Review: Certified Ethical Hacker (312-50)

After 5 weeks of studying, I finally completed my CEH exam yesterday. I passed with a 90%. I am not permitted to go into too much detail about exact questions, but I can offer my thoughts. I have broken down my review into 3 categories meant to help security professionals decide on the certifications to take. The total score, or the individual scores can be used as a guide for selecting the correct certification for your career path.

Rating:

  1. Technicality (4/5) – The course requires a bit of knowledge regarding the underlying functions of networks, etc. Being able to read code, understand hex dumps/packet captures, and such is a definite must for truly understanding the content. The exam and course is aimed at professionals fairly new to security. Considering that, the amount of technical knowledge gleaned was quite good. I wouldn’t necessarily say fire hose in intensity, (although for some it could easily be that way), but more like a garden-hose-on-full-blast. Most of this is relating to the amount of tools you learn. However, much of the technical knowledge was still quite theoretical, since it was in general more focused on identifying/recognizing attacks or tools, rather than hands-on usage of the such. I give it a 4 our of 5 in technicality in context of its intended audience, yet its lack in more hands-on usage of the tools.
  2. Managerial (2/5) – The CEH is definitely directed to those looking to do the more technical aspect of Penetration Testing and security. However, it still does teach some managerial skills. Mostly they are just short rants about NDAs, Get-out-of-jail-free cards, and staying within scope. There is some policy creation that is emphasized when talking about social-engineering, but only because they test it from that aspect. I give it a 2 because there is some important information gleaned, although they never truly test or prepare on the actual Management topic; it simply occurs as a byproduct of everything else.
  3. Prestige (3/5) – This is the controversy! It comes down to this: DoD 8570 vs TestKing. Yes, the Department of Defense directorate 8570 includes the CEH as one of its recognized certifications. This makes it quite valuable! I dont think I need to say much about it. Its nice because the exam is so cheap, while most of the other 8570 certifications (save the CompTIA ones) are quite costly. Therefore, the CEH is nice because it enables unfunded individuals the opportunity to get a well recognized certification. Just for that I would give it a 5… except for one thing…Test Prep Questions. I used some test prep questions for my final preparation of the test. If I had just taken 5 weeks to memorize all of the answers in those prep questions, i probably would have gotten the same score. Thats right, probably 70-80% of the actual test questions were verbatim to those within test prep questions. What does this mean? well it means that if you are legitimately prepared for the test, this will give you the leg up to guarantee you pass! If you prepared well you will blast through the questions pretty easily. However, this also means that any schmo off the street can memorize the answers and pass the test with flying colors. Unfortunately the only real defense EC-Council has against this is it’s approval process for those wanting to take the test (self-testers need a waiver to take the test w/o attending a course). Some people dont think this is such a big deal. I consider it a big deal since one day I might find an employer who discounts my CEH as being worthless due to a bad experience with some idiot who passed the CEH without learning a thing. For this reason alone I would have given a rating of 1, or 2, except for whole DoD 8570 thing.

total: (9/15)

The Exam:

The examination was pretty good. It is 150 questions, and you are given 4 hours. I completed mine in in 2 hours. The reason it took so long was the length of some of the questions. A majority of the questions are paragraphs long in description, and many have diagrams/dumps to look at.There were some easy questions, and some hard ones; just like every other certification. However, I was surprised that I was not asked questions on certain things. For instance, nmap, virus/backdoors, and ICMP codes/types were strongly emphasized within my prep-material, however I did not have a single question relating to either of them. The reason for this is most likely the dynamic nature of how they generate your exam question set, as well as the huge scope of the course. The course covers so much information that it would require a much lengthier exam to cover it all. There were also a  few control questions. Control questions are very difficult questions, sometimes beyond the scope of the exam, that are scattered throughout the exam. Some say that they are ungraded and used for statistical analysis; I believe they are there to slow you down 😉 The test seemed to do well at addressing the different questions from the angle of the hacker, as well as the administrator/investigator. This makes it a little tricky, but forces you to have a good understanding of the content.

I have broken down my review into 3 categories meant to help security professionals decide on the certifications to take. The total score, or the individual scores can be used as a guide for selecting the correct certification for your career path.

Comparison:

In comparison to the Security+, I would have to say that I enjoyed the CEH more. I tend to be a more technically oriented, and really enjoyed learning the PenTesting methodology and tools. However, the Security+ offered a great deal of managerial and policy information. I would definitely  say that the Security+ was easier than the CEH , simply because there was relatively less technical know-how required for it. The Security+ did serve as a great foundation for the CEH and made passing the CEH much much easier. I would recommend you attain both. Some topics covered in depth in the Security+ and not in the CEH include: Encryption, Access Control models, and policy creation. Another cert on this same level is the mile2 CPTEngineer. The course is advertised as being comparable to the CEH, but more hands-on. I have not taken that course, so I cant say much on it. If anyone has some input, I would be happy to include it.

Conclusion:

Im glad I got the CEH. However, immediately  after completing the test I felt the need to attain the next level of knowledge. I feel a whole lot more knowledgeable because of the CEH, but I still feel miles away from the end goal. A good certification as a starter.

Advertisements

One Response to “Review: Certified Ethical Hacker (312-50)”

  1. Congrats! That is pretty lame that the majority of the test is divulged to the public. How much does it cost?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: