Question about Requirements to take CEH
ActiveMeasurers
Registered Users Posts: 2 ■□□□□□□□□□
in CEH
Hey Fellas,
First time poster, short time reader.
I have been studying for CEH for a few months. I am planning on taking the exam once I study up more on the V9 topics. I have read there are some issues with people signing up for the V8 but getting V9 exams.
I have real world working knowledge equivalent to Comptia A+ and Network+. I am pretty proficient with Kali Linux and Web App Pen Testing.
Anyway, my main question is this. Is there any way around the requirement that I show two years of experience in Information Security? In my current job, I have been handling all of the companies IT needs and that includes security. I have been at this job for a little over a year, but IT is not my main responsibility.
I have recently started my own company doing basic Web App Vulnerability Testing and Web App Penetration testing for businesses that are similar to the one I work at, specifically their E-Commerce websites.
So basically, a little over one year experience at my job, and about two months experience owning my own company in InfoSec.
Thanks a ton ahead of time. I am looking forward to participating more in the community.
First time poster, short time reader.
I have been studying for CEH for a few months. I am planning on taking the exam once I study up more on the V9 topics. I have read there are some issues with people signing up for the V8 but getting V9 exams.
I have real world working knowledge equivalent to Comptia A+ and Network+. I am pretty proficient with Kali Linux and Web App Pen Testing.
Anyway, my main question is this. Is there any way around the requirement that I show two years of experience in Information Security? In my current job, I have been handling all of the companies IT needs and that includes security. I have been at this job for a little over a year, but IT is not my main responsibility.
I have recently started my own company doing basic Web App Vulnerability Testing and Web App Penetration testing for businesses that are similar to the one I work at, specifically their E-Commerce websites.
So basically, a little over one year experience at my job, and about two months experience owning my own company in InfoSec.
Thanks a ton ahead of time. I am looking forward to participating more in the community.
Comments
-
Mike7
Member Posts: 1,076 ■■■■□□□□□□
The process is documented at Application Process Eligibility
Basically, EC-Council will contact your boss/supervisor/department head listed in your eligibility form to validate the 2 years experience. In my case, my manager was contacted via e-mail, and he faxed the signed completed form back to EC-Council.
The alternative around the 2 years requirement is to attend an authorized CEH course; which I assume is not what you want.
Else I suggest you go for OSCP, which is well recognised in the pen testing field. -
ActiveMeasurers
Registered Users Posts: 2 ■□□□□□□□□□
Thanks for the reply.
You are correct in that I do not want to go through the whole in person training thing right now. I was originally gonna go for OSCP but I feel I am not at that level yet, and feel their final exam would give me a mental break down at this point. -
Mike7
Member Posts: 1,076 ■■■■□□□□□□
If you do say a Masters of Info Sec program, they may give you an exam voucher. Believe that's what those doing WGU are getting.
-
TechGuru80
Member Posts: 1,539 ■■■■■■□□□□
You can also do their online training to waive the two years...If I remember correctly it was around $1,000 difference...so like $1700. It's definitely pricey though if you HAVE to do a course.
-
emilyanncr
Banned Posts: 17 ■□□□□□□□□□
ActiveMeasurers wrote: »Hey Fellas,
First time poster, short time reader.
I have been studying for CEH for a few months. I am planning on taking the exam once I study up more on the V9 topics. I have read there are some issues with people signing up for the V8 but getting V9 exams.
I have real world working knowledge equivalent to Comptia A+ and Network+. I am pretty proficient with Kali Linux and Web App Pen Testing.
Anyway, my main question is this. Is there any way around the requirement that I show two years of experience in Information Security? In my current job, I have been handling all of the companies IT needs and that includes security. I have been at this job for a little over a year, but IT is not my main responsibility.
I have recently started my own company doing basic Web App Vulnerability Testing and Web App Penetration testing for businesses that are similar to the one I work at, specifically their E-Commerce websites.
So basically, a little over one year experience at my job, and about two months experience owning my own company in InfoSec.
Thanks a ton ahead of time. I am looking forward to participating more in the community.
Yes! I have one years experience in IT. All you need to do is have your supervisor or boss write a letter outlining what you've with the company. For me, I typed my own letter and passed it on to my supervisor for him to sign. He emailed it back to me and I forwarded that letter, along with my application for the exception to sit for the exam, and a copy of the receipt. EC-Concil will call your boss within 2-3 days to confirm the letter. Once they do, you'll be good to go! Good luck! My test is Saturday! -
emilyanncr
Banned Posts: 17 ■□□□□□□□□□
I guess it might be worthwhile to point out, that I work for the company in a security capacity. I've been a junior pentester for a year now but other than that, everything I know I sat down and taught myself. I have a masters degree in a completely unrelated field.
-
IaHawk
Member Posts: 188 ■■■□□□□□□□
You can always email them and ask and they will give you a horrible answer. Their customer "support" is terrible, I gave up when I was initially looking. I hope I am never required to have this cert.