To earn the prestigious EC-Council LPT (Master) Credential, you must
successfully pass our most challenging practical exam available. The LPT (Master)
practical exam is the capstone to EC-Council’s entire information
security track; from the Certified Ethical Hacker Program (CEH) to the
EC-Council Certified Security Analyst (ECSA) Program. It all culminates
with the ultimate test of your career as a penetration tester – the
Licensed Penetration Tester practical exam.
You will need to demonstrate a mastery of the skills required to conduct a full blackbox penetration test of a network provided to you by EC-Council on our cyber range. You will follow the entire process taught to you through CEH and ECSA, taking you from reconnaissance, through scanning, enumeration, gaining access, maintaining access, then exploiting vulnerabilities that you will have to seek out in a network that only a true professional will be able to break. EC-Council will provide the entire cyber-range through its cloud based cyber range, iLabs. All toolsets are provided to you, you bring the skill.
To successfully pass the LPT (Master) practical, you must fully document your pen test in a complete, professional penetration test report. This report will follow formats learned in the ECSA program, following industry acceptable, penetration testing and reporting procedures used by only the top professionals in the industry. This report will be reviewed and scored based on a complex rubric by other penetration testing professionals dedicating to upholding the value of EC-Council’s LPT (Master) Credential, and enhancing the professionalization of cyber security as a field.
While the Certified Ethical Hacker course teaches threat agents that can compromise the security posture of an organization, and the EC-Council Security Analyst program provides a repeatable and documentable methodology for deep analysis of an organizations security posture, the Licensed Penetration Tester exam tests the mastery of the skill-sets required to be a true professional penetration tester – Technical Analysis and Report Writing.
To build on the technical skills taught in the CEH course, the ECSA course emphasizes application of a suitable methodology and report writing. The LPT (Master) practical exam thoroughly tests the application of this knowledge and the skills required in an examination that even our reviewers have called “extremely challenging”. There is no course for the LPT (Master) exam. The LPT (Master) Exam is the final step after the intense training and certification that you would have received in the Certified Ethical Hacker and the EC-Council Certified Security Analyst programs.
Many have described report writing as one of least preferred, yet arguably one of the most critical parts of any penetration testing engagement. While so many courses are offered globally to cover various subjects in the information security realm, hardly any are dedicated to this very important skill, especially almost half of all time spent at any penetration testing engagement can revolve around writing and reporting the core findings of the engagement to the client. Explaining a highly technical finding in an elaborate penetration test engagement to someone not technical like the CEO of a company, the senior management or even the board of directors can be very challenging and frustrating at times. Mastery of communication, research and report writing is required to make sense of technically complex topics like specific vulnerabilities and their resulting exploits in a meaningful manner than an organization can use to make educated decisions to improve their own security posture.
EC-Council’s Licensed Penetration Tester(Master) is a natural evolution and extended value addition to its series of security related professional certifications. The LPT (Master) standardizes the knowledge base for penetration testing professionals by incorporating best practices followed by experienced experts in the field.
The objective of the LPT (Master) is to ensure that each professional licensed by EC-Council follows a strict code of ethics, is exposed to the best practices in the domain of penetration testing and aware of all the compliance requirements required by the industry.
The objective of Certified Security Analyst “pen testing” certification is to add value to experienced Information Security professionals
Unlike a normal security certification, the LPT (Master) is a program which trains security professionals to analyze the security posture of a network exhaustively and recommend corrective measures authoritatively. For many years EC-Council has been certifying IT Security Professionals around the globe to ensure these professionals are proficient in network security defense mechanisms. EC-Council’s license vouches for their professionalism and expertise thereby making these professionals more sought after by organizations and consulting firms globally.
You can read more about this at https://www.eccouncil.org/programs/licensed-penetration-tester-lpt-master/.
Steps to Become an EC-Council Licensed Penetration Tester (LPT) via self-study mode:
To be eligible to apply to sit for the LPT (Master) Exam, candidate must either:
Be an ECSA member in good standing (Your USD100 application fee will be waived);
or Have a minimum of 2 years working experience in pen testing (You will need to pay USD100 as a non-refundable application fee);
or Have any other industry equivalent certifications such as OSCP or GPEN cert (You will need to pay USD100 as a non-refundable application fee).
On an average, application processing time would be between 5-10 working days once the verifiers on the application respond to EC-Council’s requests for information.
No, the $100 application fee is not refundable
The approved application is valid for 3 months from the date of approval.
Once your application is approved you can proceed to purchase your exam voucher either from EC-Council Online Store or one of our authorised training channels.
You will receive an Aspen Dashboard access code with instructions as part of your purchase towards the LPT (Master) exam.
The Aspen Dashboard access code is valid for 3 months from date of receipt.
The Aspen Dashboard access is valid for 45 days from the day it is unlocked using a valid key.
The Dashboard consists of:
The candidate is required to complete 3 levels of the challenge and submit their pen testing report in-order to complete the exam. Each level consists of 3 challenges. It is mandatory to complete at least one challenge per level to qualify for the next stage.
The exam challenge duration is 6 hours per level.
Sessions are required to be booked 3 days in advance of the desired exam date.
Note: All exam sessions are proctored by EC-Council Certification department.
Once you are ready to proceed with your exam, you need to ensure you understand the below:
Retake exam requests can be only purchased should a student fail by writing to [email protected]. Retake exam attempts will be priced at $199 per level.
Note: All 3 levels of the challenges as well as the report is required to be submitted within the 45 days window. This includes re-attempts if any
Report submission can be extended for 7 days only by paying $100 as long as the dashboard is active.
Note: Should the dashboard expire the candidate will need to purchase a new kit.
The LPT (Master) certification is valid for two (2) years from the date of certification.
Yes, the LPT (Master) certification falls under the ECE policy.
$250 per annum.