Posted 03 March 2008 - 09:42 PM
Posted 04 March 2008 - 05:03 AM
You can do your own research and make up your mind from your research findings.
CEH is a Curriculum developed by the 'EC Council'. Their home page can be found at hxxp://www.eccouncil.org/members.htm
Take careful note of the fact that they have very distinguished members of their 'Honorary Council'.
Then investigate the 'Corporate Officers'.
Notice little things like the absence of bio's/pics of same.
Do some research on the domain info.
Query (nslookup) for where it's hosted.
Remember: Sic Caveat Emptor
Posted 04 March 2008 - 09:01 AM
Systems Security Certified Practitioner (SSCP) from ISC2: hxxps://www.isc2.org/cgi-bin/content.cgi?category=98
CISA or CISM from ISACA: hxxp://www.isaca.org
One of the SANS GIAC certs; overview at hxxp://www.giac.org/overview/
Each of these will lead you down slightly different paths for development and opportunities. All are well respected and will get a real look at your resume. The SSCP is perhaps the less known of these. ISC2's premier cert is the CISSP, but you need to have more years of verifiable professional experience to win it. The SSCP cert covers much of the same material and doesn't require as much actual work experience.
There are a variety of training resources for all of these, including books, online training and classrooms.
Best of luck.
Posted 04 March 2008 - 10:22 AM
I strongly agree with gapingvoid, You would be better off taking a CISSP or a CISA although they are quite different from CEH (I have my CISSP - Associate of ISC2 in May, since I dont have the 6 years of experience required). What I have understood from the Security Community here in India, CISSP is THE certificate to get!
Posted 13 March 2008 - 07:26 PM
Senior Cyber Analyst
Vulnerability Assessment Analyst
IT Security Analyst
Security Penetration Consultant
Security Consultant etc....
So I would say to go for it. I don't think having it will hurt, I think the possibility of it getting you an interview alone is worth the time/money spent to get it.
*as a note: I don't have my CEH and have not tried to get a job on that basis so the real value ? I don't know?
Posted 16 August 2008 - 10:27 AM
and what i feel is being a CEH is nothing but a cliche nowdays
which has ultimately caused the downfall of the certificate itself.
CEH certification is very basic not so challeging and very easy to get.
Certification's to considering with respect to career growth are GIAC's ,
CISSP,SSCP,CISA/CISM as suggested above.
I don't know how beneficial CPT/LPT(specialised certification) are??
Posted 19 January 2009 - 01:16 PM
Are there any other better certs for penetration testing specifically? The EC-Council did just come out with their more advanced "Certified Penetration Tester" but I haven't read through it yet. SANS has their auditor certs but Auditor != penetration tester. CISSP/SSCP/CISA/CISM are all too general and mostly off topic for penetration testing. So AFAIK this would be the best place to start, then you could go on to the more challenging CPT.
The gopher is back!
Posted 06 April 2009 - 04:16 AM
Posted 26 April 2009 - 12:23 PM
I have the CISSP and other certs like ITIL, blah blah..
My opinion is that if it helps you discover things you know and dont know then its worth taking the course and tests.
In our day the more certs you have the better. Many expect us to know everything which is the reason (I believe) the CISSP is so valuable because its multiple areas within security that are important to know and work with.
The CEH is more specific for knowing how to hack, and to protect against it (or at least try to make it more difficult and time consuming for the person trying to break in).
If someone wants in to your system, they will get in eventually. The CEH is helpful if you are using your logging systems and firewalls, etc for forensics.
The materials for the new course are really good and if you are really interested let me know because I got a great price for my pack.
Posted 30 April 2009 - 10:50 PM
Recently, I got to view the SANS GSEC study material. I found it quite good and it covers a lot of ground. I feel that even the CEH teaches almost the same things, except for the UNIX part(yes, this is quite crucial, but it's missing in CEH). If the GSEC is giving you more weightage to your resume, you can go for it. Personally, I don't feel CEH is so bad, IMHO.
Posted 01 May 2009 - 08:58 PM
Posted 07 May 2009 - 05:34 PM
Those individuals I would show the door, Useless in my opinion. The ECC classes hold alittle more weight as the day is mostly book, and hands on in the afternoon/evening till 10-11 PM. You go through buffer underruns/overflows, session hijacking, CPU cycle overloads etc, find hidden networks, and plain ole have fun with your peers.
I would recommend if you take the CEH class you understand the legal aspects of what your being taught, then check out FoundStone and pursue some training their. Setup your own lab, and learn and learn and just when you think you got it you' should realize you know nothing and your quest for information will take you to the four corners of cyberland. Check out the wonders of the bandwidth era, learn, learn and then learn somemore. Pursue other CERTS but you have to decide a path you want to take. InfoSec or NetSec. CyberSecurity is a multi-disciplinary realm but idealy it boils down to those 2 elements.
Just remember in the end a CERT is just a piece of paper. Its the person who holds that paper that helps Management decide wether they are worthy of the big bucks or not.
Some areas for you to look into if your interested is the CWSP, Foundstone Hacking, CISA, CCNA, CCNP, CCIE, Risk Assesment's, interpersonal communication, learning public speaking, NSA IAM/IEM are a few. Best of luck to you in your pursuit.
Posted 18 May 2009 - 11:23 AM
EC-Council Certified Ethical Hacker (CEH) EC-Council Certified Security Analyst / Licensed Penetration Tester (ECSA/LPT) Offensive-Security Certified Penetration Tester (OSCP) Offensive-Security Wireless Penetration Tester (WiFu) CompTIA Security+ CompTIA Linux+ Managing and Maintaining a Windows Server 2003 Environment (MCP) Installing, Configuring, and Administering Windows XP Professional (MCP) Implementing and Administering Security in a Windows Server 2003 Network (MCP) T-Berd and Anritsu Site Master Certified (Tessco) Information Warfare And Web Security (MCI) System Administrator Security (MCI)
The CISSP is next and I've failed once as it is but the CEH will or may get you an interview. Really depends on how you sell yourself.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users