Passed My CEH Resit. Some Thoughts On The Cert And EC-Council.

Sch1smSch1sm Member Posts: 64 ■■□□□□□□□□
I passed my CEH resit last week after failing the initial attempt by 2% when I sat the v9 exam instead of v8. I would like to make it absolutely clear because there is apparently still some confusion about this on here and on other websites - you will be sitting "v9" of this exam. It doesn't matter if you signed up for v8 or if your exam voucher ends with v8, you will be sitting version 9 and there is a significant difference in the material. There is some absolutely ridiculous mental gymnastics going on by some people on this forum trying to claim this doesn't matter but for the vast majority of people sitting this exam, it will. You will see posts from people who have been penetration testers for 7 years or so saying how easy the exam is - they are obviously not the intended audience for this fundamental certification and most people will struggle to pass using only v8 material (especially if you're relying on the official EC-Council courseware.)
I won't go into any specifics on questions or specific areas to study (there are already several of these kinds of posts on this site) but I will say this - the vast majority of practice tests for this exam are useless.
If you're not answering the majority of practice questions (wether it be from the AIO book, skillset, boson, cybrary or any of the mobile study apps) with ease I think you will struggle with the exam. Most of them do not go anywhere near in depth enough to compare to the real exam.


As I said before, there are a lot of apologists for the EC-Council on this website. The way they handled the version mix up has been absolutely disgraceful and has once again shown what an unprofessional organization the ECC are.
Trying to communicate with them is unbelievably frustrating. They are apparently based out of New Mexico in the USA however it seems like every aspect of their business is handled by people in Malaysia who do not speak English as a first language - every e-mail is riddled with extremely poor spelling and grammar and often requires 2 or 3 e-mails back and forth to clarify exactly what they're trying to say (this would also explain why many people in the past have complained about strange wording of exam questions). Combined with this, the person responsible for handling complaints/appeals seems to be a glorified member of HR with little to no understanding of the industry or the material the ECC is putting out. The appeal process was a pointless exercise that resulted in everyone being sent the same few stock responses without any of the individual points or concerns being addressed at all. Possibly the most unprofessional incident regarding this **** up happened on this forum, where a member of the appeal committee trawled the forum looking for information from people then ultimately singled out a member on here to argue with, advising him that his appeal would be seen by the appeals committee then when he signed off his post he revealed he was on that committee. This made me extremely uncomfortable about posting anything regarding my appeal and was just mind blowingly petty and unprofessional. Why the ECC have a chair on their committee trolling these forums instead of dealing with it through official channels is beyond me.


I would not advise anyone to go for this certification unless you are absolutely required to by your employer. If you do want to sit it and aren't confident going in considering the v8/v9 situation my advice would be to wait for a good 3rd party study guide to come out. The official courseware is $850-$885 depending on your location and if it's anything like the v8 material it is absolutely useless. They just flood you with mountains of useless information, it's all presented in slides that don't really go into depth and half the book is just a list of different tools (their "whats new to v9" page states they have more than 1500 new/updated tools..). So the official textbook will cost you almost $900 and then your exam voucher will cost you $600. Compare this with the OSCP where $800 gets you pdfs, videos, 30 days access to a virtual network to hack into and your exam cost is included..
I'm glad I passed the exam and relieved it's over with. I certainly won't be taking another certification with the EC-Council unless I'm forced to by an employer. I'm starting the OSCP in January and I'm really looking forward to it, I've read several blogs and reviews on the course and they're all very positive so hopefully it's as challenging and rewarding as people claim.
«1

Comments

  • abyssinicaabyssinica Member Posts: 97 ■■■□□□□□□□
    Thanks for confirming what I already suspected...OSCP is the better choice if you're going to do a hands-on hacking cert
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    From my understanding, OSCP is way better in terms of really learning good content and in certain circles, it's a LOT more respected. Unfortunately, it isn't as well known as EC-Council since the certification body doesn't have the same marketing $$$. CEH is more well-known though and sometimes jobs/schools have a requirement to take it. I don't personally have a hatred for EC-Council. I just see them as not really having a ROI outside of an immediate need (i.e. your job requiring it).
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    Sch1sm wrote: »
    I passed my CEH resit last week after failing the initial attempt by 2% when I sat the v9 exam instead of v8. I would like to make it absolutely clear because there is apparently still some confusion about this on here and on other websites - you will be sitting "v9" of this exam. It doesn't matter if you signed up for v8 or if your exam voucher ends with v8, you will be sitting version 9 and there is a significant difference in the material. There is some absolutely ridiculous mental gymnastics going on by some people on this forum trying to claim this doesn't matter but for the vast majority of people sitting this exam, it will.

