Cutting short my ECC journey?

At start of my ECC journey, I'm disappointed to see so many complaints about ECC and exam version. Until yesterday, I thought ECC was right, but all those folks complaining can't be all wrong.

Also, for ECC to expect us to be up-to-date with industry for CEH exam is at best unrealistic and at worst foolish.

I really hope I won't have to give up on ECC. I will wait on the sideline until the dust settles. Or should I cut my journey and go after another cert?

Find more posts tagged with

Comments

TacoRocket

I dont understand how being up to date with the industry is unrealistic and foolish. Technology always changes and so do the tactics. If you don't keep up to date I would be more concerned.

A lot of people are concerned because the v9 just came out. The same thing happened when Microsoft pushed the R2 update to server. It catches people off guard. That happens. I wont say that it absolutely terrible but you have to be prepared for those sort of things.

binarysoul

Keeping up to date with tech isn't foolish, in fact it's expected. But what I said is that in my opinion what's is foolish is to expect that for an exam, in addition to an exam blueprint, one should learn every single development in an industry as wide as the ocean. No other cert vendor demands this. Are ISc2, CompTIA, Microsoft, Cisco and all others wrong? They have objectives and they go by that, with exceptions.

If one is certified to be a programmer, then it makes sense to expect him/her to keep up to date with all languages, syntax, for one exam.

TK1799_st

As someone who has instructed - I can say there needs to be a common left and right in the material boundaries. There must be a beginning and an end - then an exam to see how competent both instructor and student performed as in the number of those that pass said exam.

Right now, the VP of ECC is getting involved since I spoke with him last night. This should not have happened. There is always a grace period for those using material is schedule to expire and the transition (hand shake) of the new material coming online. What has occurred in the last 2 weeks is a total "change management" failure on the testing center for ECC.

Even CompTIA uses a "grace" period for its students and issues out those Objectives clearly - with "official" study guides that the IT Industry can get their heads wrapped around it. ECC position is that if it does not say ECC on the book - then it is grey material - that may or may not aid a test taker.

The point I'm trying to make is that this change was so immediate and drastic that no one was prepared for it. A test taker cannot stay in a perpetual state of study fearing that they might miss the crucial 38 questions that cause s 68% score on the exam - 140 New labs and 2200 common used tools can garner a massive amount of specific questions.

There needs to be order and balance. That is why CompTIA uses the CE so that once a test taker achieves the exam and certification (foundation) - they continue to learn new and developing trends within the IT realm (building the infrastructures of knowledge).

So - no binarysoul you don't need to change right at this moment - hang tough to see what is going to happen. It will be quick, I hope. In the end, Offensive Security is what all high end hackers are using to crack worldwide networks. It's the most "in your face" one can get. So - perhaps this is the way it was meant to be. I tend not to question why things occur in a bad light, but jump at the opportunity to learn from it and excel towards another journey...and that will be Offensive Security (Metasploit and their first certification they offer OSCP).

Your concerns are well placed....

OctalDump

CEH seems to be the only cert from EC-Council with any value. There was an old post about the CEH -> ECSA -> LPT path basically saying, save yourself the money. There's a few others offering similar level certs (GIAC, mile2, Offensive Security, etc). The Info Sec certification world is still a bit messy, with too many certifiers in the same spaces.

You could short cut the whole CEH path by going straight to OSCP. The thing is, you can just learn whatever you like without getting a cert, and if you do get a cert, then a higher level one sort of negates the lower level one. I mean, why go on about your CCNA if you have CCNP, or why mention your A+ if you have MCSE?

Even if you don't get the CEH, what you've learnt won't go to waste. It will still add to what you know, and gives a reasonable base to scale greater heights.

I'm hoping that ECC will clarify the situation with the exam, though.

IronmanX

binarysoul wrote: »

Keeping up to date with tech isn't foolish, in fact it's expected. But what I said is that in my opinion what's is foolish is to expect that for an exam,

"The CISSP draws from a comprehensive, up-to-date, global common body of knowledge that ensures security leaders have a deep knowledge and understanding of new threats, technologies, regulations, standards, and practices. "

To be an accredited certification you have to have up to date questions.

