Considering doing a CEH Course

zen master

I'm considering signing up for a one week CEH bootcamp. It's approximately $512 US (partly government funded), is this course worth the time and effort, or should I focus on finishing my MCSA? The material definitely looks interesting, and I'll probably end up signing up because the price is great, and I really want to get into security, but I have zero security qualifications.

RTmarc

It comes down to person choice. If you are more interested in the Microsoft administration route, continue with the MCSA. If you feel like security is the end result, try the CEH course. They are apples and oranges so I really don't think you can place weights on the courses. It boils down to YOU.

From an outsider's perspective, I'd stick with the MCSA course until it is finished; especially if you are on a roll with the exams and materials. That being said, a lot hinges on the following:

How far are you in the MCSA course?

Is this the only time the CEH course will be offered?

Can you secure funds for the CEH course in the future?

If you are just starting out on the MCSA, that's one thing. If you are one or two exams away from finishing, that's another.

zen master

I'm actually two exams away from finishing the MCSA, and I just completed my CCNA which should really help with the 70-291 that I'm scheduled to do next. I think I can handle it on my own, but the CEH i think I have to go through the bootcamp to pass it. Plus, the center i'm doing the MCSA through wants to spend something like 6 months on the two courses, and I really don't feel like taking that much time to do it.

sexion8

benevolent dictator wrote:

I'm actually two exams away from finishing the MCSA, and I just completed my CCNA which should really help with the 70-291 that I'm scheduled to do next. I think I can handle it on my own, but the CEH i think I have to go through the bootcamp to pass it. Plus, the center i'm doing the MCSA through wants to spend something like 6 months on the two courses, and I really don't feel like taking that much time to do it.

Provided you have enough experience with security tools, concepts, you shouldn't have no problem with the CEH or CHFI. I don't know your experience level so I can't make a call. My company sent me to the CEH+CHFI bootcamp in NYC. I was extremely bored because I've already got experience in the industry. First hour of the class I compromised the entire testing center - which can be verified by my proctor Skip Alfonso (CISSP, CEH, CHFI, and too many other certs to list).

Me personally, I don't care for certs I do them since my company wants to prostitute me to clients via penetration testing, etc., if you ask me which certs I WOULD opt for, me specifically, the only one I would be concerned with for my industry would be the CCIE in Security.

zen master

Well, I told them to sign me up, I should be starting next month. I'll complete my MCSA as soon as this is done. Then, I'll look to see if I can get my CISSP.

zen master

I'll be honest, I'm not impressed with this course in the least. I'll wait till it's over before passing my final judgement, but thus far, not very good.

rbutturini

I've not been real impressed with any of the CEH course offerings I've seen. I think you get just as much from the self-study kits.

zen master

Was supposed to do the exam today but the date got pushed back. What's going on with EC-Council?

rbutturini

Weird, you were doing it at what kind of testing center?

The EC-Council portal has been down all day. there's no telling.

darkerosxx

zen master wrote:

Was supposed to do the exam today but the date got pushed back. What's going on with EC-Council?

The hurricane.

My class next week got cancelled because of it.

zen master

Thanks guys, makes sense now.

zen master

By the way does anyone have any idea when we'll be able to do the exams?

zen master

Passed this morning

sexion8

zen master wrote:

Passed this morning

Congrats... Was it all you expected it to be

rbutturini

Nice job, was the bootcamp helpful?

shednik

Congrats on the pass!!

zen master

sexion8 wrote:

zen master wrote:

Passed this morning

Congrats... Was it all you expected it to be

Not really, but I don't know if that was the fault of the lecturer, myself or the course material. I'll try to go over it again, and do more of the hands on stuff. I guess it's what you make of it, so I'll take the blame and see if I can build on what I've learnt. I still want to know how to put files onto a folder on a website that's set to '777'. I thought for sure this course would teach me at least that.

zen master

rbutturini wrote:

Nice job, was the bootcamp helpful?

Definitely helpful in learning the theory required to pass the exam, but the problem with a bootcamp, is that there isn't much time for a lot of practical hands on stuff, so you've got to go out and do that on your own, which is what I plan to do now.

zen master

The thing is, at the end of it all, there's isn't the feeling of accomplishment that comes with completing a CCNA, or an MCSA, because I know it isn't looked upon favourably b y employers. Perhaps that's the main reason I have such a negative view of this certification, it's good, but I just wish it was more accepted. Maybe the name is part of the problem. Employers don't want any kind of hackers around their network, even if they are 'certified and ethical' ... all they see is "hacker".

sexion8

zen master wrote:

Maybe the name is part of the problem. Employers don't want any kind of hackers around their network, even if they are 'certified and ethical' ... all they see is "hacker".

