.

C|EH v8?

<<

opticalcarrier

Newbie
Newbie

Posts: 4

Joined: Tue Feb 14, 2012 3:48 pm

Post Tue Feb 14, 2012 3:58 pm

C|EH v8?

Hello. Does anyone have any indication on when C|EH v8 materials will be released? I see some references to it on the EC-council website and the store has the v8 exam voucher listed for purchase.  Specifically the CEH Candidate Handbook v1.6 has several references to v8.


I'm looking to purchase training materials and sit for the exam this year. The EC-Council site leads me to think that v8 is just around the corner. If that is the case I feel that I may want to wait for v8 to be released instead of going for v7.

Anyone have any additional information or speculation on this?

Reference PDF: https://cert.eccouncil.org/wp-content/u ... 012012.pdf
Last edited by opticalcarrier on Tue Feb 14, 2012 4:03 pm, edited 1 time in total.
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Wed Feb 15, 2012 12:21 am

Re: C|EH v8?

I've heard that v8 will be coming out soon and, based on my experience with v7, I'd urge you to wait for it. Scratch that, I urge you to wait for the reviews on v8. I've heard rumor that v7 was the first try with new material and v8 is basically a cleaned up version of v7.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Feb 15, 2012 8:32 am

Re: C|EH v8?

The launch dates for the exam and courseware are different.

If I recall, the exam is targeted for an April launch and the courseware is not due out until roughly November.

My guess is that the courseware is going to be "cleaned up," as DragonGorge put it, but will also be aligned with the new exam (expected to be ANSI accredited soon).

A lot of effort has been put into developing this exam per ANSI standards (started back in late 2010). New objectives and task and knowledge domains have been developed by SMEs working in the field. There were a large amount of beta testers that provided feedback on each question. Multiple 'panels' were created to review all of this information and decide what to keep, change, or throw out.

In the end, I expect the exam itself will be a decent change but I don't know anything about the courseware.
<<

opticalcarrier

Newbie
Newbie

Posts: 4

Joined: Tue Feb 14, 2012 3:48 pm

Post Wed Feb 15, 2012 11:07 am

Re: C|EH v8?

Thanks Billv. Looks like v8 is worth waiting for. EC-Council made some nice improvements between v6 and v7. Further clean-up and making it more refined for v8 makes sense.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Feb 15, 2012 12:30 pm

Re: C|EH v8?

I cant believe they are releasing a new version. they should save the money on releasing a new cert and materials. They could have just fixed v7... How annoying and completely expected. I am thinking that CEH will be my last EC-Council certification.
sectestanalysis.blogspot.com/‎
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Feb 15, 2012 2:51 pm

Re: C|EH v8?

SephStorm wrote:I cant believe they are releasing a new version. they should save the money on releasing a new cert and materials. They could have just fixed v7... How annoying and completely expected. I am thinking that CEH will be my last EC-Council certification.


Maybe I'm missing something, but what's the big deal? I actually think it would be odd to modify the material once it's out; wrapping improvements up into the next version seems more natural. You retain the certification once you pass (as long as you keep up with continuing education), so I'm not sure why this bothers you so much.
The day you stop learning is the day you start becoming obsolete.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Feb 15, 2012 3:40 pm

Re: C|EH v8?

The BIG issue is ECC, but beyond that... :)

I dont like the new version because such a big deal was made about v7, they have already pushed it out to testing providers, and companies have released study material for it. and now less than an actual full year later, we are getting a new release to fix courseware... They could simply insure they send out new couseware to people taking the new exam. Also the issue is studying. For the most part we have recommended v6 CW for studying for v7. Now we can extend that to v8. That is three major releases with no significant content change...

In addition, the versioning could become an issue. Now v6 certified individuals are that much less valid in the grand scheme (honestly ive never had an employer ask about an exam version, but it could be a concern, especially with what i've heard about the older versions.). If i'm not mistaken, ECC now prints the version on the certificate, so its not just an internal issue.

