.

Should I go for GCIH after CEH?

<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Thu Feb 12, 2009 12:45 pm

Should I go for GCIH after CEH?

I am burning my way through CEH self study and I am going to test in a few weeks.  I wanted to know if it would be worth my while to also go back for GCIH.  GCIH was my first pick for my next certification, but due to department budget issues not being resolved, I went with my second choice.  Is there a lot of overlap in CEH and GCIH?  I've been told that GCIH focuses more on defense and incident response, where CEH is more of attack (which is what I am finding).

Your opinions are appreciated!
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Fri Feb 13, 2009 12:14 am

Re: Should I go for GCIH after CEH?

GCIH is primarily focused on Incident Handling which is a solid subject to focus on, although you may be better off focusing on GPEN (Network pentesting) and GWAPT (Web Application Pentesting) which is more of what you're looking for.

Now of course most of these tracks assume little to no security to pull these off so I would also suggest strong familiarity with security infrastructure that supercedes a simply firewall and IPS.  As part of PCI compliance now (since 7/08), it requires a web app firewall to address top 10 owasp vulnerabilities which can also focus on web services security.  Plus there's endpoint security, network admission control for posture assessment, email & web content filtering, network security management (event correlation & mitigation), and more.  Many networks are bound to have at least one of these, if not more.
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Fri Feb 13, 2009 12:19 am

Re: Should I go for GCIH after CEH?

Hi again Unsupported!

I would def go with GCIH. In my opinion, as well as my bosses, GCIH is more marketable to employers. Incident Handling is a valuable skill to have, especially in these times. As a plus you also get the hacker exploits and techniques part which preps you for offensive security and pentesting if that's what you are looking to do.

There are about three reviews below your topic in the forums reviewing GCIH and I also recommended reading here:

http://blog.networkfoo.org/?tag=sans-504

Also i tend to tell students to look into getting the Certified Network Defense Architect if they will be consulting gov or state agencies. Same test as the CEH, different name. State/gov offices don't like the word "hacker" in anyone's title, the exam code for that CNDA is 312-99 and you have to email EC to get to take it.

Good luck!
<<

vijay2

Full Member
Full Member

Posts: 220

Joined: Wed Mar 28, 2007 6:22 am

Post Fri Feb 13, 2009 7:33 am

Re: Should I go for GCIH after CEH?

I would just say that there is no comparison between the 2 courses. The focus of both certs is totally opposite. CeH focuses mostly on the offensive security mostly on attack tools while GCIH focuses on Defesnive and Incident Respones.

Though there might be  some overlap of what is coverd in both, the focus is totally opposite.

It all depends on what your job requirement is to choose one over the other.

Thats my 0.001 cent

VJ
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Feb 13, 2009 8:42 am

Re: Should I go for GCIH after CEH?

Jhaddix wrote:Also i tend to tell students to look into getting the Certified Network Defense Architect if they will be consulting gov or state agencies. Same test as the CEH, different name. State/gov offices don't like the word "hacker" in anyone's title, the exam code for that CNDA is 312-99 and you have to email EC to get to take it.


Alternatively, once you have earned CEH you can pay a $50 (last I checked) fee to receive CNDA (and I'm sure there's some sort of application/paperwork that goes along with it).

BillV
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Fri Feb 13, 2009 8:48 am

Re: Should I go for GCIH after CEH?

Alternatively, once you have earned CEH you can pay a $50 (last I checked) fee to receive CNDA

I just checked EC-COUNCIL's website. It states that
The CNDA certification is awarded only to employees who work for United States Government and Military Agencies


From where did you get this info.?
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Fri Feb 13, 2009 9:36 am

Re: Should I go for GCIH after CEH?

Xen wrote:
Alternatively, once you have earned CEH you can pay a $50 (last I checked) fee to receive CNDA

I just checked EC-COUNCIL's website. It states that
The CNDA certification is awarded only to employees who work for United States Government and Military Agencies


From where did you get this info.?


I believe its in the faq section... maybe...

They tell you when you email them. And as stringent as the requirement sounds it not hard to convince them to let you switch the title.

On a side not i one saw a guy touting BOTH certs... i didnt want to say anything, but i thought it was funny. Using 1 test for two titles.. cmon! :P
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Feb 13, 2009 10:48 am

Re: Should I go for GCIH after CEH?

Xen wrote:From where did you get this info.?


I don't remember. I'm involved with lots of EC-Council stuff... maybe a webinar where that was announced?

The application form is available here:
CNDA Application.

BillV
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Fri Feb 20, 2009 9:47 am

Re: Should I go for GCIH after CEH?

Thank you all for the information regarding GCIH.  My team is moving towards a security operations center (CIRT level 1) role and I think once I self study I can get my manager to pop for the cheapest SANS training option.

Thanks for the link to the CNDA application.  I may be able to swing it, as long as their interpretation of US Govt. Agency is loose.  I work for a big company who is good friends with the government and I have enough ties to an agency/program to be able to keep "secrets".

Does anyone have experience with converting a CEH to CNDA?
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sat Feb 21, 2009 9:25 am

Re: Should I go for GCIH after CEH?

unsupported wrote:Does anyone have experience with converting a CEH to CNDA?


I don't have any personal experience with it.

You could try shooting an email to info@eccouncil.org with your questions. If you don't get a reply in a suitable amount of time (or don't get a good answer), let me know and I'll see what I can find out for you.

BillV
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Sun Feb 22, 2009 10:16 pm

Re: Should I go for GCIH after CEH?

If GCIH is your first choice then it sounds you are looking to go down the incident handler path. If that is the case then the CEH won't really help you achieve your goal, however, it is isn't a bad supplement. If you know more about the potential ways an intruder will be getting it to your network then that always helps in incident response. It won't help with the detection and eradication portions of IH, but it never hurts to keep learning.

If you are looking to go down the offensive path then I would recommend the GPEN from SANS. The SANS class does a good job explaining attacks and also includes valuable sections for reporting your findings to the client which is not included in the CEH. If you can effectively communicate, classify, and prioritize your findings to the client then the it doesn't matter how good the attack was. At the end of the day there has to be value for the client.
twitter.com/timmedin | http://blog.securitywhole.com
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Tue Feb 24, 2009 9:29 am

Re: Should I go for GCIH after CEH?

GCIH was my first choice, but I took CEH because my departmental budget was not finalized.  I am really enjoying the CEH material and look forward to GCIH.  I missed out on the Orlando SANS, but maybe my manager will shell out the cash for the at home training.  Especially since I would be using my own time, but the companies money.  When sending someone to training they weight the costs of the actual course and how much the employee makes that week.

Once I am done with CEH, I'll take a low approach with Counter Hack Reloaded.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP

Return to GCIH - GIAC Certified Incident Handler

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software