I recently took (and passed) one of the most controversial IT certifications last week – the CEH – mostly because it fulfilled the DoDD 870.01 baseline certification for CND, but also because I wanted to see what this exam was all about!
The last time someone posted about the CEH the comment thread was insanely long, so I thought I’d provide my synopsis from a recent and practical standpoint.
The Name
The name is probably the worst part about this exam. This exam (and the coursework) won’t make you ethical and it won’t make you an elite (1337) hacker (h@x0r). Surprisingly the DoD got this right when they called it a “Baseline Certification.”
It teaches you the common basic methodology that crackers use every day, how to counter some of them, and most importantly the laws around hacking/cracking and doing it legally!
The Content
The exam is in revision 6 now, and tests a wide range of techniques from reading and analyzing TCP dumps and Snort logs, understanding the OSI model, how to use many of the common exploit tools, recognizing the exploits and their uses, and so on.
The exam and coursework also teaches the common tools used by crackers and pentesters, how to use them, and why. This is actually a very ambitious certification, in my opinion.
The Exam
Having taken the GSLC and other many other DoD and commercial certs, I can tell you that this exam is no easier than any other. Perhaps this is new to version 6, but this was NOT an exam to take cold with little experience.
The questions were very both realistic and fair. I've read reports of people even taking 4 hours on the exam - I'm not sure how that's possible, but...
The Value
Is this going to make you a hacker? No, and that’s not really a fair question. The CISSP won’t make you a security expert either!
What it does is 2-fold: 1) It teaches the novice the basic concepts and leads them down the right path to further their education, and 2) Makes you a little more marketable.
If you don’t agree with #2 and you’re a hiring manager, I recommend you take this exam to understand what it’s all about. I think you’ll be pleasantly surprised.
My Conclusion
I have to go back to DoD guidance on this one (as scary as that may be): This is a BASELINE certification. It doesn’t mean you REALLY know what you’re doing!
But I will say this, all things being equal, I would take a CISSP with CEH over just a CISSP any day of the week.
It’s easy to negate this certification due to its name (as I did for quite a while), but after taking it myself I have a much higher respect for the CEH – version 6 at least.
Lee Mangold is an Information Security expert and contractor for the US Department of Defense and the US Army. The views expressed here are not necessarily the views of the United States Government in any way.
