HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 27 guests and 3 members online
EH-Net Donations

Enter Amount:
$
Google Ads
ChicagoCon 2008s
chicagocon2008s_125x200.jpg
ChicagoCon 2008s
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Featuresarrow Opinionsarrow [Article]-Insider`s View of Certified Expert Penetration Tester (CEPT)
Ethical Hacker Community Forums
May 09, 2008, 11:10:30 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: $100 Conference Only Tickets for ChicagoCon 2008s available NOW! Visit www.chicagocon.com.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Article]-Insider`s View of Certified Expert Penetration Tester (CEPT)  (Read 3921 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 2002


Editor-In-Chief


View Profile WWW
« on: January 15, 2008, 03:50:52 PM »
Interesting points made in this opinion piece as the IACRB insiders give you a view of how their ethical hacking credential differs from the rest.

Permanent Link: [Article]-Insider`s View of Certified Expert Penetration Tester (CEPT)

Quote


When approaching security industry luminaries over the course of the last year about the CEPT certification, the typical first response I have received is usually quite blunt: "Oh great", "YET ANOTHER CERTIFICATION. Just what the security industry needs".  And, to this point, I do have to agree, the security industry does not need another certification that:


- Tests a basic level of knowledge of INFOSEC subjects (ala the CISSP, SECURITY+, SCNP, ad infinitum.)
- Only tests the ability to regurgitate memorized information over a 2-6 hour time period
- Is easily compromised by cheaters downloading actual exam questions for $59.90 from "teh interwebs"
- Or, even worse, cheaters that cheat the exam cheater companies by pirating a copy of exam questions from bittorrent

All of this results in a large group of people that have achieved a specific certification, but, in reality, have no real understanding of the subjects tested OR, more importantly, the ability to perform job duties that the certification is CERTIFYING in the first place!

Add your thoughts about the CEPT certification and its examination process,
Don

NOTE: In the interest of full disclosure, ChicagoCon, presented by The Ethical Hacker Network, is offering this course for the 2008s event. The IACRB is an educational sponsor and the InfoSec Institute is a Partner of the event.
Logged
CISSP, MCSE, CEH, Security+ SME
BillV
Hero Member
*****
Offline Offline

Posts: 614


View Profile
« Reply #1 on: January 15, 2008, 09:48:43 PM »
I've never heard of the IACRB before Huh

I know that InfoSec Institute has been teaching the course for CEPT for a while. Was the IACRB just recently formed and taken responsibility for governing this certification now?

It's a good idea though, one that's been brought up in the past in many different places.
Logged
ChrisG
Hero Member
*****
Offline Offline

Posts: 847


View Profile WWW
« Reply #2 on: January 16, 2008, 07:39:18 PM »
Quote
That's the CEPT. If you have it, you know pen testing in and out. Backwards and forwards. No doubt about it.

thats a very very bold statement.  i know a couple of people that have taken the course, i'll have to get them to validate that.
Logged
...tests i took go here...

http://carnal0wnage.blogspot.com/
oleDB
Full Member
***
Offline Offline

Posts: 194



View Profile WWW
« Reply #3 on: January 28, 2008, 12:00:43 PM »
I would be interested in learning more about the constraints of phase 2. Does this need to be a previously undiscovered vulnerability or is this in some kind of lab environment with plenty of vulnerabilities to choose from? How would they guard against plagiarism if the practical is take home? I would feel more comfortable with their bold statement that Chris mentioned if the work was done in a lab with a proctor versus someone at home with access to other people and the "interweb"
Logged
ChrisG
Hero Member
*****
Offline Offline

Posts: 847


View Profile WWW
« Reply #4 on: January 28, 2008, 04:30:31 PM »
its known vulnerable (to them) binaries, i think 1 or 2 windows and at least 1 linux and you have to reverse a binary. unproctored.
Logged
...tests i took go here...

http://carnal0wnage.blogspot.com/
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.4 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.037 seconds with 23 queries.
 
BackTrack2 VM w/ MSF3

Get it here NOW!

Polls
My next certification will be from:
 
Support EH-Net
chicagocon2008s_125x200.jpg
ChicagoCon 2008s

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

chicagocon2008s_125x200.jpg
ChicagoCon 2008s
 
         
Advertisement

© 2008 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.