    There is only one version of the exam. If you sign up to take it, you will take that version. Yes, content has been updated. If you can't explain [newer] vulnerabilities like heartbleed (nearly 2 years old) or shellshock (just over a year old) then you shouldn't be taking this exam. If you don't know your nmap switches or how to interpret a pcap file, you shouldn't be taking this exam. The recommended amount of related experience for this exam is 2 years. If you don't have that, you should carefully consider whether you should be taking this exam. This isn't rocket science or some evil ploy to try and scam people. It's not an easy exam. If you're coming into it with little or no experience I'm not sure why you would expect to pass.

    Sch1sm wrote: »
    As I said before, there are a lot of apologists for the EC-Council on this website. The way they handled the version mix up has been absolutely disgraceful and has once again shown what an unprofessional organization the ECC are.
    Trying to communicate with them is unbelievably frustrating ... Combined with this, the person responsible for handling complaints/appeals seems to be a glorified member of HR with little to no understanding of the industry or the material the ECC is putting out. The appeal process was a pointless exercise that resulted in everyone being sent the same few stock responses without any of the individual points or concerns being addressed at all. Possibly the most unprofessional incident regarding this **** up happened on this forum, where a member of the appeal committee trawled the forum looking for information from people then ultimately singled out a member on here to argue with, advising him that his appeal would be seen by the appeals committee then when he signed off his post he revealed he was on that committee. This made me extremely uncomfortable about posting anything regarding my appeal and was just mind blowingly petty and unprofessional. Why the ECC have a chair on their committee trolling these forums instead of dealing with it through official channels is beyond me.

    I'm not going to apologize for EC-Council. What they choose to do with their business decisions is entirely up to them. There was no "mix up" per se... updated content was released. As has been done in the past.

    The appeals process is, and works, exactly what it sounds like. Yes, I would imagine that upon requesting an appeal or submitting an appeals request that you will likely receive the same response back (e.g., "thanks for your complaint, here's the process, we'll keep you posted"). If you're not happy with the initial decision by EC-Council then you have the right to appeal further to the Scheme Committee. At that point, I can assure you that all of the points or concerns are addressed, individually. If you do not include your concern in your appeals paperwork, then it can't be addressed. Similarly, if you appeal with a concern but don't request some sort of resolution, what sort of answer would you expect? More often than not, the Scheme Committee sides with the candidate. However, this requires some solid evidence and thorough explanation of what happened to justify.

    Regarding your "incident" of singling out a specific person... I was advised of the situation happening on this forum and all of the confusion that was spreading in the various posts. There was one person here that seemed to be bouncing around the forums posting everywhere, both slandering EC-Council, making direct, personal attacks against a specific EC-Council representative, and just generally spreading misinformation regarding the exam. In my attempts to consolidate all of the issues here and clear up the confusion, that person continued to argue with and attack me instead. I simply offered the opportunity to appeal (which they did, along with two others..). Whether you decide to share information on a public forum about your own personal appeal is entirely up to you. If you have questions or concerns about the process, as it relates to the SC, I'm happy to answer. Appeals brought to the SC (whether from people here at this forum or elsewhere, I don't know) are dealt with, and have been reviewed more quickly than normal (quarterly) to get answers back to the candidate.
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    @BillV- I did read that exchange briefly. My opinion is that you were helpful and tried to maintain your professionalism. I may not be a huge fan of EC-Council's certs since I see them as more entry-level like CompTIAs a lot of the time but you represented well. I took my exams years ago and they probably expired by now so I'm not sure what the update process is for an exam. I know a lot of other vendors tend to announce a topic list change at least 6 months out and let you know the hard date that things will change over. If EC-Council doesn't do that already, that probably would be a good way to clear things up.

