EH-Net

Hi Again guys

Yet again, i have another question on certification comparisons i need some advice on :)

I am based in the UK and would eventually like to become either CHECK, CREST or TIGERSCHEME Senior certified as these are
the most highly rated security testing certifications in the UK but unfortunately I am unable to do one of them because I dont
have the experience or the money at £1600-£1700 (2500USD) per exam.  I am therefore looking for an alternative
certification to help me get into the security testing industry and would like some advice on which to choose next.

I currently hold the Comptia Security+ and GIAC GCIH certification as of last year and am thinking of going after either the CEH
or GPEN next.  Unfortunately I cannot afford to attend either course and will therefore have to prepare using self study.

The GPEN exam cost £560 (900USD) and the CEH cost £150 (250USD) which is quite a difference in price but would like to know
which of the certifications would be more attractive to employers?

Any comments appreciated  :)

Hey T_bone,

It really depends... Ill try and outline the pros and cons of each below:

CEH:

+ The CEH name has more recognizably right now as the GPEN is still relatively new. HR screening personnel know what a CEH is, some might not have heard of the GPEN.

- Anyone who is a real security person i know laughs about the CEH cert based on its old format. It used to be a half hazard, loosely jointed, outdated tools test. The new versions of the test are greatly improved but unfortunately it left a bad taste in some peoples mouths.

- CEH is a non-hands on test.

GPEN:

+ Hands on test. Recently SANS added some practical/hands-on portions back into their tests. Which is good in my opinion.

+ GPEN is a more technical and in depth test. Anyone who knows about SANS/GIAC knows the test curriculum and program are the best right now for a Penetration Testing specific course.

- Still relatively new and might not be recognized by HR handlers.

Hope that helps.

Hey Jhaddix

Thanks for the quick reply.

Yeah I understand what you mean about how the CEH is felt by real security folk.  I have a friend in the industry and he told me that every security consultant he knows laughs about the CEH, which is why i am reluctant to take it, but when viewing job posts here in the UK for security roles  the majority ask for CHECK or CREST (which is what he is) and you sometimes find the odd one that asks for CEH but never SANS( I think i have only ever seen one posting). 

I quite like the sounds of the OSCP and the E-Learnsecurity course set to be released early this year also but as most HR personel dont know SANS i very much doubt they would know either of these.

Its difficult cause of my lack of experience i am trying to get certs to show my enthusiasm and understanding but the cost is so extreme and do not have a company that can pay for it as i work as a contractor in sys admin.

Hi,

I'm currently both CEH & GPEN (as well as GCIH) and currently progressing towards Check Team Leader so feel that I might have quite a good perspective on this :)

CEH is a bit of a joke really - I only took it because I had some training funding which paid for the exam. I did a bit of self study and used the various practice exams and questions scattered across the net. The actual exam took me about 30 minutes point'n'click. People tend to view it as giving you a lot of info on viruses and snort and not much else. However it is very widely recognised and everyone in HR (or an OCR programme) knows it.

GPEN was a great course, it sounds like your thinking of just doing the exam challenge without the course - not something I would recommend!! Although the SANS exams are open book as you know from your GCIH, you still need the books to give you the info! I created an index of my notes and this was totally invaluable in passing - I would have still passed having done the course, a week of revision and 2 practice exams, but it would have been more difficult.

It may be worth looking at the Tiger website http://www.tigerscheme.org/ (http://www.tigerscheme.org/) as they have a tiered approach which would allow you to progress through to CTL. The last comment I'd make is that you cant actually be Check/CREST/Tiger unless your working for a company  which is tied to those organisations, so most people get so far on their own then their company puts them through Check equivalence after relevant experience.

Regards,

Rob :)

grinderman: thanks for the awesome perspective!

A side note, which is interesting, the OSCP actually is gaining some name space. I've had it on on my resume and gotten questions as to how the training and test was. It was very surprising. Real sec people know Muts and the OS people and have much respect for their program.

Thanks for the reply grinderman, that is indeed helpful

So realistically i should probably go for the CEH as it is the cheaper option to add an extra cert to my CV which i hope will work in my favour.  I have checked out the Tigerscheme and the Qualified course and exam is £1590 plus VAT so once again very expensive.

I think at the moment i am just looking for the cheaper and easier way of getting a foundation to enter the security arena, what qualifications did you guys have when you first started off? Or did you just get a break?

I had a Cisco background in a past life. I took the GSEC 1st GPEN 2nd to break into security.

Really, if you get to a real interview person, try show them you are passionate about current security issues. Let them hear you talk about SQLi, XSS, Newer kernel exploits, etc. They will hire passion over certs in my opinion. Their gonna have to train you for their process/infrastructure when you get hired anyways ;)

Jason, would you go with GPEN or OSCP if you had to chose?

