Question about Requirements to take CEH

Hey Fellas,

First time poster, short time reader.

I have been studying for CEH for a few months. I am planning on taking the exam once I study up more on the V9 topics. I have read there are some issues with people signing up for the V8 but getting V9 exams.

I have real world working knowledge equivalent to Comptia A+ and Network+. I am pretty proficient with Kali Linux and Web App Pen Testing.

Anyway, my main question is this. Is there any way around the requirement that I show two years of experience in Information Security? In my current job, I have been handling all of the companies IT needs and that includes security. I have been at this job for a little over a year, but IT is not my main responsibility.

I have recently started my own company doing basic Web App Vulnerability Testing and Web App Penetration testing for businesses that are similar to the one I work at, specifically their E-Commerce websites.

So basically, a little over one year experience at my job, and about two months experience owning my own company in InfoSec.

Thanks a ton ahead of time. I am looking forward to participating more in the community.

Find more posts tagged with

Comments

Mike7

The process is documented at Application Process Eligibility
Basically, EC-Council will contact your boss/supervisor/department head listed in your eligibility form to validate the 2 years experience. In my case, my manager was contacted via e-mail, and he faxed the signed completed form back to EC-Council.

The alternative around the 2 years requirement is to attend an authorized CEH course; which I assume is not what you want.

Else I suggest you go for OSCP, which is well recognised in the pen testing field.

ActiveMeasurers

Thanks for the reply.

You are correct in that I do not want to go through the whole in person training thing right now. I was originally gonna go for OSCP but I feel I am not at that level yet, and feel their final exam would give me a mental break down at this point.

Mike7

If you do say a Masters of Info Sec program, they may give you an exam voucher. Believe that's what those doing WGU are getting.

TechGuru80

You can also do their online training to waive the two years...If I remember correctly it was around $1,000 difference...so like $1700. It's definitely pricey though if you HAVE to do a course.

emilyanncr

ActiveMeasurers wrote: »

Hey Fellas,

First time poster, short time reader.

I have been studying for CEH for a few months. I am planning on taking the exam once I study up more on the V9 topics. I have read there are some issues with people signing up for the V8 but getting V9 exams.

I have real world working knowledge equivalent to Comptia A+ and Network+. I am pretty proficient with Kali Linux and Web App Pen Testing.

Anyway, my main question is this. Is there any way around the requirement that I show two years of experience in Information Security? In my current job, I have been handling all of the companies IT needs and that includes security. I have been at this job for a little over a year, but IT is not my main responsibility.

I have recently started my own company doing basic Web App Vulnerability Testing and Web App Penetration testing for businesses that are similar to the one I work at, specifically their E-Commerce websites.

So basically, a little over one year experience at my job, and about two months experience owning my own company in InfoSec.

Thanks a ton ahead of time. I am looking forward to participating more in the community.

Yes! I have one years experience in IT. All you need to do is have your supervisor or boss write a letter outlining what you've with the company. For me, I typed my own letter and passed it on to my supervisor for him to sign. He emailed it back to me and I forwarded that letter, along with my application for the exception to sit for the exam, and a copy of the receipt. EC-Concil will call your boss within 2-3 days to confirm the letter. Once they do, you'll be good to go! Good luck! My test is Saturday!

emilyanncr

I guess it might be worthwhile to point out, that I work for the company in a security capacity. I've been a junior pentester for a year now but other than that, everything I know I sat down and taught myself. I have a masters degree in a completely unrelated field.

IaHawk

You can always email them and ask and they will give you a horrible answer. Their customer "support" is terrible, I gave up when I was initially looking. I hope I am never required to have this cert.