CEH vs CHFI: Which to take?

OutrageousOutrageous Member Posts: 8 ■□□□□□□□□□
Hello all,

I'm looking at becoming more specialized within IT, with an interest in IT security. Some background on myself;

2006 - 2008, consumer tech support via phone/e-mail.
2008 - 2010, desktop support.
2010 -2014, server administrator.
2014 - present, sys admin, along with using Nexspose to identify vulnerabilities.

As you can see, I'm a bit of a generalist (I know a little bit of everything); which is useful yet not useful, as some places want specialists. Currently, my Network skills are at a junior level, my Wintel skills are at an intermediate level.

I'm looking at CEH or CHFI, planning on taking the iLearn course for one of them. I'm curious as to which one is recommended for someone such as myself.

Additionally, I am Canadian (based on a large city in Ontario), if that matters.


  • Options
    cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Please do NOT do CHFI. Worst test I've taken in my long list. Review here: http://www.techexams.net/forums/ec-council-ceh-chfi/106327-passed-chfi.html
  • Options
    OutrageousOutrageous Member Posts: 8 ■□□□□□□□□□
    cyberguypr wrote: »
    Please do NOT do CHFI. Worst test I've taken in my long list. Review here: http://www.techexams.net/forums/ec-council-ceh-chfi/106327-passed-chfi.html

    You're not kidding, eh? Based on your experience I guess that wipes out the CHFI. I also can't find any jobs around here who want it.

    My concern with the CEH is that although I am solid in Wintel, my Network experience may not be up to snuff (like I can't count in hexidecimal yet and know few commands).
  • Options
    danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    C|EH is more recognized than the CHFI, you're better off doing the GIAC version which is the GCIH if you wanted to go into incident handling.
    I am a Jack of all trades, Master of None
  • Options
    BlackBeretBlackBeret Member Posts: 683 ■■■■■□□□□□
    Out of the two I would definitely go for CEH. Just keep in mind that it is absolutely one of those courses where you get out of it what you put in to it. You can google around and figure out specifically what they test for and just learn those handful of programs/commands, or you can learn a lot of information about how things should work and spend a lot of time going down the security rabbit hole.

    If you're looking to learn about security from a starting point, I would recommend starting with Security+ from your background you should get it quick. CEH is suppose to be a VERY basic level pentesting certification. Sec+ will teach a lot more about security overall, CEH will teach attack methods.
  • Options
    CyberSecurityCyberSecurity Member Posts: 85 ■■■□□□□□□□
    Good place to start is Security+ if you're getting into security. I went for the CISSP however my past experience allowed me to fill the domains / time required. As soon as I got that cert a lot of doors opened in security, however, it's one of the only certs I hold so I can't speak too much from comparisons of CEH and CHFI.
    Ph.D. IT [UC] - 50% complete
    M.S.C.I.A. [WGU] - Completed 6/2018
    B.S.I.T.M. [WGU] - Completed 4/2017
  • Options
    UnixGuyUnixGuy Mod Posts: 4,565 Mod
    I wanted to do CEH as my first pen testing cert but from my humble research I decided that I would learn more doing eLearnSecurity eJPT, the hands-on aspect of it wins in my books.

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • Options
    gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    None. Do something else, like suggested above eJPT.
  • Options
    OutrageousOutrageous Member Posts: 8 ■□□□□□□□□□
    Thank you very much for the feedback guys! I decided to go ahead with the CEH, since it seems the CHFI was unanimously trashed. I'll look into Security+ after :)
  • Options
    Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    If you plan to work for US govt, CEH is recognised cert for DOD 8570, CHFI is not.
    And the "Ethnical Hacker" title can be a conversation starter, non-IT people will look at you differently. bowing.gif
  • Options
    roninkaironinkai Member Posts: 307 ■■■■□□□□□□
    I believe EC-Council considers CHFI to be slightly more advanced than CEH, even though its in a different area of expertise. I'm doing CEH on my own to shorten my study work with WGU, but the CHFI of course is offered as part of the MSISA.
    浪人 MSISA:WGU
    2020 Level Up Goals: (1) DevSecOps Learning Path (2) OSCP
  • Options
    rudegeekrudegeek Member Posts: 69 ■■□□□□□□□□
    Or, grab Georgia Weidman's book. Penetration Testing: A Hands-On Intro to Hacking and get a jump start on the OSCP :D She has great cybrary videos that complement the book as well.[h=1][/h]
  • Options
    McGintyDMMcGintyDM Member Posts: 12 ■□□□□□□□□□
    I don't exactly recall the exact details. You know, NDA and stuff. But I'm pretty sure I had a question about what color pants a co worker was wearing on my CHFI EXAM....

    more or or less garbage
  • Options
    Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    If you plan to go for WGU's Master of Science Information Security and Assurance, both CEH and CHFI are part of the degree program.
Sign In or Register to comment.