"A lot of people are concerned because the v9 just came out."
The v9 course just came out not the v9 exam. There is not version on the exam.
As per the EC Council Web Site "What is new in the CEH Version 9 Course"

I understand the confusion they should just version the COURSE by year. CEH 2013/14 Course (v

CEH 2015/16 (v9). The exam will contain up to date questions in order to be relevant. Complaining about Poodle, Heartbleed, Shell Shock etc.... questions a year or more after they first came out seems a bit silly to me.

chrisone

Having updated exams are part of a "credible" certification.

The complaints you have read are due to individuals training for one exam and either taking the newer exam or seeing newer questions mixed in. Don't be frustrated but appreciate the certification is respected and you have that brand name backing you up now once you passed your exam. ECC is a very good company and like all humans are not prone to mistakes. Be calm and sort them out with them. Study and enjoy the material. I am looking forward to v9.

BillV_

Expecting you to be up-to-date is unrealistic and foolish? How?

That only plays to my biggest issue with CEH - that it's too easy and people not qualified still manage to pass it.

Then those not qualified enter the field but don't really know what they are doing. Which in turn makes the CEH look bad. This hurts both sides of that engagement (the tester and client), as well as other certification holders.

OctalDump

BillV_ wrote: »

Expecting you to be up-to-date is unrealistic and foolish? How?

That only plays to my biggest issue with CEH - that it's too easy and people not qualified still manage to pass it.

Then those not qualified enter the field but don't really know what they are doing. Which in turn makes the CEH look bad. This hurts both sides of that engagement (the tester and client), as well as other certification holders.

I've always treated it as an entry level cert. In the same way I wouldn't trust an A+, no experience, tech to manage 2008 Server, I would expect a CEH to run a pen test (or write a report). A CEH might be useful for hiring a Pen Tester or writing up a pen test RFQ/RFI. It's also a useful cert to orient to the field, and useful for people in other fields (Network or System Admins) who need some security training. There's a bunch of better certs at higher levels, along with numerous capture the flag events, for people who really want to prove themselves.

The weird thing about CEH is that EC Council say that it is the pre eminent hacking certification (pinnacle, most advanced, master etc) and then go and offer the ECSA and LPT above and beyond CEH.

From what I've read from those in the industry, and in conversations, is that CEH isn't respected and that most only get it to satisfy some "need" from clients who probably get fixated on the "Certified" and "Ethical" part of the name rather than the substance of what it is - 125 multiple choice questions.

IronmanX

OctalDump wrote: »

There's a bunch of better certs at higher levels

There really isn't. In the the other threads the posters that have failed said they still wanted the cert due to the ROI.
CISSP is the only other cert that gets you more bang for your buck as far as DoD 8570.01-M.

CISSP - Information Assurance Manager level 2 and 3.
CISSP - Information Assurance Technical level 3.
CISSP - Information Assurance System Architect and Engineer level 1, 2 and 3

CEH - Computer Network Defense Analyst
CEH - Computer Network Defense Infrastructure Support
CEH - Computer Network Defense Incident Responder
CEH - Computer Network Defense Auditor

CISSP - Computer Network Defense Service Provider Manager

CISSP - Information Assurance System Architect and Engineer level 1 and 2.

If you want to work in Computer Network Defense for the DOD you should get CEH.
If you want to work in Computer Network Defense for a non DOD organization you should get CEH. The thing is most companies are not going to go and do the work the DOD did in order to make sure certain certs meet the criteria of someone working in a certain field. What is happening is other companies are looking and saying hey if is required by the DOD it should be good enough for us.

I'm certain there are many certs and non cert courses that teach you more then CEH does. However can you consider them to be better if they are not required for the job.

BillV_

Once again, OctalDump has nailed it. It is an entry level cert. And that's all that is expected of it.

I agree on the disconnect with how it has been marketed, and how it's perceived by the industry as such. You want to expect more from someone holding the certification. Hopefully this will be addressed in the future with new updates to all of the courses.