Should I go for GCIH after CEH?

Viewing 11 reply threads
  • Author
    Posts
    • #3367
      unsupported
      Participant

      I am burning my way through CEH self study and I am going to test in a few weeks.  I wanted to know if it would be worth my while to also go back for GCIH.  GCIH was my first pick for my next certification, but due to department budget issues not being resolved, I went with my second choice.  Is there a lot of overlap in CEH and GCIH?  I’ve been told that GCIH focuses more on defense and incident response, where CEH is more of attack (which is what I am finding).

      Your opinions are appreciated!

    • #22189
      charlottebandit
      Participant

      GCIH is primarily focused on Incident Handling which is a solid subject to focus on, although you may be better off focusing on GPEN (Network pentesting) and GWAPT (Web Application Pentesting) which is more of what you’re looking for.

      Now of course most of these tracks assume little to no security to pull these off so I would also suggest strong familiarity with security infrastructure that supercedes a simply firewall and IPS.  As part of PCI compliance now (since 7/08), it requires a web app firewall to address top 10 owasp vulnerabilities which can also focus on web services security.  Plus there’s endpoint security, network admission control for posture assessment, email & web content filtering, network security management (event correlation & mitigation), and more.  Many networks are bound to have at least one of these, if not more.

    • #22190
      Jhaddix
      Participant

      Hi again Unsupported!

      I would def go with GCIH. In my opinion, as well as my bosses, GCIH is more marketable to employers. Incident Handling is a valuable skill to have, especially in these times. As a plus you also get the hacker exploits and techniques part which preps you for offensive security and pentesting if that’s what you are looking to do.

      There are about three reviews below your topic in the forums reviewing GCIH and I also recommended reading here:

      http://blog.networkfoo.org/?tag=sans-504

      Also i tend to tell students to look into getting the Certified Network Defense Architect if they will be consulting gov or state agencies. Same test as the CEH, different name. State/gov offices don’t like the word “hacker” in anyone’s title, the exam code for that CNDA is 312-99 and you have to email EC to get to take it.

      Good luck!

    • #22191
      vijay2
      Participant

      I would just say that there is no comparison between the 2 courses. The focus of both certs is totally opposite. CeH focuses mostly on the offensive security mostly on attack tools while GCIH focuses on Defesnive and Incident Respones.

      Though there might be  some overlap of what is coverd in both, the focus is totally opposite.

      It all depends on what your job requirement is to choose one over the other.

      Thats my 0.001 cent

      VJ

    • #22192
      BillV
      Participant

      @Jhaddix wrote:

      Also i tend to tell students to look into getting the Certified Network Defense Architect if they will be consulting gov or state agencies. Same test as the CEH, different name. State/gov offices don’t like the word “hacker” in anyone’s title, the exam code for that CNDA is 312-99 and you have to email EC to get to take it.

      Alternatively, once you have earned CEH you can pay a $50 (last I checked) fee to receive CNDA (and I’m sure there’s some sort of application/paperwork that goes along with it).

      BillV

    • #22193
      Xen
      Participant

      Alternatively, once you have earned CEH you can pay a $50 (last I checked) fee to receive CNDA

      I just checked EC-COUNCIL’s website. It states that

      The CNDA certification is awarded only to employees who work for United States Government and Military Agencies

      From where did you get this info.?

    • #22194
      Jhaddix
      Participant

      @Xen wrote:

      Alternatively, once you have earned CEH you can pay a $50 (last I checked) fee to receive CNDA

      I just checked EC-COUNCIL’s website. It states that

      The CNDA certification is awarded only to employees who work for United States Government and Military Agencies

      From where did you get this info.?

      I believe its in the faq section… maybe…

      They tell you when you email them. And as stringent as the requirement sounds it not hard to convince them to let you switch the title.

      On a side not i one saw a guy touting BOTH certs… i didnt want to say anything, but i thought it was funny. Using 1 test for two titles.. cmon! 😛

    • #22195
      BillV
      Participant

      @Xen wrote:

      From where did you get this info.?

      I don’t remember. I’m involved with lots of EC-Council stuff… maybe a webinar where that was announced?

      The application form is available here:
      CNDA Application.

      BillV

    • #22196
      unsupported
      Participant

      Thank you all for the information regarding GCIH.  My team is moving towards a security operations center (CIRT level 1) role and I think once I self study I can get my manager to pop for the cheapest SANS training option.

      Thanks for the link to the CNDA application.  I may be able to swing it, as long as their interpretation of US Govt. Agency is loose.  I work for a big company who is good friends with the government and I have enough ties to an agency/program to be able to keep “secrets”.

      Does anyone have experience with converting a CEH to CNDA?

    • #22197
      BillV
      Participant

      @unsupported wrote:

      Does anyone have experience with converting a CEH to CNDA?

      I don’t have any personal experience with it.

      You could try shooting an email to info@eccouncil.org with your questions. If you don’t get a reply in a suitable amount of time (or don’t get a good answer), let me know and I’ll see what I can find out for you.

      BillV

    • #22198
      timmedin
      Participant

      If GCIH is your first choice then it sounds you are looking to go down the incident handler path. If that is the case then the CEH won’t really help you achieve your goal, however, it is isn’t a bad supplement. If you know more about the potential ways an intruder will be getting it to your network then that always helps in incident response. It won’t help with the detection and eradication portions of IH, but it never hurts to keep learning.

      If you are looking to go down the offensive path then I would recommend the GPEN from SANS. The SANS class does a good job explaining attacks and also includes valuable sections for reporting your findings to the client which is not included in the CEH. If you can effectively communicate, classify, and prioritize your findings to the client then the it doesn’t matter how good the attack was. At the end of the day there has to be value for the client.

    • #22199
      unsupported
      Participant

      GCIH was my first choice, but I took CEH because my departmental budget was not finalized.  I am really enjoying the CEH material and look forward to GCIH.  I missed out on the Orlando SANS, but maybe my manager will shell out the cash for the at home training.  Especially since I would be using my own time, but the companies money.  When sending someone to training they weight the costs of the actual course and how much the employee makes that week.

      Once I am done with CEH, I’ll take a low approach with Counter Hack Reloaded.

Viewing 11 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?