My final issue is with v7 itself. We have seen numerous unresolved issues with it. without a real review of what is being changed in v8, i'm skeptical.Issues with the courseware, issues with the instructors, issues with Frankenstein and iLabs. Thats all that made v7 worthwhile. I just dont want someone going in with fishscales over their eyes.
Last edited by SephStorm on Wed Feb 15, 2012 3:43 pm, edited 1 time in total.
sectestanalysis.blogspot.com/‎
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Feb 15, 2012 4:53 pm

Re: C|EH v8?

The BIG issue is ECC, but beyond that... :)

I dont like the new version because such a big deal was made about v7, they have already pushed it out to testing providers, and companies have released study material for it. and now less than an actual full year later, we are getting a new release to fix courseware... They could simply insure they send out new couseware to people taking the new exam. Also the issue is studying. For the most part we have recommended v6 CW for studying for v7. Now we can extend that to v8. That is three major releases with no significant content change...

In addition, the versioning could become an issue. Now v6 certified individuals are that much less valid in the grand scheme (honestly ive never had an employer ask about an exam version, but it could be a concern, especially with what i've heard about the older versions.). If i'm not mistaken, ECC now prints the version on the certificate, so its not just an internal issue.


I can't speak for the courseware but the exam itself has been completely redesigned from the ground up. Things that a CEH-level person should know are included and things that are irrelevant have been removed.

That being said, objectives will have to be changed which should mean that courseware has to follow suit.

If that's the case, then v6 and v7 study guides will not be as valuable to the v8 exam as v6 guides were to v7.

The whole push for the new version revolves around ANSI accreditation. The exam was developed per their standards. I don't know if they set standards for the courseware as well or not. Anyone that passes CEH v8 (and forward) will have the ANSI accredited version.

Per ANSI guidelines the version has to remain. If you are a CEH v6, you are a CEH v6, not a CEH. This is how they will distinguish who passed the exam before and after the accreditation.

My final issue is with v7 itself. We have seen numerous unresolved issues with it. without a real review of what is being changed in v8, i'm skeptical.Issues with the courseware, issues with the instructors, issues with Frankenstein and iLabs. Thats all that made v7 worthwhile. I just dont want someone going in with fishscales over their eyes.


I can't speak to the courseware as I've never actually unwrapped my copy. Instructors are a problem for any course. Frankenstein is for instructor use only. And, personally, I never had any problems with the iLabs. I went through every lab in the manual and revised as needed or rewrote the lab if it didn't work right. What happened after that, I have no idea.

edit: I don't mean I changed the labs on-the-fly so they worked as I was studying but I was asked by EC-Council to review the iLabs manuals and make sure the labs worked.

I'm not going to defend EC-Council, that's their own job and I've already done enough of it in the past. There are plenty of unhappy people out there (in their own members portal as well). Just wanted to explain why the changes are happening.
Last edited by venom77 on Wed Feb 15, 2012 4:55 pm, edited 1 time in total.
<<

opticalcarrier

Newbie
Newbie

Posts: 4

Joined: Tue Feb 14, 2012 3:48 pm

Post Wed Feb 15, 2012 5:36 pm

Re: C|EH v8?

Overall EC-Council moving to ANSI accreditation is a good thing. It brings more value to holding a CEH.

I can see where current v6/v7 CEH holders are upset that their cert may be seen as less valuable, but that is just the nature of the beast. The introduction of the continuing education requirement should help offset some of the stigma.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Feb 15, 2012 8:04 pm

Re: C|EH v8?

I'm glad to hear the exam is being updated as well. Though the concept of updating a program FOR accreditation is much like a company making changes FOR compliancy. In any case, I suppose i'll wait for the reviews. But ECC still has a long way to go Bill, you've seen the member portal. They have issues, and while I have reached out to them numerous times to help get them resolved, the positive work forward lasts for about a week.

