About to Sign up for CEH ... and then the CHFI - few questions

CyberCop123CyberCop123 Senior MemberMember Posts: 337 ■■■■□□□□□□
(Firstly, I know there's about 1000 threads on this which I'm reading through but it's nice to have some direct advice relating to my own circumstances)

Hi All,

I work in digital forensics and so I have some decent knowledge of things like FTK, EnCase, Hex, Binary, etc... all of that. I'd like to at some point move into penetration testing although I have almost no certifications at all so I want to start building some over the next few months.

I did think about going straight into the OSCP but I want to start with the CEH as it's a good one for HR, lots of jobs mention it and also it would be great to just get the ball rolling.

I have experience with numerous hacking tools already including nmap, metasploit, burpsuite, amongst others.

My plan is to:
  • Sign up for the exam to be taken in 8 weeks time (I just want to to book it so I have a deadline to work towards)
  • Read through the Oriyano / SYBEX book - I've read about 60% but I will start over and go through it in more detail
  • Sign up to an online questions thing - QUESTION: is the skillset one good as i see they offer CEH and CHFI and some others so I could potentially use it for other certs if I got a 3 month package.
That's it... I don't want to use too many resources or books as I will just become overwhelmed. I just want to select resources and stick to them ideally.

Any thoughts or tips on what I plan to do?

Thanks
My Aims
2017: OSCP -
COMPLETED
2018: CISSP -
COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
COMPLETED
           GIAC GREM - Reverse Engineering of Malware -
COMPLETED

2020: MCSA, OSCE

Comments

  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■□□□□□
    The first question is do you have 2 years of InfoSec experience? If not, you have to take the official training to satisfy the requirement.
  • CyberCop123CyberCop123 Senior Member Member Posts: 337 ■■■■□□□□□□
    Yes I do. I've been in my role for 2 years which is digital forensics and cyber investigation / incident response

    Also several years ago I was a web developer and Linux admin (more of a support role) for 5 years.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2020: MCSA, OSCE
  • Dr. FluxxDr. Fluxx Member Posts: 98 ■■□□□□□□□□
    Hey man..have you thought about the eJPT instead?
    I was going to go for the CEH about a year ago for a resume fluffer as i was reviewing the OSCP until i came across shady practices of the vendor, the cost of the cert is almost as much as the CISSP and its a multiple choice test thats relatively simple.

    On top of that, when i was going to take the test, and was approved, they changed the exam and didnt tell anyone so people were failing.
    In fact theres a thread on here that i actually followed that turned me off from it completely.

    The eJPT really spoon feeds and hand holds you to a degree, as noted and many posters here have said the same.
    Its like a pre cursor to the OSCP and the curve is not as brutal as the OSCP.
Sign In or Register to comment.