    Anyways, my 2 cents on the matter.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    Thanks for the reply. And yes, EC-Council used to do this. They would announce a release date (generally in advance) for a new version of the exam but would also allow the old version to remain available for 6 months I believe. This changed when the CEH certification earned ANSI accreditation as it's now just an "ANSI exam" with no real version associated to it (it just has to be kept up-to-date with the always changing world of security). Like I mentioned, I can't speak for what EC-Council chooses to do as a business decision. If they were to change/update the blueprint, then I suspect they would make an announcement prior to that being changed. For now, the exam will likely be updated on somewhat of a regular basis (annual?) as new threats, vulnerabilities, tools, and techniques are discovered. And yes, most of the certifications are meant to be entry-level (for their respective area). The ECSA/LPT stuff is slightly more advanced and has also gone through some recent revisions now requiring practical assessments.
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    Thanks for the reply, Bill. Makes sense. I hope they make it a littler more clearer in the future for candidates but no certificate process is perfect. Have a great day :)
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • abyssinicaabyssinica Member Posts: 97 ■■■□□□□□□□
    Sch1sm wrote: »
    it seems like every aspect of their business is handled by people in Malaysia who do not speak English as a first language - every e-mail is riddled with extremely poor spelling and grammar and often requires 2 or 3 e-mails back and forth to clarify exactly what they're trying to say (this would also explain why many people in the past have complained about strange wording of exam questions).
    Why is nobody saying anything about this? This sort of thing must be extremely frustrating.
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    abyssinica wrote: »
    Why is nobody saying anything about this? This sort of thing must be extremely frustrating.

    I don't disagree. It's very frustrating to have language barriers preventing you from communicating your issue or from being able to interpret the response. The reality is that EC-Council has an office in Malaysia and a US headquarters in New Mexico. Obviously, with any company, when you have non-native English speakers there will be some errors. I don't know who the exam writers are but I fully agree, it's not acceptable for there to be errors in the exam questions. I have gone through many of the current exam questions and made a lot of edits - hopefully they'll be fixed - and have also suggested that a better process be put in place to prevent such spelling and grammar errors.
  • abyssinicaabyssinica Member Posts: 97 ■■■□□□□□□□
    BillV_ wrote: »
    and have also suggested that a better process be put in place to prevent such spelling and grammar errors.
    Hiring native or at least fluent English-speakers is the suggested process, we would hope?edit: I don't think you realize what is happening here. You basically came in here to shut down the OP and anyone who criticizes your organization in any way. This is the first time I have ever seen anyone do this. Why don't we also see OSCP people coming in here and saying "Oh well since we are Israeli, we can't guarantee you customer service reps who know any language other than Hebrew"??I think people on here should be free to say what their experience was, without you replying and trying to intimidate them or discredit them through ridicule. Your ridicule is cloaked, but it is there, and it is unfair. If the OP had whatever opinion about Ec-council, why is there a need to come in here and try to dismantle his post with your own long passive-aggressive reply?
  • Sch1smSch1sm Member Posts: 64 ■■□□□□□□□□
    abyssinica wrote: »
    Hiring native or at least fluent English-speakers is the suggested process, we would hope?edit: I don't think you realize what is happening here. You basically came in here to shut down the OP and anyone who criticizes your organization in any way. This is the first time I have ever seen anyone do this. Why don't we also see OSCP people coming in here and saying "Oh well since we are Israeli, we can't guarantee you customer service reps who know any language other than Hebrew"??I think people on here should be free to say what their experience was, without you replying and trying to intimidate them or discredit them through ridicule. Your ridicule is cloaked, but it is there, and it is unfair. If the OP had whatever opinion about Ec-council, why is there a need to come in here and try to dismantle his post with your own long passive-aggressive reply?
    Yeah, this is an absolutely huge issue for me. This poster appeared in the v9 threads and also made his own thread about it - before he had mentioned he had any level of involvement with the EC-Council. A few people mentioned he was clearly working (or at least had some level of involvement) with them but the first time he revealed this was to sign off on a huge post disparaging a member on here essentially saying "your appeal will be seen by the commitee, btw I am also on that committee." At best it is unbelievably petty and unprofessional but at worst it is intentionally malicious. I just cannot get my head around it, if he is speaking on behalf of the EC-Council then it should be made absolutely clear what his position is and that's what he's doing from the get go. If he is not he should, in my opinion, leave it to the official channels designated by the EC-Council (which as I have mentioned before has a lot of issues and is incredibly frustrating). I legitimately do not understand how any aspect of this behaviour is okay or acceptable in any way. He says he was "advised of the situation happening on this forum" - is this forum in any way moderated by the EC-Council? Are other public forums and websites held to the same standards as this website apparently is? The entire thing is just mind boggling.
  • abyssinicaabyssinica Member Posts: 97 ■■■□□□□□□□
    The only message I am getting from BillV is that, once somebody gets a certification from EC-Council, they may be stalked and intimidated by him on cert forums. From this person BillV, I see no professionalism and no desire whatsoever to actually help the customer who has complaints. Only veiled threats and condescending rhetoric. You are making your company look bad, and I am sure that, whether EC-Council is from Malaysia or whatever country, they only mean well. They are probably trying to build a good business, and you BillV are helping to ruin those efforts. What kind of impression do you think you leave on people? Just because people are scared to tell you what they think for (fear of losing their EC-Council cert), doesn't mean they see your behavior in a positive light.
  • TK1799_stTK1799_st Member Posts: 111
    CONGRATS!!! Good on you for passing....!!! Glad to hear it...and thanks for your well written post!
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    abyssinica wrote: »
    Hiring native or at least fluent English-speakers is the suggested process, we would hope?edit: I don't think you realize what is happening here. You basically came in here to shut down the OP and anyone who criticizes your organization in any way. This is the first time I have ever seen anyone do this. Why don't we also see OSCP people coming in here and saying "Oh well since we are Israeli, we can't guarantee you customer service reps who know any language other than Hebrew"??I think people on here should be free to say what their experience was, without you replying and trying to intimidate them or discredit them through ridicule. Your ridicule is cloaked, but it is there, and it is unfair. If the OP had whatever opinion about Ec-council, why is there a need to come in here and try to dismantle his post with your own long passive-aggressive reply?

