Seeking suggestion

Hi to all,
I am having 6+ years of experience on UNIX system security and now I am preparing for CISSP certification. As the preparation for CISSP is taking more time and mostly on theory basis, I would like to do any other certificate on information security which will give more technical knowledge and helpful for my future with CISSP. While surfing the internet I gathered some information about OSCP and CEH.

Please guide me which certification would be more helpful for my carrier.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Master Of Puppets

I doubt the CEH or the OSCP will help you much towards the CISSP. You don't need CEH. Check out some GIAC certs or go with OSCP.

aftereffector

CASP is an introduction to the topics, much like Security+ is an introduction to CASP (in a manner of speaking). I don't think the CASP would really give you much return for the investment, though. I would recommend checking out the SSCP to get an introduction to the security domains and (ISC)2, or the GIAC certs if you can afford them.

LionelTeo

CEH -> GCIH
SEC+ -> GSEC

CEH makes up for the foundation for GCIH while GCIH makes up a good foundation for technical aspect of a general IT Security Knowledge. Sec+ makes up for the foundation for GSEC while GSEC makes up a good foundation for compliance aspect of a general IT Security Knowledge. Obtaining both will make your study for CISSP easier.

Master Of Puppets

IMHO, the CEH is a joke. Also, I don't think we should be focusing on foundation when he has 6 years of security experience.

JDMurray

The CEH subject matter is very good, although the exam itself may be insufficiently challenging. Choosing not to take the exam is not a reason to not study the material.

LionelTeo

Master Of Puppets wrote: »

IMHO, the CEH is a joke. Also, I don't think we should be focusing on foundation when he has 6 years of security experience.

I agree with this, it's still good to arm with a good deal of general technical knowledge otherwise you will lose respect,I had seen CISSP with 5 to 10 years plus experience not knowing simple stuff like directory traversal, MITM SSL or $IUSR.