CEH w/o taking the course

Viewing 12 reply threads
  • Author
    Posts
    • #4559
      bamed
      Participant

      I’m looking at obtaining my CEH.  I’ve already got my OSCP.  I noticed on the EC-Council it says:
      “If you have opted for self-study and not attended training, you must have at least two years of information security related experience.”

      Anybody know what counts as “security related experience.”
      I’ve been a sysadmin for 6+ years.  My job includes some security aspects such as managing the firewall, IDS, etc.  Would this count, or do I need more specific experience?

    • #28473
      unsupported
      Participant

      You just need to submit a form (http://www.eccouncil.org/portals/0/documents/CEH-Exam-Eligibility-Application-Form.pdf) from your manager type person outlining your experience.  I had the requisite time, but I just outlined my duties and other certifications I had obtained.  Just be honest and see what happens.  I think having OSCP should be enough.

    • #28474
      UNIX
      Participant

      I too would say that it counts – just write what you have done so far and see how things will go. As far as I know EC-Council is very accommodating, so there shouldn’t be any problems.

    • #28475
      sandcrawler
      Participant

      I just got my CEH a couple weeks ago and I was in much the same situation as you…  My experience came from a small municipal government agency which I haven’t worked at for a couple of years.  While I was there (8 years) I became primarily responsible for all aspects of security.  That included firewalls, IDS, antivirus, countermeasures and a small bit of forensic work, etc.  I just detailed this in brief and prefilled the form for my old supervisor.  She signed it and I faxed it to EC-Council.  If I remember correctly they responded in less than 8 hours with the code I needed to register for my exam.

      With that said, the content of the test was NOT what I expected.  I used resources I had here at work to read a couple of the study guides available via books24x7.  It seems the books more or less skimmed over the content enough to say..  “This is what you need to know…” but it was apparent from the depth of the questions that you really HAD to know more than what the book taught.  I even googled one of the apps mentioned in the test because I was sure I hadn’t read about it in either guide and still to this day don’t know what the right answer is.  Granted, I didn’t spend a lot of time looking for the answer because I’m sure it exists but I didn’t feel like it was relevant enough to pursue at this point in time.

      Good luck!

    • #28476
      UNIX
      Participant

      sandcrawler, were you able to pass the exam because of your working experience as you wrote that the guides were not sufficient or deep-enough? Just curious, as I am using CEH Prep Guide and CEH Official Certified Ethical Hacker Review Guide as well (beside others) and will probably take the exam within February.

    • #28477
      bamed
      Participant

      OK, my supervisor will have paperwork filled out by the end of the week.

      Now answer me how well the knowledge gained passing the OSCP will help when taking the CEH?

    • #28478
      BillV
      Participant

      It’ll help that you have some experience with the process and many of the tools. The OSCP focuses on BackTrack though and the CEH is more of  general overall view of ethical hacking. You’ll need to become familiar with some of the laws, the phases of an attack and various terms used. Typically it’s recommended to go the opposite route, CEH -> OSCP, but I’m sure you’ll be fine. Your experience will be fine.

    • #28479
      unsupported
      Participant

      @awesec wrote:

      sandcrawler, were you able to pass the exam because of your working experience as you wrote that the guides were not sufficient or deep-enough? Just curious, as I am using CEH Prep Guide and CEH Official Certified Ethical Hacker Review Guide as well (beside others) and will probably take the exam within February.

      I passed reading those two books and also setting up a lab of three computers.  Some of the tools I worked with live were Wireshark, NMAP, Snort, Cain and Able.

    • #28480
      sandcrawler
      Participant

      awesec,

      For me it had more to do with experience, logic and some common sense than the books.  That made it more difficult as I’ve been doing systems management instead of infosec the past three years.  The books helped some with terminology and process but the V6 tests have a lot of new stuff even compared to what was in those books. 

      Everyone will have a different experience with the test, I’m sure.  I expected a lot more questions based on tools like nmap and snort with which I’m familiar and I found more questions on the test based around windows group policies to which I know very little.  As a matter of fact I don’t remember a single snort or nmap question.

      If I had to do it all over I’d do a better job of looking at what each module expected me to know and studying more on the modules I felt weak at.

    • #28481
      T_Bone
      Participant

      Hi

      I really wanted to do the CEH exam after self study but as said a letter of recommendation is required from my employer.  I am currently a contractor and to be honest didn’t really want my employers to know i have an interest in security in case it has an adverse affect but cannot do it without this letter.  Do you know whether ECcouncil actually contact my employers in regards to the letter for more detail?  I am thinking of asking my manager for a recommendation letter but without going into any detail

      Cheers

    • #28482
      UNIX
      Participant

      I don’t think that they contact each employers as this would be very time consuming, though I am not sure.

      I would just try it and see what happens.

    • #28483
      Don Donzal
      Keymaster

      If you’re a contractor, aren’t you your own employer?

      Don

    • #28484
      rattis
      Participant

      Don

      Depends on who the contract was written. The place I work at now, I started as a contractor. I was a 1099, but a contract house dealt with finding the job and doing the billing (for their cut of course).

      Shady, but when you’re desperate for a job, then you take what you can get.

Viewing 12 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?