Would you put the CEH cert on your resume?
Been reading some related info and how HR could perceive it as a bad thing. If I can't add the cert to my resume without fear of not being considered for a job, there's no use in even attempting the certification. I'm 3/4 of the way done with studying too.
Anyone have thoughts on this?
Anyone have thoughts on this?
Comments
-
Webmaster Admin Posts: 10,292 AdminCEH is my wishlist (SSCP or CISSP first) so yeah, I have some thoughts on this.LostInSpace wrote:Would you put the CEH cert on your resume?
Seriously though, any HR dep who considers the CEH cert as something 'bad' (which is pretty offensive) doesn't even deserve to have you as an employee.Been reading some related info and how HR could perceive it as a bad thing.
Certified is a good word.
Ethical is a great word.
Hacker was good but became bad, but that's why they use 'ethical' as a prefix. Ethical hacking is a term, it is a job, a highly respectable job... I'd prefer it over Penetration Testing...
Because it is not as widely recognized as MS and Cisco certs for example, you might want to add a short description to the resume, and perhaps even a link to the EC-council's Code of Ethics.
If your resume is read by someone who is interested in hiring your skills (cause that's what you need to pass the exam right? skills.) for a security related job, they will surely recognize the CEH title as something 'good'. Again any employer who doesn't, doesn't deserve to have you as an employee and quite frankly I would want to work there in the first place. At least not until a CISSP or a system admin with Sec+ created some awareness.LostInSpace wrote:I'm 3/4 of the way done with studying too. -
/usr Member Posts: 1,768 ■■■□□□□□□□I read it on various message boards, nothing too official, just some opinions.
I have mixed feelings on the material. It is mainly composed of tools which are used to hack. I see the upside of this, learning the tools which people use to gain access to your network, and learning to use those tools to your benefit. I wish that the material was more technical, however. Very rarely is an in depth explanation given as to how a certain exploit or technique works. They basically give you just enough information. The material I'm wishing for is beyond the scope of the book though. The thing is, I'm afraid that the tools I'm learning will be outdated much faster than the techniques. -
garv221 Member Posts: 1,914I am curious to this subject also. I think its a cool cert but really know nothing other than what I have heard. So hows the studying going?
-
/usr Member Posts: 1,768 ■■■□□□□□□□Pretty good...I just ordered the practice test from Boson.
So far I'm very disappointed, as I can't even download the test due to constant time-outs. Every other time I try to login I'm denied as well. -
Webmaster Admin Posts: 10,292 AdminLostInSpace wrote:They basically give you just enough information. The material I'm wishing for is beyond the scope of the book though. The thing is, I'm afraid that the tools I'm learning will be outdated much faster than the techniques.
Based on what I've heard and read so far, I do respect the cert. Having said that, I think it's more like 'certified script kiddie', with the difference that you will know what a 'script' actually does. To hack and crack the latest systems, you will need to be able to code your own tools, and before you can write good tools you'd have to know 'everything' about the system(s) you are attacking and even more importantly: networking (protocols in particular).
Nobody will expect you to make a system entirely secure (which is assumed to be impossible anyway), instead, you'll have to make it so secure that the attacker will move on to an easier target (because he found out that 'the tools' don't work on your systems).I wish that the material was more technical, however. Very rarely is an in depth explanation given as to how a certain exploit or technique works.
Isn't the exam recently updated/new version? -
/usr Member Posts: 1,768 ■■■□□□□□□□The tools come on the cd with the kit.
I realize what you're saying, and I honestly hope no one believes they are close to being a hacker after getting this cert. It's just an introduction really. It actually get's into some detail about what the tools exploit and how they work, but not that much.
This is a good cert to obtain general knowledge. A really good book, which I plan to finish as soon as I'm done with this cert, is Hacking: The Art of Exploitation. It goes into about as much detail as you could want on stack and heap overflows, as well as having a section on networking and cryptography. The entire book is programming. It guides you through the program, letting you try it, so you can actually see the exploit working. It's a great piece of work on the subject matter. -
Webmaster Admin Posts: 10,292 AdminLostInSpace wrote:The tools come on the cd with the kit.A really good book, which I plan to finish as soon as I'm done with this cert, is Hacking: The Art of Exploitation.
-
sysgate Member Posts: 1 ■□□□□□□□□□Most HRs only know CISSP instead of CEH. Remember how to do HEX converstion will help passing the EXAM.