Certified Ethical Hacker

Webmaster

The EC-Council has announced a new security related cert:

Certified Ethical Hacker (CEH) exam code #310-50

www.eccouncil.org/CEH.htm

Cross

Now this is a Certification true engineers must take and pass

dmayberry

Webmaster wrote:

The EC-Council has announced a new security related cert:

Certified Ethical Hacker (CEH) exam code #310-50

www.eccouncil.org/CEH.htm

I've been looking into the CEH and the OPST/OPSA certifications. The OPST and OPSA certifications are done by the Institute for Security and Open Methodologies (ISECOM - http://www.isecom.org ). According to what I've seen people say about the CEH, it seems to be based on the Open Source Security Testing Methodology Manual (OSSTMM - http://www.osstmm.org ).

ISECOM is the group that makes the OSSTMM. The OPST and OPSA courses claim to be designed specifically for getting the most out of using the OSSTMM as a tester or analyst.

I found out about the ISECOM classes originally from seeing it offered at Black Hat - http://www.blackhat.com/html/bh-federal-03/train-bh-fed-03-dyad.html

More on the OPST here http://www.isecom.org/projects/opst.htm

I'm curious to see if anyone out there can tell me what the differences between the CEH and the OPST/OPSA are.

Thanks,

Dave

longshot

Is there any more info out on this cert? Wonder if there are any books designed for this particular certification yet.

Ghent

Definately a cert that I'll have to get. Even if it's only for the title.

Webmaster

longshot wrote:

Is there any more info out on this cert? Wonder if there are any books designed for this particular certification yet.

I don't expect any more info to come out one this cert besides the info that is provided at www.eccouncil.org/CEH.htm not even one book...

The course seems to be mandatory... and probably won't be as widely offered as CompTIA, Cisco or MS exam for example, nevertheless... I'm willing to travel

Ghent wrote:

Definitely a cert that I'll have to get. Even if it's only for the title.

Same here, although not for the title... the salary sounds quite attractive and I'm looking for a job that I can do once in a while when I need some cash. I think I'm going to finish CCNP, Security+ and perhaps Linux+ first. Although I have 9 years experience and a couple of other certs to back it up, 'just' the CEH cert won't get you the job as they describe... should be easier once you get the CISSP and perhaps even more.

Skills Measured

The Exam 310-50 tests CEH candidates on the following 21 domains.

1. Ethics and Legal Issues
2. Footprinting
3. Scanning
4. Enumeration
5. System Hacking
6. Trojans and Backdoors
7. Sniffers
8. Denial of Service
9. Social Engineering
10. Session Hijacking
11. Hacking Web Servers
12. Web Application Vulnerabilities
13. Web Based Password Cracking Techniques
14. SQL Injection
15. Hacking Wireless Networks
16. Virus and Worms
17. Hacking Novell
18. Hacking Linux
19. IDS, Firewalls and Honeypots
20. Buffer Overflows
21. Cryptography

I guess hacking Windows is simply to easy to include in this course

Lexxdymondz

@ Webmaster

TADA!!!!

Study Guide

990pgs Damn big read, but I bet its worth it.

Something I'm Definately going to check out.

Wonder if it comes with toys to play with???

JDMurray

The ISS has an Ethical Hacking course, but it's only offered in the Pacific Rim: (http://www.iss.net/education/pacasia/course_descriptions/vendor_neutral_courses/ethical_hacking.php).

I did find a copy of the student's guide for this course in PDF format floating around the file sharing networks.

Anyone here have an ISS cert? http://www.iss.net/education/certification/