CEH Worth Doing?

Daniel333Daniel333 Posts: 2,071Member ■■■■■■□□□□
Hey,

Guess I am half looking to get back into the cert game, so nervous more than anything else,

Debating if I should take the CEH or not. Noticed the version just jumped to version 9 and not sure if the training material has matured enough for me to work off of. And I remember finding the pre-tests to be more esoteric and just frustrating. But the boss just asked me why I never bothered to cert up, and now i feel obligated. Looking for a yes/no from this forum with some 9.x materials recommendations? How do CEH hacker courses online measure up these days?

--- Background ---
Certs all earned w/o cheats (proud of that!)
MCSE Security
Security+
CCNA Security
Cisco Firewall Specialist

Formal classes:
In Redhat Security, Kali Linux, Pen Testing, Nmap, Puppet Security, Python Secure Programming, Juniper Security classes and attended a handful of security confs.

Experience:
~5 years, 20+ projects including SOX, PCI and data gathering for formal investigations for LE.
OS hardning (patching, HIDS/HIPS, AV, FIM)
Security automation
Firewall and NIPS experience (snort , Juniper and cisco)
SIEM management, Application stack hardening, plenty of hours using Kali, NMAP and some closed source paid solutions


My job had me take informal CEH 7.0 and 8.0 classes over the years. But I really never had an urge to cert up because of sorta random nature of the cert. And I've never really seen any demand from employers. But if the boss is paying ... go/no go? Materials recommendation?
-Daniel

Comments

  • No_NerdNo_Nerd Posts: 168Banned
    I would do it just to check the box. I see you have Kali and NMAP listed up there so you might as well go get the CEH just my .02
  • TechGuru80TechGuru80 Posts: 1,535Member ■■■■■□□□□□
    Is there a specific reason for CEH? If they are paying the official courseware is what I would opt for and that way you get labs. With your background I don't see it being much of an issue...although a GIAC certification might be better suited for you.
  • Daniel333Daniel333 Posts: 2,071Member ■■■■■■□□□□
    Yeah, it's a no brainer. Guess I am nervous about playing the pass/fail game again. I've failed sooo many cert to the tune of thousand$. I hate getting money from the boss only to fail. Even worse when it's your own.

    Okay man up and schedule!
    -Daniel
  • stephens316stephens316 Posts: 201Member
    No its not worth it Take a SANS Class more respected than EC-Council
    ______________
    :study:Studying: 8 month CISSP Challenge
    Next Up: GCIH[/B][B]|CISSP[/B][/COLOR][/COLOR][/SIZE][SIZE=2][COLOR=Red][COLOR=Black][B
    Future: [/B]OSCP[/COLOR][/COLOR][/SIZE][SIZE=2][COLOR=Red][COLOR=Black][B

    Passed:[/SIZE][GCFE|SCCM|GCED
    Reading: Mainly Real Estate Books, CIA Books


  • TechGuru80TechGuru80 Posts: 1,535Member ■■■■■□□□□□
    No its not worth it Take a SANS Class more respected than EC-Council
    You are working off the assumption his employer will pay $5,000 for the course...kinda funny to say it's not worth it when you have CEH in your future goals.
  • gncsmithgncsmith Posts: 458Member ■■□□□□□□□□
    Good luck (yes, take the course if employer's paying for it) and let us know how you do!
  • chrisonechrisone Senior Member Posts: 1,784Member ■■■■■■■■□□
    Yes CEH is worth it.

    Anything is worth it, if it will help you get a better job and pay. Also the fact that CEH is non-lab, does not mean you will not learn anything. Besides, technically you should lab anything you learn regardless if the exam is lab oriented or not.

    Then it is up to you how to use the knowledge from CEH in order to help you with another certification goal, such as a SANS, OSCP, elearn certification.
    2019 Goals:
    Courses: Real World Red Team Attacks- AppSec Cali 2019, SANS Security West SEC660, SANS Network Security FOR508,
    Certs: GCED, GCIA (in progress), GCIH, GXPN, GCFA
  • renacidorenacido Posts: 387Member
    No its not worth it Take a SANS Class more respected than EC-Council

    Most of us do not have an employer with the budget or willingness to pay for SANS training/certs. For most of us outside of the defense and federal govt sectors, SANS and GIAC are not in our training budgets. Hell, I have a hard enough time getting my boss to set aside time for on-site training that was bundled with licensing. Enjoy the benefits of 8570 while you can...

    Also, do a search for CEH and another for GPEN on job boards...CEH easily more recognized than GPEN/GCIA/GCIH...SANS has a better rep than EC-Council within the infosec community perhaps...but the certs mostly serve as SEO for your electronic resume. If it's a large SOC or maybe an MSP GIAC might give a slight advantage over CEH/ECSA/LPT, but the GIAC path costs double or triple what it costs to get LPT.

    Most pentesters say the OSCP is the most valid of them all by far for their line of work.
Sign In or Register to comment.