Options
CPEH (Mile2) alternative to CEH (ECC)
Comments
-
Options
TK1799_st
Member Posts: 111
Thank you for all the members that have replied -- much appreciated - especially from the wealth of talent on this forum! -
Options
chrisone
Member Posts: 2,278 ■■■■■■■■■□
Congrats! sounds like a good source of technical information. The quality of the materials you posted look pretty good. I hope you get the best ROI you can out of this. Never heard of Mile2, just be careful not to get sucked into the sales pitches from many of these smaller companies. I am sure many of them have good material but you always have to balance ROI and the information you learned. Seems like you have been testing out the waters from different security vendors. Make sure you put the recognized certs on the resume first
good luck on your next adventure!
Edit: Question, so this cert only took you one month to study and pass? No disrespect but that doesn't sound like a hard exam.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
OptionsTK1799_st
Member Posts: 111
Well - I got my ROI having my company re-pay for the training and exam cost. Once I land the CPTE - a raise in salary. So, it's there. I work in national defense -- they know who Mile 2 is. FBI, NSA, DOD...are very familiar with them.
I had a previous 10 months of ethical hacking training/studying under the EC Council v8 of the CEH - which they updated the nite before I took the exam. So - yes, 45 days to play catch up - study - go through the labs - take notes - organize my materials, terms, etc....and sat down and took the test.
Also, I have read completely through several books -while also doing the labs in the books...
The Books I’ve read so far for prep:
(1) Red Team Field Manual (Quick guide to scripts)
(2) The Hacker Playbook 2 (detailed instructions)
(3) Basic Security Testing with Kali Linux (Outstanding & to the point)
(4) Metasploit: Penetration Tester’s Guide (Great guide; step-by-step)
So - I have alot of time invested in this particular skill set.
The exam was straight forward from the material presented and you have to know the correct answer or at least deduct which one could be correct and then confirm it. SANS/GIAC does the same thing.
An additional ROI with DoD is that I keep my position in cyber threat intelligence - more people are signing up to this - although defense industry - but all things will balance out eventually...
Check out CompTIA's Roadmap -- it lists CPTE as Expert.....CISSP doesn't even make that level.... -
Optionschrisone
Member Posts: 2,278 ■■■■■■■■■□
Ah ok so your CEH background helped you on this test. I like the that Mile2 has that military defense background. That is definitely a bonus on ROI. I think you stated before that CEH and CPEH are identical.
CPTE is a pentesting technical exam. CISSP is a high level security management certification. These are entire two different concepts. I think you underestimate the role of a CISO or CIO (I once did.) There is a reason they get paid 150k+. I started sitting on high level CISO and CIO meetings and I got a reality check. Its not fun and and there is a lot of responsibility and pressure. I just wanted to go back to my desk and work on firewalls lol
You should look into OSCP for hands on pentesting course. It is more expensive than the CPTE but this course is created by the DEVELOPERS of kali linux which is what pretty much all these new companies base their pentesting courses on.
However if you need it for the DOD or military recognition, I get it. I would still go after that OSCP when you're done with Mile2 course work.
I think you are doing a good job here, keep up the good work!Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
OptionsTK1799_st
Member Posts: 111
Ah ok so your CEH background helped you on this test. I like the that Mile2 has that military defense background. That is definitely a bonus on ROI. I think you stated before that CEH and CPEH are identical.
CPTE is a pentesting technical exam. CISSP is a high level security management certification. These are entire two different concepts. I think you underestimate the role of a CISO or CIO (I once did.) There is a reason they get paid 150k+. I started sitting on high level CISO and CIO meetings and I got a reality check. Its not fun and and there is a lot of responsibility and pressure. I just wanted to go back to my desk and work on firewalls lol
You should look into OSCP for hands on pentesting course. It is more expensive than the CPTE but this course is created by the DEVELOPERS of kali linux which is what pretty much all these new companies base their pentesting courses on.
However if you need it for the DOD or military recognition, I get it. I would still go after that OSCP when you're done with Mile2 course work.
I think you are doing a good job here, keep up the good work!
Time is a key element -- which is why I'm sticking with CPTE..... I'vs looked into OSCP....gone through Basic Security with Kali, Metasploit, and the Hackers Playbook 2....alot of very interesting things in all of those...even Maltego is scary quick....anyway....
There is another guy I work with - his professor that has a CISSP is going through OSCP right now....he told him CISSP was easier....
He has some commitments to finish off - and then he will start and finish OSCP. After that, we are going to compare notes and courses to see how they match up.
Mile2 has treated me with respect and integrity - and their military connection and taking care of us is highly appreciated....that's says alot in my book. I can same the same thing with CompTIA as well! -
Optionschrisone
Member Posts: 2,278 ■■■■■■■■■□
That's good man, stick with your plan of education. I am sure you already know that you shouldn't be married to one brand of company. Having those military backed certs do no harm at all.
On your comment of a professor having CISSP and acknowledging that OSCP was much harder. I still don't think you get what the CISSP covers. It is a not a hands on pentesting exam nor does it go over technical pentesting tools like CPEH or CEH. Of course a technical exam such as OSCP will be much harder than a non-technical exam CISSP. You are comparing a monster truck to a track car, apple to oranges, a dog to a cat.
Put it this way there is a reason why you need to have 4-5 years experience in network security as a prerequisit in order to get the CISSP. It is not an exam looking to test you on how to run a metasploit meterpreter shell.
Once you are done with your pentesting courses, including OSCP. If you want to impress management, you should look at CISSP or CCSP.
This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those working in positions such as, but not limited to:- Security Consultant
- Security Manager
- IT Director/Manager
- Security Auditor
- Security Architect
- Security Analyst
- Security Systems Engineer
- Chief Information Security Officer
- Director of Security
- Network Architect
Take a look at that list and ask yourself if your goal in 5-10 years is to be at one of these levels.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
OptionsTK1799_st
Member Posts: 111
...oh I know CISSP is not OSCP -- yes, management. They are a very protected enterprise CISSP holders. They just don't let anyone walk in and take the exam for certification. The professor of the co-worker asked him to file an application - it was turned down due to not meeting the certain criteria. I fully understand CISSP requirements and what the exam is like - I've had the conversation with co-workers and the few that actually have it. I was just online yesterday with the co-worker of mine as he went through the application and the areas that had to be explained and graded for area expertise because he was invited to apply. Yes - that's a very series exam not to be taken lightly. Those domains have to be met, or at least 2 or 3 with a high level of competence. I'll stick with the ground fight.... Thanks for the feedback and information...these forums can be highly educational and a reality check to say the least... have a great week and upcoming weekend!
Updated info:
The CPTE course was updated in 2015 and revised by James Michael Stewart, an international author with over 75 books, and is by far the most cutting edge Penetration Testing & Ethical Hacking course in the market today.
James Michael Stewart, Security+, CISSP, CEH, CHFI, is a security expert, full-time writer, trainer, and researcher for Impact Online, an independent courseware development company. He has authored and contributed to over 75 books, including previous editions of the CompTIA Security+ Review Guide, and the CISSP Study Guide, both by Sybex. Stewart provides IT instruction across the globe for various public and private organizations.
