Hello forum members.
As promised earlier this month I inform you about the ECSA/LPT course I just finished today.
Today was the day, I and 3 other students completed the 5 day classroom training of the new ECSA/LPT course. We finished with the ECCOUNCIL exam for 412-79 right after the last lesson. I have enjoyed this course as i we went deeper into techniques of hacking and intrusion detection. Our teacher was, as usual, passionate and inspiring, he really is a professional and possesses that unique ability to pass on knowledge to other people and mix it with a good portion of common sense and humour.
Then came the exam, boy was I nervous about that one. With no practice exam (I did not find any) I went over the material with the other students in the evening at our hotel trying to grasp the essence of it all. Learning the paramaters of the known tools like "Wireshark, Metasploid, Nmap, Snort and some other tools, focussing on whitepapers, studycases and instructional short movies.
The questions (50 in total) were pretty much in line with what we learned and should be read carefully. With about 30 minutes to spare I hit the "end exam" button feeling very confident about the result. On my E/CEH I scored 83%. Today I passed ECSA/LPT with a score of 100 percent, now that I did not expect as I had still some doubt about three questions of which I was not totally sure I had answered correctly.
100 percent, WOW! My efforts this week really paid off.
I have decided to register myself now as a "Licensed Penetration Tester", I will pay the $ 500 dollar subscription fee and apply for the so called "ECCOUNCIL Tiger Team". At my work here in the Netherlands (I work for the government) I am responsible for Internet and Email security and I find ECCOUNCIL's courses a very usefull addition to the other security trainings I have received over the last few years. Coming July I will do ECFI, again at the same place and with the same teacher.
Okay! the exam focusses mainly on exploits and how to use the existing tools and also on "rules of engagement" and social engineering. There are a number of questions about CSS, Buffer overflows and password cracking and of course, the LPT method of going about penetration tests. Also focus on social engineering and ISO standards and make sure you learn those filters and paramaters of the tools I mentioned earlier. It pretty much follows the ECEH course and it is helpfull to freshen up on your CEH material as well.
Now I'm going to enjoy my weekend, see a movie, visit a friend and read a good book.
All the best and keep in touch.
Ton van Waard