    Please feel free to point to and provide such evidence of this "coming in here to shut down the OP and anyone who criticizes [the] organization." Note: It's not my organization. I am not an EC-Council employee. I have zero control over who they hire and what languages they speak. And I agreed with the point you made as it is frustrating. If you have issues with EC-Council representatives, you should take that up with EC-Council.

    "I think people on here should be free to say what their experience was, without you replying and trying to intimidate them or discredit them through ridicule." Again, where have I done this? People are free to share their experiences here. I haven't stopped or prevented anyone from doing such - nor do I have the ability to do so. The only thing I've done is corrected the misinformation and provided additional information to clarify other matters.

    My post is not passive aggressive. I have nothing against the OP. Some of the information was wrong and I addressed it. I also had to defend my own previous actions against his personal attacks. Seems like a rather simple concept to me.
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    Sch1sm wrote: »
    Yeah, this is an absolutely huge issue for me. This poster appeared in the v9 threads and also made his own thread about it - before he had mentioned he had any level of involvement with the EC-Council. A few people mentioned he was clearly working (or at least had some level of involvement) with them but the first time he revealed this was to sign off on a huge post disparaging a member on here essentially saying "your appeal will be seen by the commitee, btw I am also on that committee." At best it is unbelievably petty and unprofessional but at worst it is intentionally malicious. I just cannot get my head around it, if he is speaking on behalf of the EC-Council then it should be made absolutely clear what his position is and that's what he's doing from the get go. If he is not he should, in my opinion, leave it to the official channels designated by the EC-Council (which as I have mentioned before has a lot of issues and is incredibly frustrating). I legitimately do not understand how any aspect of this behaviour is okay or acceptable in any way. He says he was "advised of the situation happening on this forum" - is this forum in any way moderated by the EC-Council? Are other public forums and websites held to the same standards as this website apparently is? The entire thing is just mind boggling.

    Whether you choose to agree or not, my "consolidation" post was only meant for everyone to share their complaints so that I could take them back to EC-Council on the behalf of the candidates having issues. None of my posts have had any malicious intent. I have explained the process and my role, several times over.
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    abyssinica wrote: »
    The only message I am getting from BillV is that, once somebody gets a certification from EC-Council, they may be stalked and intimidated by him on cert forums. From this person BillV, I see no professionalism and no desire whatsoever to actually help the customer who has complaints. Only veiled threats and condescending rhetoric. You are making your company look bad, and I am sure that, whether EC-Council is from Malaysia or whatever country, they only mean well. They are probably trying to build a good business, and you BillV are helping to ruin those efforts. What kind of impression do you think you leave on people? Just because people are scared to tell you what they think for (fear of losing their EC-Council cert), doesn't mean they see your behavior in a positive light.

    Again... What? Stalked and intimidated? Threats? Where? Yes, you're right. Providing accurate information and answering questions isn't helpful. Why would people be scared to say what they think? They don't seem to be. I haven't stopped anyone from posting. If you have negative things to say about EC-Council, go ahead and share it.
  • jones551jones551 Member Posts: 154 ■■□□□□□□□□
  • abyssinicaabyssinica Member Posts: 97 ■■■□□□□□□□
    BillV_ wrote: »
    so that I could take them back to EC-Council on the behalf of the candidates having issues.
    BillV_ wrote: »
    I am not an EC-Council employee.

