Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


EC-Council Certification Guide

Aug. 22, 2019
Daniel Cummins

The career path of a security expert inevitably includes training and certifications. For those of you who have conquered the foundational security certifications, you may be wondering what’s next. You should consider EC-Council certifications.

EC-Council’s mission is to “create a better, safer world through awareness and education.” They create courseware and certification in a variety of security topics including the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), EC-Council Certified Security Analyst (ECSA) and Licensed Penetration Tester (LPT) programs. With all of these certification choices, where should you begin? This quick reference guide will highlight the various certification tracks to help you find your path through the EC-Council programs.

EC-Council breaks their certification programs up into six tracks, each one focusing on a different element of cybersecurity. The six tracks are:

  1. Foundation
  2. Vulnerability Assessment and Penetration Testing
  3. Cyber Forensics
  4. Network Defense and Operations
  5. Software Security
  6. Governance

Your next certification should be based on the kind of job you have or the kind of job you want.



The Foundation Track was designed for computer users. It provides foundational training on cybersecurity awareness and basic security knowledge. It consists of three certifications.

  • CSCU - Certified Secure Computer User
    • CSCU is an introductory certification to basic security awareness and fundamental security knowledge. It will help prove that you can limit your exposure to the common threats that users face online like identity theft, e-mail hoaxes, hacking and social engineering attacks, among others.
  • ECSS - EC-Council Certified Security Specialist
    •  ECSS continues where CSCU left off by testing your knowledge of information security. Specifically, you will be expected to understand how to protect data against confidentiality, integrity and availability attacks as well as utilizing proper access control to keep data secure.
  • ECES - EC-Council Certified Encryption Specialist
    •  ECES will prove your knowledge of the field of cryptography. You will be expected to demonstrate your understanding of the various encryption algorithms as well as how these ciphers are used in Information Technology such as disk encryption and VPNs. With the knowledge gained from studying for this certification, you will be better prepared to select and deploy appropriate encryption technology for your organization.


Vulnerability Assessment and Penetration Testing

This track is one of the most well-known EC-Council tracks. The certifications in this track focus on the defensive and offensive sides of security testing. This track is broken up into three tiers.


  • CND - Certified Network Defender
    • CND is designed for network administrators to learn how to make their networks more resilient against attacks and to detect and respond to intrusions. Essentially, this is a defensive security certification.
    • Related training: CND - Certified Network Defender
  • CEH - Certified Ethical Hacker
    • CEH is designed for security experts to learn the hacking techniques of real threat actors so they can better prepare for the threats and identify the vulnerabilities before they are exploited. Essentially, this is an offensive security certification. Once you achieve the CEH certification, you can pursue the title of CEH Master by completing a practical evaluation that tests your skills in real-world situations.
    • Related training: CEH - Certified Ethical Hacker v10



  • CTIA - Certified Threat Intelligence Analyst
    • CTIA is a “comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence” including planning and reporting on threat intelligence as well as addressing all stages of the Threat Intelligence Life Cycle.
  • ECSA - EC-Council Certified Security Analyst
    • ECSA is a continuation of CEH and presents various kill chain methodologies covering a variety of different pentesting requirements. The purpose is to help you take the tools and techniques learned in CEH and to enhance them into skillful exploitation following EC-Council’s published pentesting methodology. Like CEH, ECSA has a practical exam as well to test your penetration testing skills. The purpose is to demonstration the application of your skills, going beyond theory to the real world.



  • LPT - Licensed Penetration Tester
    • This 18-hour long practical examination is designed to separate the beginner from the masters. You will be required to demonstrate mastery in advanced pentesting techniques and tools in real life scenarios. It is intentionally a stressful exam designed to push you and prove that you have what it takes to do penetration testing in the real world.


Cyber Forensics

The Cyber Forensics track is designed to train and certify professionals to investigate cyber attacks and collect evidence securely, oftentimes to present in a court of law to prosecute a cyber criminal. This track starts with Core certifications CND and CEH (see above). You would then proceed with the Advanced certifications, which includes CTIA (see above).



Network Defense and Operations

The Network Defense and Operations track is focused on the ability to defend the network from threats by doing proper incident response and disaster recovery. The Core of the NDO track is CND (see above) but also has Advanced and Expert level certifications, including ECIH (see above).


  • EDRP - EC-Council Disaster Recovery Professional
    • When disaster strikes your organization, you must rely on skilled execution of Business Continuity and Disaster Recovery plans. EDRP is a certification that validates a candidates ability to plan, strategize, implement, and maintain a BCP and DRP.


Software Security

In today’s world where everything is available online, the importance of securing our web applications is higher than ever. However, there is a significant drought of security focused application developers. In this track, emphasis is given to the importance of developing our applications with security as part of the design rather than as an afterthought or add-on.

To complete this track, you would start with CSCU (see above) and end with CEH, ECSA and LPT (see above). In between are two certifications focused specifically on two common web application technologies, Java and .Net.


The governance track is focused on security leadership through the CCISO-Certified Chief Information Security Officer. This certification is broken into five domains: Governance; Security Risk Management, Control, and Audit Management; Security Program Management and Operations; Information Security Core Competencies; and Strategic Planning, Finance, and Vendor Management. The goal of this certification is to give the security executive all of the skills necessary to strategically lead the security efforts of the organization and ensure that those security efforts stay in line with the overall business strategies and objectives.


Related EC-Council Training

If you are planning to include EC-Council certifications into your career path, Global Knowledge can help prepare you. We are a multi-time EC-Council Training Center of the Year award winner. Leverage the knowledge and expertise of a live, expert instructor, participate in discussions with your fellow participants, and practice with virtual, hands-on labs, all from the convenience of your home or office. With Global Knowledge support and training, you can be well on your way to a satisfying security career with EC-Council certifications.

Related resources