Apparently you should take some marketing "Hackers" is what employers don't want to - but want to see. Akin to someone watching a scary movie, closing their eyes but peeking:

Dice search for "Hackers" (64 total)
http://tinyurl.com/diceHackerJobs

Dice C|EH jobs 32 total
http://tinyurl.com/diceCEHjobs

If you weren't told already, you're also a CNDA (Certified Network Defense Analyst) at least at the time I took the exam. You might want to e-mail EC-Council for clarity on this. When I did the C|EH, the CNDA could be used in lieu of the C|EH title. Contact them to make sure. I have both the C|EH and CNDA glossy certs from EC-Council along with the CHFI. Course outlines are exactly the same or were at the time I took v5 (http://www.eccouncil.org/Course-Outline/CNDA-course-outline.htm)

http://www.eccouncil.org/cnda.htm

Re-read my posts on taking the C|EH, I hope it could shed some lights on different possibilities for you in the industry. Again, depending on the route you want to take, it should have opened up a little sense of curiousity for say penetration testing. As for file permissions of 777 under *nix, its read all, write all modify all so you should be able to fire up netcat on both ends and transfer whatever you want over with nc, ftp (if available), scp, etc.

Even if the perms weren't 777 there is the possibility of making them so provided its your server and you know of a potential exploit to leverage an account with privileges to do so. One thing you may want to do if you decide to pursue the pentester router is, head over to milw0rm, look at vulnerabilities, get the programs for those vulnerabilities, load them up on a VMWare image and play hacker on your network. Its a good method to understanding how things work.

zen master

sexion8 wrote:

zen master wrote:

Maybe the name is part of the problem. Employers don't want any kind of hackers around their network, even if they are 'certified and ethical' ... all they see is "hacker".

Apparently you should take some marketing "Hackers" is what employers don't want to - but want to see. Akin to someone watching a scary movie, closing their eyes but peeking:

Dice search for "Hackers" (64 total)
http://tinyurl.com/diceHackerJobs

Dice C|EH jobs 32 total
http://tinyurl.com/diceCEHjobs

Sorry, I should've specified that this was the case in my particular country.

If you weren't told already, you're also a CNDA (Certified Network Defense Analyst) at least at the time I took the exam. You might want to e-mail EC-Council for clarity on this. When I did the C|EH, the CNDA could be used in lieu of the C|EH title. Contact them to make sure. I have both the C|EH and CNDA glossy certs from EC-Council along with the CHFI. Course outlines are exactly the same or were at the time I took v5 (http://www.eccouncil.org/Course-Outline/CNDA-course-outline.htm)

Really, thanks for the info. I REALLY prefer that title! I fired off the email to them, and I'll post the reply in here when I receive it.

http://www.eccouncil.org/cnda.htm

Re-read my posts on taking the C|EH, I hope it could shed some lights on different possibilities for you in the industry. Again, depending on the route you want to take, it should have opened up a little sense of curiousity for say penetration testing. As for file permissions of 777 under *nix, its read all, write all modify all so you should be able to fire up netcat on both ends and transfer whatever you want over with nc, ftp (if available), scp, etc.

Even if the perms weren't 777 there is the possibility of making them so provided its your server and you know of a potential exploit to leverage an account with privileges to do so. One thing you may want to do if you decide to pursue the pentester router is, head over to milw0rm, look at vulnerabilities, get the programs for those vulnerabilities, load them up on a VMWare image and play hacker on your network. Its a good method to understanding how things work.

Thanks sexion8 I really appreciate the advice. I feel much better about this certification already.

zen master

If you intend to get the CNDA you would have sat for that exam. If you sat for the CEH
and then want a CNDA certification, you will need to send in the request form and pay and
admin/postage fee of USD50.

Thanks again sexion8. I think I'll definitely be doing this.

poguy

zen master wrote: »

I'm considering signing up for a one week CEH bootcamp. It's approximately $512 US (partly government funded), is this course worth the time and effort, or should I focus on finishing my MCSA? The material definitely looks interesting, and I'll probably end up signing up because the price is great, and I really want to get into security, but I have zero security qualifications.

May I know which company you work for? how come so many people has third party funded for their certification, I paid for all my certification

Kasor

The training course and the exam preparation are two different thing. The course is about $2500.., however it is user working experience that actually help to understand the materials. Remember CEH is only the beginning of the computer security career. Good Luck

carboncopy

Brought back from the dead....