what is this certification?? to what jobs does it correlate?

Just curious about this certifcation and it benefits. What job title or position are accompanied with it?

Find more posts tagged with

Comments

There are several jobs that could go with it. Actually it's not a skill set that's too over the top for a security savvy network admin. With the consensus of security being everybody's problem these days, anyone responsible for managing a network, writing software, doing penetration tests, writing security policies, and everything in between could benefit greatly. For the most part, companies looking for entry level pen test or security assesment people find it attractive. The thing I've learned about the security industry is that it's very tight nit almost like a fraternity, and most jobs are passed on from person to person through that fraternity like network. 90% of all pen test, forensics and assesment contracts I got last year were from direct referrals. What you'll usually find in the HR world or in the general public job ads are descriptions of what security skills you should have. And if you look closely, you'll find that these skills DO often match up with the C|EH or the SANS equivalent objectives.

The fact of the matter is most companies want you to have these skills for a security position, but they're usually considerably more vendor specific whereas the C|EH is vendor nuetral. Which is why it should be used as a launch pad and exposure engine to more specific technologies and techniques.

Keatron.

kenny504

COOL!!!!!

JDMurray

keatron wrote:

Actually it's not a skill set that's too over the top for a security savvy network admin.

It's also not too over the top for a security-savvy software quality assurance engineer either. Penetration testing not only used to find vulnerabilities in a system's configuration, but it is also used for finding design, implementation, and build defects in software (where most of the computer and network security vulnerabilities are anyway).

keatron

jdmurray wrote:

keatron wrote:

Actually it's not a skill set that's too over the top for a security savvy network admin.

It's also not too over the top for a security-savvy software quality assurance engineer either. Penetration testing not only used to find vulnerabilities in a system's configuration, but it is also used for finding design, implementation, and build defects in software (where most of the computer and network security vulnerabilities are anyway).

Yes. The last three modules of the new Version 5 CEH curriculum is more for software QA people than anyone else. Writing Exploits, Reverse Engineering, and Virus/rootkit writing techniques. It's one thing to go and download exploits for vulnerabilities when the exploits were created by someone else, but to be able to find vulnerabilities in software, then create exploits for those vulnerabilities is something entirely different.