (EAP) Methods

Securing Wireless Networks

Maximum Security: Add VPN tWireless LAN

How tDefend Against Wireless Attacks?

Module 14: Web Security

Introduction tWeb Applications

Web Application Components

How Web Applications Work?

Website Defacement

Why Web Servers are Compromised?

Impact of Webserver Attacks

Web Application Threats

Web Application Countermeasures

How tDefend Against Web Server Attacks?

Module 15: Ethical Hacking and Pen Testing

What is Ethical Hacking?

Why Ethical Hacking is Necessary

What DEthical Hackers Do?

Scope and Limitations of Ethical Hacking

Skills of an Ethical Hacker

Defense in Depth

What is Penetration Testing?

Why Penetration Testing?

Module 16: Incident Response

Common Terminologies

Data Classification

Information as Business Asset

Computer Security Incident

Types of Computer Security Incidents

Incident Response

Signs of an Incident

Incident Categories

Incident Reporting

Incident Reporting Organizations

Incident Handling and Response Process

Step 1: Preparation for Incident Handling and Response

Step 2: Detection and Analysis

Step 3: Classification and Prioritization

Step 4: Notification and Planning

Step 5: Containment

Step 6: Forensic Investigation

Step 7: Eradication and Recovery

Step 8: Post-Incident Activities

CSIRT Overview

Need for CSIRT

CSIRT Steps tHandle Cases

Best Practices for Creating a CSIRT


World CERTs



Module 17: Computer Forensics Fundamentals

Cyber Crime

Computer Facilitated Crimes

Modes of Attacks

Examples of Cyber Crime

Types of Computer Crimes

Investigating Computer Crime

Cyber Criminals

Cyber Crime Investigation

Forensics Science

Computer Forensics

Aspects of Organizational Security

Evolution of Computer Forensics

Objective of Computer Forensics

Need for Computer Forensics

Why and When DYou Use Computer Forensics?

Goals of Forensics Readiness

Benefits of Forensics Readiness

Computer Forensics Investigation Methodology

Key Steps in Forensics Investigation

Rules of Forensics Investigation

Role of Digital Evidence

Review Policies and Laws

Forensics Laws

Why you Should Report Cybercrime?

WhtContact at the Law Enforcement?

Federal Local Agents Contact

More Contacts

Module 18: Digital Evidence

Definition of Digital Evidence

Increasing Awareness of Digital Evidence

Challenging Aspects of Digital Evidence

The Role of Digital Evidence

Characteristics of Digital Evidence

Fragility of Digital Evidence

Types of Digital Data

Rules of Evidence

Best Evidence Rule

Electronic Devices: Types and Collecting Potential Evidence

Digital Evidence Examination Process

Evidence Assessment

Evidence Acquisition

Handling Digital Evidence

Evidence Examination

Documenting the Evidence

Evidence Examiner Report

Module 19: Understanding File Systems

Understanding File Systems

Types of File Systems

Understanding System Boot Sequence

Windows File Systems

Exploring Microsoft File Structures


Popular Windows File Systems

FAT Structure

NTFS Architecture

Encrypting File Systems (EFS)

Components of EFS

Exploring Microsoft File Structures: Cluster

Gathering Evidence on Windows Systems

Gathering Volatile Evidence on Windows

Example: Checking Current Processes with Forensic Tool PsList

Example: Checking Open Ports With Forensic Tool Fport

Checking Registry Entries

Forensic Tool: Registrar Registry Manager

Linux File Systems

Linux Overview

Exploring Unix/Linux Disk Data Structures

Understanding Unix/Linux Boot Process

Understanding Linux Loader

Linux File System Architecture

Popular Linux File Systems

Mac OS X File Systems

HFS vs. HFS Plus

CD-ROM / DVD File Systems

Compact Disc File System (CDFS)

Comparison of File Systems (Limits)

Comparison of File Systems (Features)

Module 20: Windows Forensics

Volatile Information

Non-Volatile Information

Registry Settings

Event Logs

Other Non-Volatile Information

Cache, Cookie, and History Analysis: Google Chrome

Cache, Cookie, and History Analysis: Microsoft Edge

Analysis Tools

Message Digest Function: MD5

Why MD5 Calculation?

MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles

Recycle Bin


Types of Metadata

Metadata Analysis Tool: Metashield Analyzer

Understanding Events

Event Logon Types

Searching with Event Viewer

Windows Forensics Tool: OS Forensics

Windows Forensics Tool: X-Ways Forensics

Windows Forensics Tools

Module 21: Network Forensics and Investigating Network Traffic

Network Forensics

Network Forensics Analysis Mechanism

Network Addressing Schemes

Overview of OSI Reference Model and Network Protocols

TCP/IP Model

Network Vulnerabilities

Types of Network Attacks

IP Address Spoofing

Man-in-the-Middle Attack


Denial-of-Service Attack

Session Sniffing

Buffer Overflow

Trojan Horse

Why Investigate Network Traffic?

Evidence Gathering via Sniffing

Capturing Live Data Packets Using Wireshark

Module 22: Steganography

What is Steganography?

Steganography Vs. Cryptography

How Steganography Works?

Legal Use of Steganography

Unethical Use of Steganography

Steganography Techniques

Application of Steganography

Classification of Steganography

Technical Steganography

Types of Steganography based on Cover Medium

Image Steganography

Image Steganography Tool: QuickStego


AudiSteganography Tool: DeepSound


VideSteganographyTool : OmniHide PRO

Document Steganography Tool: wbStegand SNOW

Issues in Information Hiding

Module 23: Analyzing Logs

Importance of Logs in Forensics

Computer Security Logs

Operating System Logs

Application Logs

Security Software Logs

Examining Intrusion and Security Events


Syslog-ng OSE

Kiwi Log Viewer

Windows Log File

Configuring Windows Logging

Why Synchronize Computer Times?

Event Correlation

EventLog Analyzer

Module 24: E-mail Crime and Computer Forensics

Email Terminology

Email System

Email Clients

Email Server

SMTP Server

POP3 and IMAP Servers

Email Message

Importance of Electronic Records Management

Email Crime

Email Spamming

Mail Bombing/Mail Storm


Email Spoofing

Example of Email Header

List of Common Headers

Why tInvestigate Emails

Investigating Email Crime and Violation

Obtain a Search Warrant and Seize the Computer and Email Account

Obtain a Bit-by-Bit Image of Email Information

Examine Email Headers

Viewing Email Headers in Microsoft Outlook

Viewing Email Headers in AOL

Viewing Email Headers in Gmail

Viewing Email Headers in YahoMail

Forging Headers

Analyzing Email Headers

Email Header Fields

Received Headers

E-mail Forensics Tools

Recover My Email

Email Trace – Email Tracking


Forensic Toolkit (FTK)


Module 25: Writing Investigation Report

Computer Forensics Report

Salient Features of a Good Report

Aspects of a Good Report

Computer Forensics Report Template

Investigative Report Format

Case Report Writing and Documentation

Create a Report tAttach tthe Media Analysis Worksheet

Best Practices for Investigators

Sample Forensics Report

Carga Horária

24 horas


R$ 4.999,00

Formato de Entrega

No momento não temos datas programadas, entre em contato através do ou pelo chat em horário comercial.