Is CEH Right for me?

Viewing 10 reply threads
  • Author
    Posts
    • #4582
      captainbli
      Participant

      Hi everyone, First time poster.

      I have been working in the information security field for five years now.  I want to know if you guys think CEH is right for me?

      Background:
      M.S. Information Assurance
      CISSP, A+/Net+/Sec+, CCNP, CCDA, MCSE 2000/2003

      I plan on taking CISM in june and moving up into management later in my career. 

      CEH is really technical but alot of the stuff I have seen or heard of.

      Some advantages for me that I can think of:

      1.  Help me understand hacking to better defend against attacks
      2.  Looks good on my resume
      3.  Interesting and fun
      4.  Used for internal pen testing on networks

      Disadvantages include:

      1. Too technical for management type positions
      2.  May never use the knowledge or parts of it

      I plan on tackling this using self study by purchasing two books and setting up Virtual Machines to test.

      Any advice?  Skip this and just do CISA/CISM/CISSP-ISSMP/Compliance?

    • #28576
      KamiCrazy
      Participant

      Do you want to do management stuff in information security or do you want to do penetration testing.

      I think that really sums it up. Also once you complete your CEH, I think it really only starts you on a path, it doesn’t really mean you can do a complete pen test.

      So what do you want to do, INFOSEC management or penetration testing?

    • #28577
      captainbli
      Participant

      Kamicrazy:

      Infosecmanagement!  I dont want to be a pen tester.

      But I feel as a future information security manager I will need to write policies and procedures and understand generally how hacking is done, and the different types of attacks.

      So for example if a security engineer comes to me and says we have several cross site scripting vulnerabilities in our webservers, then I understand what he means.

      I think it would make me more marketable and be a better manager.  What do you think?

      If this helps…I am 28 and I have a 5-10 years before I get into those senior manager positions.

    • #28578
      BillV
      Participant

      Why don’t you just do the self-study like you already plan on doing to learn the concepts that you’re interested in, and then if you feel like taking the exam go ahead and do it? I don’t think, at this point, it will give your resume any added significant boost but it will surely complement what you have.

    • #28579
      hayabusa
      Participant

      I’d agree with BillV.  While CEH certainly may not be a management credential to hold, if you’re truly looking for a better understanding of the concepts, it certainly wouldn’t hurt to at LEAST self-study it, even if you don’t pursue the certification at the end.  Just studying the materials, if you truly do some Googling, etc, in the process, will lend a lot to your overall awareness and knowledge of the topics covered in the course materials and in day-to-day security ‘discussions,’ even if you never truly understand the underlying pieces of attacks and penetration tests.

      Good luck, and welcome.

    • #28580
      UNIX
      Participant

      I too think that self-study would be enough and depending on how you feel after your studies you may eventually take the exam or not. As you already obtained CISSP and some others, CEH may not be that important anymore for you.

    • #28581
      pawan_kumar
      Participant

      If you want to take training and certification on CEH v6
      Please contact Jodo Institute
      Jodo Institute is an Accredited Partner of EC-Council

    • #28582
      amol
      Participant

      Yes CEH is right for u

      Regards,
      Amol

      MCP,MCSA,MCSE,MCTS,MCTIP,CCNA,CEH

      @captainbli wrote:

      Hi everyone, First time poster.

      I have been working in the information security field for five years now.   I want to know if you guys think CEH is right for me?

      Background:
      M.S. Information Assurance
      CISSP, A+/Net+/Sec+, CCNP, CCDA, MCSE 2000/2003

      I plan on taking CISM in june and moving up into management later in my career. 

      CEH is really technical but alot of the stuff I have seen or heard of.

      Some advantages for me that I can think of:

      1.  Help me understand hacking to better defend against attacks
      2.  Looks good on my resume
      3.  Interesting and fun
      4.  Used for internal pen testing on networks

      Disadvantages include:

      1. Too technical for management type positions
      2.  May never use the knowledge or parts of it

      I plan on tackling this using self study by purchasing two books and setting up Virtual Machines to test.

      Any advice?  Skip this and just do CISA/CISM/CISSP-ISSMP/Compliance?

    • #28583
      kennut
      Participant

      Well, I won’t say CEH is certainly help me in my work (btw, I’m doing IT Audit work, so that’s why I need to have CISA certification to back me up when dealing with clients and management).

      For CEH, I did it for the part where it’s interesting to learn tools used by hackers and such way for defensive purposes etc. I’m fortunate that my company send me for 5 days training in EC Council. It doesn’t mean doing CEH, you will end up being a Pen Testers, which I’m still learning and I’ve seen some Pen Testers report, simply I’m out of words! (they’re good! )

      I know a lot of finance auditors who did CISA, and they passed it, and at the end, they’re not doing IT audit work, and for me, that’s a waste. The word CISA is just for the sake of “putting it in the name-card and looks good” for them!  😀

      CISM / CISSP may upgrade you to a management level dealing with Info Sec. that is you’re going to be less techie. Like billv and hayabusa said, it’s no harm for you to learn CEH even if you don’t take the cert if you feel dont’ taking it later. and it’s no harm too when it’s another + in your resume.

      anywa, good luck in your quest. 

    • #28584
      broknspyrl
      Participant

      I think from what you have said the CEH will compliment what you already have, i must admit i found the course very interesting and very useful.  Although i know some of what was taught it still raised awareness and opened my eyes to new and different techniques used.  I am particularly concerned with online security, forensics and pen testing.  The CEH was useful for all of these, although the course doesn’t have a specific area for each one, what it does do is give a very good broad overview and basic footing for other such certs

    • #28585
      caissyd
      Participant

      So for example if a security engineer comes to me and says we have several cross site scripting vulnerabilities in our webservers, then I understand what he means.

      BTW, CEH won’t teach you much about XSS, SQL Injection or anything “deep”. Since this certification covers many, many topics, they just can’t go deep.

      So while you are required to know about XSS and SQL Injection for example, the course won’t make you an expert in blind SQL Injection…

      So my advise is do it for yourself, not for your resume. CISSP already covers the basic, so you don’t need another one. But if your goal would have been PenTesting, It would be entirely different…

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?