.

CEH Certification

<<

dark_north

User avatar

Newbie
Newbie

Posts: 15

Joined: Tue Jun 02, 2009 11:03 am

Post Tue Jun 02, 2009 11:08 am

CEH Certification

I am new to this forum.  I have been doing security work for the past 3 years.  I am interested in either the CEH or CISSP.  My real passion is in pen testing, data recovery, intrusion prevention.  My question, does anyone have success stories after getting the CEH?  Like, it got me in the door at company ABC and now Im really happy with my job.  Or, after getting my CEH, I got a great promotion at work and now make over 100k.

any other success stories would be great to hear...to make up my mind which direction to go..

dark_north
A computer once beat me in a game of chess but was no match for my drinking skills
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Tue Jun 02, 2009 1:13 pm

Re: CEH Certification

First off, welcome to the EH-Net site and community.

I think everyone has a different experience with the CEH, and you can certainly get out what you put in. As you've asked for personal experiences, I can certainly share mine (will try to keep it short):

I first got a computer when I was 16. Within a year, I had found an interest in security/hacking and started playing around with tools. By 20, I had learned some programming, a lot of networking, web development, server administration and more security stuff, but I didn't have any job experience. At 22 I landed my first position as a helpdesk technician (more like a junior net admin) and picked up my first certification a year later - the CEH. My boss and co-workers realized I was pretty interested in security and I was given more security-related tasks. Move forward another year and I earned a promotion to network admin and a higher salary (although my tasks didn't really change, but I was almost always involved in any security-related projects). Not quite a year later I interviewed for a new position against 5 or 6 other candidates and I was selected as the top choice and offered the position. I was told that what really set me apart from the others was my interest, experience and certifications in security - where the CEH was specifically mentioned.

So here I am now, just over 3 years of experience in the field (from a hobby to a career) at 25 with a CEH, and some others, that have definitely helped along the way. I'm not quite at that 100K mark, but I am pretty close. And I'm certainly proud of my CEH.

BillV
<<

dark_north

User avatar

Newbie
Newbie

Posts: 15

Joined: Tue Jun 02, 2009 11:03 am

Post Tue Jun 02, 2009 1:18 pm

Re: CEH Certification

that is very re-assuring Bill.  thanks for taking the time.  i think i am going to purchase the CEH book http://books.google.com/books?id=zfG3UM ... chor&nbsp; and start my CEH prep
A computer once beat me in a game of chess but was no match for my drinking skills
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Tue Jun 02, 2009 1:47 pm

Re: CEH Certification

No problem.

If you're planning to go the self-study route (and don't intend on purchasing the courseware) I'd highly recommend purchasing the ExamPrep or Prep Guide book in addition to the Official Review Guide you've mentioned. The Official guide is great at covering the objectives - and just the objectives. You really need a little more than what's included.

This might be offset by your experience though. You may be all set with what you already know and have done, and the Official guide might be all you need. You need to be familiar with the tools and concepts in order to pass the exam (to the extent of knowing command-line switches for nmap/netcat, ability to analyze what a snort rule is doing and able to read a packet capture).

Good luck.

BillV
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Thu Jun 04, 2009 12:00 pm

Re: CEH Certification

For me, I really needed the Offical CEH, ExamCram, and a lab setup to pass the test.  Being able to run the tools that are covered really solidified my reading.

Good luck!
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

Otter

Newbie
Newbie

Posts: 41

Joined: Tue Jul 03, 2007 1:03 pm

Post Thu Jun 04, 2009 3:49 pm

Re: CEH Certification

dark_north wrote:I am new to this forum.  I have been doing security work for the past 3 years.  I am interested in either the CEH or CISSP.  My real passion is in pen testing, data recovery, intrusion prevention.  My question, does anyone have success stories after getting the CEH?  Like, it got me in the door at company ABC and now Im really happy with my job.  Or, after getting my CEH, I got a great promotion at work and now make over 100k.

any other success stories would be great to hear...to make up my mind which direction to go..

dark_north



A CISSP will get you considered for positions you otherwise wouldn't, particularly in consulting.  However, there's a stigma to it in the pen testing community in that it's a very broad cert, and I've actually heard bandied about in pentest circles "oh, you're getting your CISSP--you looking to move into security management? Hah!" 

A CEH is not terribly hard cert to get (at least it wasn't when I got mine about 3 or 4 years ago).  I don't have a magic story for you about it.  Also, like so many certs, I know some people with  a CEH that wouldn't really have the first clue to successfully doing a quality pen test. 

CEH does have decent name recognition though, and I do get a remarkable number of recruiter hits because it's on my resume when they have a client that asks for it specifically (though, I'm always a little suspicious of the security credentials of a customer who targets CEH's specifically). 

Overall, I'd say that for pen testing,  you'd be better served with neither.  If you can get OSCP, on the other hand, then you may have somethin.  They don't have the name recognition of CEH I don't think, but within the pen testing community, it seems to be a well respected cert that includes a practical.

That said, the CEH isn't worthless--I learned a ton from Infosec Institute's delivery of their ethical hacking and advanced eh courses.  I just didn't think the exam quality was good enough to really put much of a halo around having achieved cert on the CEH.   
<<

SpecialIrony

Newbie
Newbie

Posts: 1

Joined: Mon Jun 15, 2009 12:20 pm

Post Mon Jun 15, 2009 12:24 pm

Re: CEH Certification

I work on a 16-man security assessment, pen-testing team and we had a customer who *demanded* we have  consultant with a CEH do the work.  Most of our guys have 10+ years of experience doing this work, but we don't have a CEH on staff.

Lame.

What this did was strongly emphasize that the customer has little idea about security but really buys into buzzwords.

I had a free day so I took the exam.  I passed, but only barely.  Of course, I took it cold, but I found about 20-30% of the questions to be only marginally related to the actual tasks involved in real pentesting.

Still, it's not a worthless cert.  Just don't think it's going to get you a job.  It's just a small "extra" in what would have to be a pretty strong resume otherwise.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Jun 16, 2009 12:38 am

Re: CEH Certification

I guess this is because you are talking to people from the upper which may have not that technical knowledge which would be needed to understand it on a technical way. Therefore if you have certificates which features words like "Hacker" etc. it will for sure catch their attention.

If the customer won't let CISSP or people with other, similar certs test his network you may have to present yourself maybe in a different way or give him some easy resources where he can see how things are by himself.

Did you pentest his company after you received the CEH exam or was this already at a later point? Just curious.

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software