The reports of issues with instructors were numerous and significant. EC-Council claims that these "Master Instructors" received training on Frankenstein and iLabs and were unable to access them in some cases or get them working in others. Many reports claimed that the instructors were knowledgeable, and well suited, the issues were with the 2 programs. And the issue with Frankenstein was reported by an instructor on the member forum if I remember correctly.

On the iLabs, we recently had a report on this portal about the failure of iLabs. They work, but it appears by report to be put together very poorly. Can you tell us about how it worked when you tested it? (NOTE: I see you replied to that post, not knocking your efforts, the poster said the labs appeared to work, but just not intuitively. I'll quote the relevant portion for those who havent seen the thread)

The same can be said for the iLabs - to call it "unpolished" would be kind. Basically, you log in and reserve time in 2-3 hour blocks. The system creates a virtual lab environment for you on their network from which you can run their Bible-sized (both Old & New Testament) book of lab "exercises". The exercises themselves are basically just a very (very, very) simplistic execution of the myriad of tools accompanied by screen shots. For example, they'll have you install Cain and attempt to crack a password file but it really amounts to click here, now click here, okay, now click here. Done! There are no targets per se, just 3-4 different platforms you can run the different tools on. And there are no end-to-end exercises.


My real question Bill, is do you think that people should look forward to CEH v8 considering the organization behind it?
sectestanalysis.blogspot.com/‎
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Feb 16, 2012 9:51 am

Re: C|EH v8?

I don't disagree that they have work to do. They know they have work to do. What takes so long, I have no idea.

I know we've seen posts about problems with instructors. I can't disagree there either. My own CEH instructor was horrible when I took the course. The guys recognized as Master Instructors that I know, are good at what they do and I'd happily sit in their course. How many are out there? Not a clue. Are there some designated as Master Instructors that truly don't know what they're doing? Again, I'm not sure but it wouldn't surprise me. We all know that the experience and ability of the instructor can easily make or break a class though.

On the iLabs, we recently had a report on this portal about the failure of iLabs. They work, but it appears by report to be put together very poorly. Can you tell us about how it worked when you tested it? (NOTE: I see you replied to that post, not knocking your efforts, the poster said the labs appeared to work, but just not intuitively. I'll quote the relevant portion for those who havent seen the thread)

The same can be said for the iLabs - to call it "unpolished" would be kind. Basically, you log in and reserve time in 2-3 hour blocks. The system creates a virtual lab environment for you on their network from which you can run their Bible-sized (both Old & New Testament) book of lab "exercises". The exercises themselves are basically just a very (very, very) simplistic execution of the myriad of tools accompanied by screen shots. For example, they'll have you install Cain and attempt to crack a password file but it really amounts to click here, now click here, okay, now click here. Done! There are no targets per se, just 3-4 different platforms you can run the different tools on. And there are no end-to-end exercises.



My experience with iLabs was similar to what DragonGorge posted. Keep in mind I went through this about a year ago before iLabs was actually rolled out so I don't know if anything has changed (and it's hard to remember all the details).

You basically access the system and reserve a block of time for doing your labs. The system then configures your virtual network for use. It consists of several different systems - I want to say 5 but I can't remember what all they were (Windows 2008, Windows 7, BackTrack and there may have been a second 2008 box).

The instructions are similar to what was pointed out. At the beginning they give you some type of overview or scenario about when/why you might use the tool(s) in the lab. You are then told about the environment and which systems you will be using for the lab (W2K8, W7, BT, etc.). After that it walks you step-by-step through installing and running the tool. As DragonGorge mentioned, the labs only go so deep into the tool. They get you up and running and show you the basic functionality - it's left to you to explore the tool in greater detail and play within the lab. I believe they add some 'additional tasks' at the end of the lab or ask you questions about using the tool in other scenarios. Again, this is where it's up to the student to go the extra distance and do these tasks.

If there are any targets required, the lab will tell you that you need multiple machines and you will use one to attack the other (e.g., the BT system attacking the W2K8 system). There are no end-to-end exercises as pointed out but probably should be.