I'd say GPEN first then OSCP later =)

See this is so frustrating because  my first choice would be to do the GPEN, but would have to do it without attending the course as it is expensive (unless i manage to get the facilitator role as i did with GCIH again, but feel it was a lucky break).  I believe that if i could afford the materials that SANS offer as Self study (which i believe includes books and audio) that would be fine or actually just the books i believe would be sufficient, but this is still too expensive!

I have to admit i am not getting a lot of love for CEH so far and to be honest am not surprised cause its not really the option i wanted to take either...

Decisions.................

I just wish i won the lotto right now  :)

T_Bone,

The only tests i think SANS could offer that you couldn't pass without the physical classes is the GSEC,  GCIA, GCFA, GREM, and GAWN.

GPEN is totally do-able self study. All the answers are in the books. Study hard and create a spectacular index you will pass.

I can only speak about CEH as I have done the course, will soon go for the exam and recently had a job interview where I was able to bring it up as well.
I thought that it was only little known by the interviewer, probably because it is more known in the USA - however, it helped to demonstrate that I am interested in security and do more than 'necessary'.

The exam itself (without any course) seems to be quite cheap compared to some of the other certs, therefore I would go for it, if money is short but you want something to do.

I also hold both CEH and GPEN. In my interview for my current position, neither was mentioned or brought up specifically - likely because neither qualify for 8570 currently - but they did say that my security certification were what really stood out, and that probably helped give me an edge on the other candidates.

In my interview yesterday, the manager was familiar with SANS/GIAC but had not heard of GPEN. He also had not heard of CEH or EC-Council.

I agree with Jason, you can surely do GPEN self-study, just make sure you become very familiar with the tools/topics that are listed in the bulletin.

It's certainly a tough decision to make. As you've mentioned the CEH has shown up on job postings (and it is probably more widely known), plus it's cheaper, I would probably go that route.

I have made a decision to do the CEH now and hopefully fingers crossed will be accepted to be a facilitator at the same SANS conference I did last year!

Thanks for your input guys, i am sure this will not be the last question i ask  :)

I decided to do the CEH/ECSA/LPT route as it was vastly more affordable than GIAC certs.

I think I could probably do the GPEN without attending the course as long as I had access to the study books. Once I am done with CEPT I think I might give that a go.

(Shameless plug, if anyone would like to sell me their recent GIAC study materials, please send me a PM.)

However the GIAC GWAPT course looks interesting. Not many options out there which focuses on web apps.

Hey guys,

I have a 2008 version of GPEN materials with me, just the book & not the mp3 files. Will it be enough to clear the exam on a self study way with just the book n practising the tools or is it necessary to go for the new version of the study material??

First, I believe your question would get more answers if it were posted as it's own topic, rather than hi-jacking this thread.

Second, I have taken the GCIH and I am preparing to take the GCIA from GIAC.  I will offer my experience.

I passed the GCIH with older course ware and MP3 from the OnDemand program, it did not effect my score in anyway.  In my experience the course ware will take you a long way to teach you the material and pass the exam.  Especially since the the GIAC tests are open note/open book.  In preparing for the exam, I would recommend that you make an index of the course ware before you take the test.  It will assist you in locating information quickly during the test.  While it may be possible to look up every answer to the test in the time allowed, it helps to actually know the material hands on.  I would recommend you work with the exercises and quizzes in the course ware.  Setup your own lab (even if it is just a VMWare image) and use the tools taught in the material.

Good luck.

Be careful Nigen. Having someone else's material from SANS may break usage rights.

Don

Hi unsupported..

I would make sure I don't hijack any thread again & yeah thanks a lot for sharing your experience  :)

@ Don...

I would keep that in my mind too  ;)

@ Nigen

I agree with both Don and Unsupported, but from my experience from performing the GCIH exam.  The MP3 files and course books should definitely be sufficient.  The overall course structure is not likely to have changed much but maybe a few updates to tools used i.e i noticed that in my coursebook maltego was referred to as an information gathering tool but the audio didn't focus on maltego but Samspade instead. There were a few others like this also but is not a huge change!  :)

@ T_Bone

hey many thanks on ur views too, I think I can go ahead confidently with GPEN now. Yup we have to keep ourselves updated with the tools. That is one important thing too. Anyways thanks a lot for your information :)

sad to say GPEN or programmes from SANS are not that widely available in Asia region unless sometimes, they do offer courses in Singapore etc, so CEH is more known in Asia country.

so I would say CEH here for Asia.  ;D

if anyone would like to donate or  help  me with a affordable price.

Their recent CEH study materials,books, Cd's or
the security + 2008 please send me a message,

New student , I have check usa jobs no jobs postings yet. in past  week
we lost 224, 419 jobs in florida last quater.

thanks

I've posted before  that the your local library (county or school) would be a great resource for finding low cost materials.  I think you may be more likely to find Security +, rather than CEH, but it is worth a shot.

Also, what kind of job are you looking for?  Where in Florida are you located?

Good luck!

Is it even permitted by EC-Council to sell ones official courseware (books, CDs, etc.)?