CEH test requirements

Started reading CEH and just came across the requirements on taking the CEH exam. You must take an EC-Council course or have 2 years of Info Sec experience. I was planning on self study because the $3000 for a course is ridiculous. Graduated in Info Systems and worked with a credit card processing company (PCI-DSS) for 1 year and 2 years with a company dealing with processing government forms (sensitive data, employment eligibility I-9 forms). Also I'm unemployed at the moment overseas and it looks like they require a current employer to contact?

Is there any way for me to be qualified on sitting for the exam without paying the $3000 for the course?

Find more posts tagged with

Comments

JoJoCal19

neonballoon wrote: »

Started reading CEH and just came across the requirements on taking the CEH exam. You must take an EC-Council course or have 2 years of Info Sec experience. I was planning on self study because the $3000 for a course is ridiculous. Graduated in Info Systems and worked with a credit card processing company (PCI-DSS) for 1 year and 2 years with a company dealing with processing government forms (sensitive data, employment eligibility I-9 forms). Also I'm unemployed at the moment overseas and it looks like they require a current employer to contact?

Is there any way for me to be qualified on sitting for the exam without paying the $3000 for the course?

With your work experience would you say that 2 years are related to any of the Information Security domains? If so then you don't need the class. And I can tell you right now, having just passed the CEH and having their official course material, I would NEVER pay that much for it, at all.

wearingmyrolex

I'm not particularly happy with EC-Council's approach here:
1. Other vendors/moderators etc permit you to complete your eligibility AFTER the exam, to formally achieve the certification. This 'up front' approach seems a bit like a money making scheme to me.
2. Having completed my eligibility, I've been chased THREE times to purchase the exam voucher.
3. They appear to have USA presence but I imagine the outfit has been off-shored to Malaysia and India based on those being the only numbers you can get through on.

I can recommend that you call the AP number and speak with one of the certification team and have them send you, in writing, confirmation of how to get through the eligibility without requiring current ref or if you can, have them accept an old employers reference.

Good luck

neonballoon

Reading further, it looks like an ex-employer will work to verify. I agree that EC-Council's approach reeks of money-grabbing moves with the $100 fee just to process the eligibility form. Now I'm wondering if I should just go for the CISSP-Associates? I'm aiming to apply for an entry-level position for a government contractor and got interested in CEH because it checks a lot of the boxes on DoD 8570 and having Security+ and CEH would set me apart from those with just Security+.

JDMurray

CISSP and CEH fulfill different areas of 8750, so you really need them both to hit most of the bases.

Once ECC got the CEH in with DoDD 8570.01, their exam prices doubled and the $100 application fee appeared. Don't take it personally--it's the US Federal government ECC is looking to grab money from. We would all do the same given that we owned a business in the same situation.

JoJoCal19

neonballoon wrote: »

Reading further, it looks like an ex-employer will work to verify. I agree that EC-Council's approach reeks of money-grabbing moves with the $100 fee just to process the eligibility form. Now I'm wondering if I should just go for the CISSP-Associates? I'm aiming to apply for an entry-level position for a government contractor and got interested in CEH because it checks a lot of the boxes on DoD 8570 and having Security+ and CEH would set me apart from those with just Security+.

If I remember correctly, the Associate of CISSP will meet the DoD requirements where CISSP is required. Someone correct me if I'm wrong. I'd always go for that over the CEH if it will hit the requirements for a position you are interested in.

wearingmyrolex

Get them both. I really enjoyed studying for CISSP and plan to do others, particularly interested in ISSAP. I'd say CISSP will take you a good deal longer to self study for than the CEH will, so if you can get an old employer to ref for you, do CEH 1st, especially if you're using it towards getting a new job.

neonballoon

Thanks for all your inputs. Sorry for what may be a dumb question but what are the main differences between IAT, IAM and the CNDSP positions? I'm mainly looking at the "junior" position postings from companies such as Booz and Lockheed. I would like to eventually get the CISSP but feel I'm not 'there' yet and maybe I should go for CASP instead first. I've got 4 months of study time before I go back to the US to look for a job. The CISSP-Associate does fill the requirements for the DoD.

diggitle

JoJoCal19 Congrats on the pass

JoJoCal19

diggitle wrote: »

JoJoCal19 Congrats on the pass

Thanks! Not happy with the score but whatever, it's a pass.

neonballoon wrote: »

Thanks for all your inputs. Sorry for what may be a dumb question but what are the main differences between IAT, IAM and the CNDSP positions? I'm mainly looking at the "junior" position postings from companies such as Booz and Lockheed. I would like to eventually get the CISSP but feel I'm not 'there' yet and maybe I should go for CASP instead first. I've got 4 months of study time before I go back to the US to look for a job. The CISSP-Associate does fill the requirements for the DoD.

I had looked that up a while back but I think IAT is technical level and IAM is managerial level.

cgrimaldo

This will give a basic overview of the DoD directive as well as direct links that have further details.

Dept of Defense Directive: DoDD 8570

neonballoon

Thank you for the link. I think I'm going to put CEH on the backburner for now until I have a solid 2 years of experience in info. security and go for CASP first as it requires no experience or endorsements like the SCCP/CISSP. Would I have a shot getting an entry level position with one of the DoD institutes with 3 years of tech support experience, Sec+ and CASP? I'm thinking once I am able to get in a position doing something related to info. security I'll pursue SCCP after one year, CEH after the second and CISSP after the fourth. Or am I being too optimistic?