    These two statements are extremely contradictory.
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    @abyssinica - I think being a member of the board of review is a volunteer position so he probably could share the feedback online without getting a paycheck from them. Other organizations like CompTIA, ISC2, etc have boards of volunteer members as well that are allowed to provide feed and vote for changes. I get my yearly vote e-mail for ISC2 as well being a CISSP holder. I don't think this is contradictory.

    I've been watching all these EC-Council threads and while I might not think the way they go around these things are perfect and I don't really see a ton of ROI on their certs compared to others, I think BillV has handled himself pretty professionally from what I've seen. Maybe I'm missing something and if someone could link me a post where he's threatening someone or trying to intimidate someone, I'd be happy to retract that. If he's honestly here to explain the process and he's willing to take feedback to the company, why not use him for that purpose?

    Anyways, my 2 cents on the matter and it's not like I have skin in this game. My EC-Council probably expired this year and I won't ever be renewing them.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    abyssinica wrote: »
    These two statements are extremely contradictory.

    Please explain.

    Still not an EC-Council employee and not an EC-Council representative. As mentioned in the post above (and as I've stated elsewhere), I'm on a volunteer-based committee and just another certification holder. This gives me much better insight into the exam and processes regarding the certifications, allowing me to [attempt to] clear up any confusion by providing accurate information and answering questions, and also allows me to take back any concerns/issues/etc. to key people at EC-Council along with the committee to push for changes if needed.

    Once again, this is all to the benefit of the candidate.

    I'm really not sure what your problem is. You asked why no one addressed a certain issue pointed out in the original post, and I responded giving you an answer - even agreeing with you. You've since been hell bent on attacking me, for whatever reason (none of them have really made sense so far). You seem to think that the purpose of my first reply in this thread was to defend EC-Council. It is not. I was only providing corrected information regarding the exam and responding to the attacks against my own actions.

    You say that I'm somehow preventing people from posting what they want, or that I'm going to tell you that you can't criticize EC-Council. Go ahead. Feel free to post what you want and call them out on things. Search long enough, and you'll find places where I've called them out as well. But it's a bit hypocritical of you to say people should be able to post whatever they want - but then tell me that I can't respond. If you go around posting inaccurate information, then yes, I'm likely going to confront you about it. If you try to tell me that I'm being "intimidating" or that I'm "stalking" you, then yes, I'm going to ask you to supply evidence. Why is that a tough concept to understand? If you're going to make accusations or ***** forums and spew random information, you should probably be prepared to back up your comments with some sort of supporting evidence.

    If my posts aren't helpful to you, ignore them. Plain and simple.

    edit: apparently you can't say t-r-o-l-l
  • abyssinicaabyssinica Member Posts: 97 ■■■□□□□□□□
    BillV_ wrote: »
    If you try to tell me that I'm being "intimidating" or that I'm "stalking" you, then yes, I'm going to ask you to supply evidence.
    Well you may remember that I said you're trying to intimidate people who have obtained EC-Council certifications, by creating an impression. I am obviously not one of them. Now that you have come out plainly to admit that you are not a real EC-Council employee, your pretense is over and those people should not feel intimidated by you in the least bit, when you post your overly lengthy and condescending replies. I am really grateful that somebody like you does not actually work for or represent EC-Council. That is, if you are telling the truth, which you may not be, seeing as you are full of contradictions and long winding excuses including something ridiculous about Malaysia. So you're simply a volunteer who wanted to pretend to work for EC-Council and throw your weight around on a cert forum. I have no reason to see you as a threatening person anymore. So, goodbye.
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    abyssinica wrote: »
    Well you may remember that I said you're trying to intimidate people who have obtained EC-Council certifications, by creating an impression. I am obviously not one of them. Now that you have come out plainly to admit that you are not a real EC-Council employee, your pretense is over and those people should not feel intimidated by you in the least bit, when you post your overly lengthy and condescending replies. I am really grateful that somebody like you does not actually work for or represent EC-Council. That is, if you are telling the truth, which you may not be, seeing as you are full of contradictions and long winding excuses including something ridiculous about Malaysia. So you're simply a volunteer who wanted to pretend to work for EC-Council and throw your weight around on a cert forum. I have no reason to see you as a threatening person anymore. So, goodbye.

