US DoD Embraces Hacker Certification to Protect US Interests

JDMurrayJDMurray Admin Posts: 12,991 Admin


  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    JDMurray wrote: »

    Yeah I saw that earlier today JD. Should be interesting to see how that affects its popularity.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    JDMurray wrote: »

    Saw this on ethical hacker. That is pretty cool...
  • down77down77 Member Posts: 1,009
    I have a feeling that in the next few months you will see requests for CEH start to spike on sites like dice and career builder.
    CCIE Sec: Starting Nov 11
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    Well this bit of news has this cert in my radar now. icon_razz.gif
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    It looks like CEH along with (ISC)2's CAP has just been added to the 8570.01 cert list:

    It also looks like MCSA:Security cert has been taken off the list. I wonder if Microsoft had problems during the ISO 17024 certification process.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Odd that they don't have the GPEN with all the other GIAC certs. That is a much better pen testing/ethical hacking cert than the CEH.
  • Mrock4Mrock4 Banned Posts: 2,359 ■■■■■■■■□□
    Very cool. Might be worth a second look sometime in the near future.
  • rage_hograge_hog Banned Posts: 42 ■■□□□□□□□□
    After being laid off for 7 months, all the sudden I am in demand again. My future is looking a whole lot brighter. Thanks for the tip JD.
  • carboncopycarboncopy Member Posts: 259
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    Now the Change 2 revision that added CEH has disappeared from the 8570.01-M document. If this is a precursor to releasing a new rev of 8570.01 then I've some 'splain'in to do in my blog article.
  • novovictusnovovictus Member Posts: 192
    Does anyone know why DoD 8570 Rev2 that is supposed to have the CEH listed for CNDs is no longer posted on IASE? It appears as if the "Exam 70-699: Windows Server 2003, MCSA Security Specialization Skills Update" is also missing....
    Working on: Doctor of Information Technology Information Assurance and Security @ Capella
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    I'm checking into why the latest update to 8570.01-M that added the CEH seems to have been rolled back. I do have an answer from the DIAP Cybersecurity/IA Workforce Improvement Program as to why the MCSA has gone missing from 8570.01:
    The MCSA was never an approved baseline certification in the DoD 8570.01-M.
    It was considered when we drafted Change 1 but was not approved by the DoD IA
    WIP Certification Committee. The Committee represents each of the Services,
    NSA, and DISA as well as other key organizations within the DoD. The
    Committee voted not to include the MCSE in the Manual because it did not
    support the "DoD baseline" security requirement since it is focused on a
    specific system. The Manual does include a requirement to obtain a "Computing
    Environment" certification. See Table C3.T1. "IA Technical Workforce

    So while MCSA has not been included in the Manual as a baseline certification,
    if a DoD Organization is using the Microsoft Operating System, then those
    Information Assurance Technicians should also get the MCSA in addition to the
    appropriate baseline certification. The idea is to have the basic
    understanding of IA from the baseline certification from the Certification
    Table at AP3.T1. along with the operating system certification to know how to
    apply those security principles to their particular system.
  • novovictusnovovictus Member Posts: 192
    Here is the response received from Steven Graham at Ec-Council:

    "There was a temporary "re-staffing" of the directive. They republished Change 1 in the mean time. Change 2 with the updated chart will refer to all CND positions as CND-SP, it was simply a classification change that was required by the Pentagon press Office. Change 2 is still in effect, and published on CAC access sites all over."
    Working on: Doctor of Information Technology Information Assurance and Security @ Capella
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    It sure would be nice to have a link to the offical distribution point of 8570.01-M Change 2. It should be here, but it's not.
  • novovictusnovovictus Member Posts: 192
    As long as you possess a DoD issued 'Common Access Card' you do have access to official IA distribution points.
    Working on: Doctor of Information Technology Information Assurance and Security @ Capella
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    OK, I just got the "official word" from DIAP:
    We had Change 2 ready to go and in fact was posted for a few days but then it was pulled back for "administrative" reasons. Those administrative issues have been resolved and it is now in final review by the "admin experts" for DoD. We hope to have it signed by the end of April. CEH is still in the approved certification list for the CND-SPs.
    So CEH is still on list.

    And seeing as how the previously released 8570.01-M Change 2 document has been pulled, if it is still in distribution anywhere then the manager of the responsible content management system should be notified.
  • rage_hograge_hog Banned Posts: 42 ■■□□□□□□□□
    After a solid review, it should be noted that the CEH is only for the IA track. 8570.01-M only refers to the 2210 series as "Information Assurance" Positions. However, while a part of 2210, IA has a separate track from the rest of 2210. The chart visually defines this.
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    The 8570.01 chart has been updated with the CEH and the Change 2 document is available here.
  • wastedtimewastedtime Member Posts: 586 ■■■■□□□□□□
    I still find it odd that the only copy of version 2 is on the army atc website and not posted on a dtic or disa website.
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    From what I understand, the Change 2 document was withdrawn within a few days of it being released for additions/corrects and re-approvals. The document management systems of all the different DoD departments are not unified under a single change control system, so the original Change 2 document was removed from some, but still remains in others. It's either failure to receive notification of the document's obsolescence, or sloppy content management that has failed to remove it.
  • wastedtimewastedtime Member Posts: 586 ■■■■□□□□□□
    Looks like it might be official now. You can get it from Also they added a table in there called "Summary of IA Workforce Requirements" which gives more information about the requirements for people holding those positions.
  • JDMurrayJDMurray Admin Posts: 12,991 Admin
    Yes, good find. It's not final yet, but the April 20, 2010 date means it's the latest. And the workforce requirements are very interesting. Requirements for both formal training and a deadline for getting the required cert after getting the IA position. I assume the liberal use of "normally" and "usually" means that the given experience levels are suggested guidelines and not hard requirements.
  • wastedtimewastedtime Member Posts: 586 ■■■■□□□□□□
    JDMurray wrote: »
    I assume the liberal use of "normally" and "usually" means that the given experience levels are suggested guidelines and not hard requirements.

    At least on the military side of the house those positions could be filled by people straight out of Initial Entry Training (IET) or by people who have recently received their job specialty (MOS or what ever a particular branch calls it).
  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    I like how GSE is just lumped in with all of the other IAT Level III certs. :D
Sign In or Register to comment.