.

CPTE, CEPT, & LPT

<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Sat Jun 10, 2006 4:35 pm

CPTE, CEPT, & LPT

How well-known are these certs within the Pen-testing community?


(CPTE) Certified Pen-Testing Expert : Mile2
(CEPT) Certified Expert Pen-Tester : Infosec Institute
(LPT) Licensed Penetration Tester : Ec-Council


The curriculum for the first two follow similar lines, but the LPT seems to be hardly discussed anywhere on the net.  What are the reputations of these certifications?

Thanks.
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Sat Jun 10, 2006 5:12 pm

Re: CPTE, CEPT, & LPT

I'm not sure about the first 2, but I know that there is no certification exam for LPT. To obtain it however you must first obtain the CEH and ECSA certs. You must also attend a mandatory 3-day course and fill out the regular EC-Council paperwork including signing the code of ethics and also proof of your criminal record.

The cert is only valid for 2 years and has a $250 renewal fee. Once you have this cert you can join the EC-Councils Tiger Team, which means every now and again you get to join a team of pen testers for a paid pen testing job.

Check here for more info. Note the list of links at the bottom of the page too.
Last edited by Negrita on Sat Jun 10, 2006 5:15 pm, edited 1 time in total.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Sat Jun 10, 2006 9:29 pm

Re: CPTE, CEPT, & LPT

Thanks Negrita for your response.  It looks like the Penetration Testing / Vulnerability Assessment circles haven't really come together in agreement between certain certification tracks.

The first 2 certifications seem to be proprietary tracks with specialized curriculum for the penetration tester.  The CPTE is the advanced penetration course offered by Mile2 training, while the CEPT is also an advanced penetration course ("replacing" the ECSA) offered by Infosec Institute. 

Most companies haven't recognized these certifications yet as pertaining to penetration testing which has me wondering if they'll be "embraced" at some point. 
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sat Jun 10, 2006 10:01 pm

Re: CPTE, CEPT, & LPT

For those interested:

Certified Expert Penetration Tester (CEPT)
The CEPT certification is designed to certify that individuals have expert level knowledge and skills in relation to penetration testing
Consists of 9 domains directly relating to penetration testing
100 Questions - 80% required to pass
Exam given On-Site during course with immediate computer graded results
9 Certified Expert Penetration Tester (CEPT) Domains:

Penetration Testing Methodologies
Network Attacks
Network Recon
Shellcode
Reverse Engineering
Memory Corruption/Buffer Overflow Vulnerabilities
Exploit Creation - Windows Architecture
Exploit Creation - Linux/Unix Architecture
Web Application Vulnerabilities


Source:
http://www.infosecinstitute.com/courses ... ester.html

Is this one well known enough to add to our list of ethical hacking certs at:
http://www.ethicalhacker.net/content/category/1/31/3/ ?

Don
CISSP, MCSE, CSTA, Security+ SME
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Sat Jun 10, 2006 10:25 pm

Re: CPTE, CEPT, & LPT

I believe those three (LPT/ECSA, CEPT, CPTE) are the only advanced penetration certifications out there. 

Doesn't look like many know these at all and what's worse is that HR probably won't know these either.  :(
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Sun Jun 11, 2006 1:14 am

Re: CPTE, CEPT, & LPT

charlottebandit wrote:Doesn't look like many know these at all and what's worse is that HR probably won't know these either.  :(



HR never know anything about certs. It's always best to try to talk to someone technical first in a job interview. On another forum where I moderate one member (I think he's a member here too) applied for a job which required MCP or MCSE. He told the HR rep that he had MCSA. The HR rep rejected him because he was overqualified!!!! Go figure.  >:(
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Sat Jun 17, 2006 1:44 pm

Re: CPTE, CEPT, & LPT

Just attended CEH training from InfoSec Institute.  Tons of labs and daily Capture the flag "Red Team" exercises at night. 

CEH tools were discussed, but newer & better tools were used for the labs.  They used a pen-testing model of instruction while incorporating CEH materials/tools into the course, rather than teaching a course on tools & slides.

Thumbs up for InfoSec Institute.


- charlottebandit
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sat Jun 17, 2006 9:20 pm

Re: CPTE, CEPT, & LPT

Did Jack Koziol teach your class?

Don
CISSP, MCSE, CSTA, Security+ SME
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Sat Jun 17, 2006 11:59 pm

Re: CPTE, CEPT, & LPT

No, Jack didn't.  Jack teaches the Adv. class.

Tim Singletary taught the CEH, and also is one of the instructors for the CHFI.  I believe he also subs in for the Adv. class.  He will be coming out with a book later this year with several "proof of concept" vulnerabilities & more. 

He is/was a heavy hitter for DoD & other 3-letter agencies, but now consults and teaches.  Another thing I enjoyed was the fact that we ventured into penetration testing as if we had an experienced sysadmin or network security analyst as a foe/opponent rather than an inexperienced, clueless IT geek.  They raised the bar on us causing us to think before we assessed the systems without triggering off the IDS. 

:)
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Jun 18, 2006 11:20 pm

Re: CPTE, CEPT, & LPT

Saweeeet! I'd be interested in hearing more details in a new forum topic. Are you in Chicago?

I'm taking a CEH class with The Training Camp, and the instructor is Andrew Whitaker. He wrote the Cisco pen testing book.

I hope it's that much fun.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Jun 20, 2006 3:55 pm

Re: CPTE, CEPT, & LPT

OK, they switched on me. Mr. Whitaker is no longer the instructor. A last minute change puts Steve Kalman in the hot seat as instructor. Checking up on him, he wrote the Web Security Field Guide (a Cisco Press book) and has been in IT for over 30 years. He also has experience in forensics.

Not to hijack this thread any more than I already have, I'll keep you posted in my area of the study group.

Don
CISSP, MCSE, CSTA, Security+ SME

Return to CPTC - Certified Penetration Testing Consultant

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software