    Great. Thanks.
  • Sch1smSch1sm Member Posts: 64 ■■□□□□□□□□
    Hahah holy ******* **** I just got an email (one that actually made sense - progress!) from ECC.
    Holding a certification from EC-Council comes with many benefits and advantages but comes at an immense cost of maintenance to EC-Council. To continue to provide these benefits and elevate the value of EC-Council Certifications in the market, EC-Council has no choice but to implement a certification maintenance fee of $80.00 per annum.

    What a joke.
  • Mike7Mike7 Member Posts: 1,096 ■■■■□□□□□□
    BillV_ wrote: »
    And yes, EC-Council used to do this. They would announce a release date (generally in advance) for a new version of the exam but would also allow the old version to remain available for 6 months I believe. This changed when the CEH certification earned ANSI accreditation as it's now just an "ANSI exam" with no real version associated to it (it just has to be kept up-to-date with the always changing world of security).

    When ISC2 switched over to the new CISSP 2015 CBK, they announced a cut-over date (15th April 2015) and put up FAQ at https://www.isc2.org/cissp-sscp-domains-faq/default.aspx

    Similarly, when CompTIA announced new CASP version (CAS-002), exam takers can choose to take either version before CAS-001 was retired in June 2015.

    Both CISSP and CASP are accredited under ANSI ISO 17024.

    Was there any announcement by EC Council about CEH version change?
    BTW, the "EC-Council News" (404 Page Not Found) on the main EC Council site at Certified Ethical Hacker, Information Security Certifications, Computer Security Training, Network Security Courses, Internet Security, Hacking | EC-Council returns a 404 (file not found). icon_redface.gif
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    Mike7 wrote: »
    When ISC2 switched over to the new CISSP 2015 CBK, they announced a cut-over date (15th April 2015) and put up FAQ at https://www.isc2.org/cissp-sscp-domains-faq/default.aspx

    A change to the CBK is a change to the exam blueprint. That is a major change and one that would justify making an announcement. I would hope if EC-Council were making that drastic of a change to the exam, it would also be communicated in advance. The recently released update is just keeping current with times. The exam still covers tools, still expects candidates to be familiar with vulnerabilities, and still requires a recommended 2 years of experience. The updated exam still remains as easy as the old exam for someone with experience.

    ISC2 uses the same process, and makes similar exam updates with no notification:
    https://www.isc2.org/uploadedfiles/credentials_and_certifcation/about_our_credentials_and_process/jta-whitepaper_1.pdf

    As does CompTIA:
    https://certification.comptia.org/docs/default-source/downloadablefiles/whitepaper-cybersecurity.pdf?sfvrsn=2

    https://eccouncil.zendesk.com/anonymous_requests/new
    (to complain about getting your news)
  • Mike7Mike7 Member Posts: 1,096 ■■■■□□□□□□
    BillV_ wrote: »
    A change to the CBK is a change to the exam blueprint. That is a major change and one that would justify making an announcement.I would hope if EC-Council were making that drastic of a change to the exam, it would also be communicated in advance.

    Which ECC does not.
    So everyone is in agreement
    1. CompTIA and ISC2 made the necessary communications about CBK change in advance. Kudos to them.
    2. EC Council does not. icon_sad.gif
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    Mike7 wrote: »
    Which ECC does not. Yes?
    So everyone is in agreement
    1. CompTIA and ISC2 made the necessary announcements about CBK change.
    2. EC Council does not.

    I think that still remains to be seen. EC-Council has done so in the past. They haven't changed the "CBK" for the exam so there has been no need for an announcement.
  • Mike7Mike7 Member Posts: 1,096 ■■■■□□□□□□
    BillV_ wrote: »
    I think that still remains to be seen. EC-Council has done so in the past. They haven't changed the "CBK" for the exam so there has been no need for an announcement.

    Hmm.. so CEH v8 to v9 is not a CBK change?
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
    Mike7 wrote: »
    Hmm.. so CEH v8 to v9 is not a CBK change?

    No. The exam blueprint ("CBK") has remain unchanged.
  • Mike7Mike7 Member Posts: 1,096 ■■■■□□□□□□
    BillV_ wrote: »
    No. The exam blueprint ("CBK") has remain unchanged.

    So if the CBK is unchanged, what has changed from CEHv8 to CEHv9?
  • BillV_BillV_ Member Posts: 114 ■□□□□□□□□□
Sign In or Register to comment.