.

Is CEH Right for me?

<<

captainbli

Newbie
Newbie

Posts: 2

Joined: Wed Jan 20, 2010 3:55 pm

Post Wed Jan 20, 2010 4:04 pm

Is CEH Right for me?

Hi everyone, First time poster.

I have been working in the information security field for five years now.  I want to know if you guys think CEH is right for me?

Background:
M.S. Information Assurance
CISSP, A+/Net+/Sec+, CCNP, CCDA, MCSE 2000/2003

I plan on taking CISM in june and moving up into management later in my career. 

CEH is really technical but alot of the stuff I have seen or heard of.

Some advantages for me that I can think of:

1.  Help me understand hacking to better defend against attacks
2.  Looks good on my resume
3.  Interesting and fun
4.  Used for internal pen testing on networks

Disadvantages include:

1. Too technical for management type positions
2.  May never use the knowledge or parts of it


I plan on tackling this using self study by purchasing two books and setting up Virtual Machines to test.


Any advice?  Skip this and just do CISA/CISM/CISSP-ISSMP/Compliance?
<<

KamiCrazy

Jr. Member
Jr. Member

Posts: 78

Joined: Wed Jun 17, 2009 8:40 pm

Post Wed Jan 20, 2010 4:15 pm

Re: Is CEH Right for me?

Do you want to do management stuff in information security or do you want to do penetration testing.

I think that really sums it up. Also once you complete your CEH, I think it really only starts you on a path, it doesn't really mean you can do a complete pen test.

So what do you want to do, INFOSEC management or penetration testing?
<<

captainbli

Newbie
Newbie

Posts: 2

Joined: Wed Jan 20, 2010 3:55 pm

Post Wed Jan 20, 2010 4:32 pm

Re: Is CEH Right for me?

Kamicrazy:

Infosecmanagement!  I dont want to be a pen tester.

But I feel as a future information security manager I will need to write policies and procedures and understand generally how hacking is done, and the different types of attacks.

So for example if a security engineer comes to me and says we have several cross site scripting vulnerabilities in our webservers, then I understand what he means.

I think it would make me more marketable and be a better manager.  What do you think?

If this helps...I am 28 and I have a 5-10 years before I get into those senior manager positions.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Jan 20, 2010 7:27 pm

Re: Is CEH Right for me?

Why don't you just do the self-study like you already plan on doing to learn the concepts that you're interested in, and then if you feel like taking the exam go ahead and do it? I don't think, at this point, it will give your resume any added significant boost but it will surely complement what you have.
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Jan 20, 2010 7:37 pm

Re: Is CEH Right for me?

I'd agree with BillV.  While CEH certainly may not be a management credential to hold, if you're truly looking for a better understanding of the concepts, it certainly wouldn't hurt to at LEAST self-study it, even if you don't pursue the certification at the end.  Just studying the materials, if you truly do some Googling, etc, in the process, will lend a lot to your overall awareness and knowledge of the topics covered in the course materials and in day-to-day security 'discussions,' even if you never truly understand the underlying pieces of attacks and penetration tests.

Good luck, and welcome.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Thu Jan 21, 2010 3:43 am

Re: Is CEH Right for me?

I too think that self-study would be enough and depending on how you feel after your studies you may eventually take the exam or not. As you already obtained CISSP and some others, CEH may not be that important anymore for you.
<<

pawan_kumar

Newbie
Newbie

Posts: 4

Joined: Fri Jun 19, 2009 12:52 am

Post Thu Jan 21, 2010 3:56 am

Re: Is CEH Right for me?

If you want to take training and certification on CEH v6
Please contact Jodo Institute
Jodo Institute is an Accredited Partner of EC-Council
<<

amol

Newbie
Newbie

Posts: 2

Joined: Tue Jan 12, 2010 11:28 am

Post Wed Jan 27, 2010 10:13 am

Re: Is CEH Right for me?

Yes CEH is right for u

Regards,
Amol

MCP,MCSA,MCSE,MCTS,MCTIP,CCNA,CEH


captainbli wrote:Hi everyone, First time poster.

I have been working in the information security field for five years now.   I want to know if you guys think CEH is right for me?

Background:
M.S. Information Assurance
CISSP, A+/Net+/Sec+, CCNP, CCDA, MCSE 2000/2003

I plan on taking CISM in june and moving up into management later in my career. 

CEH is really technical but alot of the stuff I have seen or heard of.

Some advantages for me that I can think of:

1.  Help me understand hacking to better defend against attacks
2.  Looks good on my resume
3.  Interesting and fun
4.  Used for internal pen testing on networks

Disadvantages include:

1. Too technical for management type positions
2.  May never use the knowledge or parts of it


I plan on tackling this using self study by purchasing two books and setting up Virtual Machines to test.


Any advice?  Skip this and just do CISA/CISM/CISSP-ISSMP/Compliance?
<<

kennut

User avatar

Newbie
Newbie

Posts: 46

Joined: Thu Apr 16, 2009 10:41 pm

Post Mon Feb 01, 2010 8:41 pm

Re: Is CEH Right for me?

Well, I won't say CEH is certainly help me in my work (btw, I'm doing IT Audit work, so that's why I need to have CISA certification to back me up when dealing with clients and management).

For CEH, I did it for the part where it's interesting to learn tools used by hackers and such way for defensive purposes etc. I'm fortunate that my company send me for 5 days training in EC Council. It doesn't mean doing CEH, you will end up being a Pen Testers, which I'm still learning and I've seen some Pen Testers report, simply I'm out of words! (they're good! )

I know a lot of finance auditors who did CISA, and they passed it, and at the end, they're not doing IT audit work, and for me, that's a waste. The word CISA is just for the sake of "putting it in the name-card and looks good" for them!  :D

CISM / CISSP may upgrade you to a management level dealing with Info Sec. that is you're going to be less techie. Like billv and hayabusa said, it's no harm for you to learn CEH even if you don't take the cert if you feel dont' taking it later. and it's no harm too when it's another + in your resume.

anywa, good luck in your quest. 
Done all 3 certs, now going for CISSP.....
<<

broknspyrl

Newbie
Newbie

Posts: 1

Joined: Wed Feb 10, 2010 6:40 am

Post Wed Feb 10, 2010 6:54 am

Re: Is CEH Right for me?

I think from what you have said the CEH will compliment what you already have, i must admit i found the course very interesting and very useful.  Although i know some of what was taught it still raised awareness and opened my eyes to new and different techniques used.  I am particularly concerned with online security, forensics and pen testing.  The CEH was useful for all of these, although the course doesn't have a specific area for each one, what it does do is give a very good broad overview and basic footing for other such certs
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Feb 10, 2010 8:05 am

Re: Is CEH Right for me?

So for example if a security engineer comes to me and says we have several cross site scripting vulnerabilities in our webservers, then I understand what he means.


BTW, CEH won't teach you much about XSS, SQL Injection or anything "deep". Since this certification covers many, many topics, they just can't go deep.

So while you are required to know about XSS and SQL Injection for example, the course won't make you an expert in blind SQL Injection...

So my advise is do it for yourself, not for your resume. CISSP already covers the basic, so you don't need another one. But if your goal would have been PenTesting, It would be entirely different...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 3 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software