When working through the lab guides, there were spelling/grammar mistakes, wrong names of virtual systems, wrong systems selected, or stuff that just didn't work. I fixed the simple spelling/grammar errors, renamed the virtual systems (apparently the systems in the class are slightly different than iLabs, which would certainly cause confusion), and basically made sure the lab worked. If there were missing instructions I would add them or if something wasn't needed I removed it. For a couple of labs, I remember rewriting large portions. I wasn't responsible for creating or selecting the labs, just making sure they worked.

When I was finished and turned everything back into ECC, everything was accurate and worked fine. What happened after that (whether they accepted all my changes, changed systems, changed/added labs), I have no idea.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Feb 16, 2012 9:58 am

Re: C|EH v8?

And to answer your final question...

If they do it correctly, this could be a significant improvement.

I can tell you that I've been involved in a lot of the exam development process since back in October of 2010. The exam itself will be a better reflection of the skill set and knowledge required for this type of certification. It's up to EC-Council to do the same with the courseware (unless they outsource or contract some other people to write it).

I think it should be treated like any other new certification. Personally, I'd be hesitant to jump to anything new until it's been vetted by someone I know or respect.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Feb 16, 2012 6:12 pm

Re: C|EH v8?

I think this may have changed slightly but this CEH v8 blueprint is publicly available on EC-Council's website:

https://cert.eccouncil.org/wp-content/u ... 012012.pdf

https://cert.eccouncil.org/
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Thu Feb 16, 2012 7:26 pm

Re: C|EH v8?

Well I suppose its not great for me to judge the system until I try it. I guess I can give them the benefit of the doubt. :)
sectestanalysis.blogspot.com/‎
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Sat Feb 18, 2012 12:37 pm

Re: C|EH v8?

I think the upgrade is a good thing…provided it’s a “true” upgrade and the training is improved.

My fear is this: EC Council seems to have gotten away with flagrantly shoddy training and testing for some time, almost with a bit of hubris, like “We’re the certificating authority; we can do whatever we want.” I hope this latest version isn’t just lip service to get more $$$$ with no meaningful changes. I recently looked at the All-In-One guide for v7 and the content there was much more readable and better organized - it  “flowed”. Instead of taking a “how much info can we cram into this?” it was “how much can we strip out and still have the student be competent?”

Here’s what ECC needs to do for their training:
1. Hire a REAL proofreader.
2. Hire outside Pen Testing professionals to check all slides for content.
3. Take aim at cutting material. One of their ads boasted “16GB worth of data” – that’s not (or shouldn’t be) a selling point!!
4. Reduce the focus on exposing the student to every tool on the web, instead narrowing the scope to the most popular ones. Of those tools, really teach them the ins-outs.
5. Delete any slide that
  - Is a screenshot that the instructor simply says “Tool XYZ” to and moves on. They are absolutely useless.
  - Just lists 8 or so tools where the instructor just reads the names of the tools. Those are equally useless.
6. Understand that everyone, EVERYone, taking this training can read – if the instructor is just reading the slide to us…what’s the point?
7. Any acronym should be defined the first time it’s used (again, basic tech writing/training).
8. Create true end-to-end tests in the labs.
9. Create a table of contents for training content and labs. It’s unconscionable that they’d release 40 lbs worth of books without a TOC or Index. How is one expected to look up something in those 3000 pages or so?
10. Similarly label the CDs – it’s just plain amateurish to have to stick in the CD/DVD to see if the module I’m interested in is on it.

For their testing most of the above applies but eliminate the verbosity of the questions:
“Jim, a security analyst at BZW Corp, woke up late Monday morning after getting into an argument with his girlfriend who was an accountant and WZB Inc. Feeling upset and out of sorts, he cut himself shaving before going into work, only to find that someone took his parking space. When he finally arrived at his desk he had an email from another admin asking if he knew of a good packet sniffer. Which of the following tools would qualify?”
Next

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software