Good day Gill,
The main reason you did not hear about the CEH cert when someone asked what
certification one should be doing when making a move to the security field
is simply because the CEH is NOT a foundation certification.
If you wish to get into the security field I guess your only choice of
recognized certification is the GSEC from SANS or Security+ from CompTIA
right now. Both are build for network and system administrators who wish to
get into the security field. It has some good foundations that any security
person should know about. That would be your security 101 course.
As far as the CISSP, forget this one if you are simply getting into the
field. You need at least 3 years of PROFESSIONAL security experience and a
degree or 4 years without a degree to even take the exam. This is a cert
that is more management oriented and very high level, it is definitively NOT
technically oriented. You could still take the exam without the required
experience and that would make you a "CISSP Associate" until you do gain the
required experience to become a full blown CISSP.
The SANS track are a lot more technical and usually covering ONE specific
area of expertise such as forensics, firewalls, IDS, Windows Security, and
more. See www.sans.org and take a look at the course content.
The CEH exam requires that you do have some security testing experience, it
would be hard for you to study a book and attempt the certification as some
of the questions are scenario based and do require some deeper knowledge of
what you are doing. Overall it is what I would call Security Testing 101
course with a focus on breaking into stuff instead of protecting against
such attack.
Hope this help
Clement
Maintainer of:
http://www.professionalsecuritytesters.org
http://www.cccure.org
-----Original Message-----
From: Sarbjit Singh Gill [mailto:ssgill@gilltechnologies.com]
Sent: Wednesday, August 18, 2004 12:30 PM
To:
Subject: What do you folks think about EC-Council
I recently had the opportunity to sit into a presentation from the
Technical
Director of EC-Council. I somehow did not hear EC-Council being mentioned
in security-focus forums when there is a question about what certification
should one be doing when making a move into the security field.
So what is the response about EC-Council. Is the CEH (Certified Ethical
Hacker) a good place to start compared to SANS, Security+ or even CISSP.
Thanks
Gill
--------------------------------------------------------------------------
-
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills
of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-
basics_040817
--------------------------------------------------------------------------
--
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817
----------------------------------------------------------------------------
