The other day, I stumbled across an interesting blog post with the subject Certified Ethical Hacker (CEH) vs. Offensive Security Certified Professional (OSCP) . . . and How to Start Your Ethical Hacker Career”. I did not only read this article but I devoured it and kept nodding my head, in agreement, as I read through it. I am at a stage of my ethical hacking career that I am seriously considering the notoriously difficult OSCP certification.
Let me explain why I would introduce a blog post on Certified Ethical Hacker review by mentioning another post comparing CEH to OSCP. After reading the post, I immediately shared it with my colleagues. One of them will be undertaking the CEH course and exam shortly. He asked me to advise him on how to approach this undertaking. His request is in a way, what prompted me to write this post.
Before I can share my opinion on the course and how I think one should go about preparing for the exam, allow me please, to share a few words about myself; I think that will give context to my opinion and review of CEH course.
I am an Information Security Analyst with several years of experience as part of the defensive team (aka Blue Team) and almost two years as part of the offensive team (aka Red Team). My daily responsibilities include a blend of “blue team activities” and “red team activities”. I have a post-graduate degree in Chemistry. My undergraduate majors were Physics and Chemistry. I am not a Computer Science graduate.
With that background in mind, let me share my personal experience on the Certified Ethical Hacker course. In response to my colleague’s enquiry, I mentioned this about CEH: if there was one book that could teach you everything there was to know about ethical hacking, and that book had 100 pages, passing the CEH exam would equate to completing the first five pages of this book. What do I mean? Well, if it is not clear enough after reading the previous sentence, passing the CEH exam is just the beginning of one’s ethical hacking learning process. (Please put this into the context of my educational background – see the opening paragraphs above.)
I am not going to go into the details and facts that are already available elsewhere on the Internet. (If you are reading a piece on CEH, you likely know how to perform an online search.) This is the format of the CEH exam: it is a multiple choice questions exam, consists of 125 questions, and lasts 4 hours or less. You can read about the other details here.
One question that is always top of the mind of those considering a cyber security certification is: Who is the course for? I think that this course is a very good starting point for anyone with aspirations of becoming a penetration tester. The EC-Council has this to say about CEH: “A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s).”
Having said that, someone who has solid experience as a penetration tester, but without any formal training, may consider this certification. I am told that human resource departments of many organizations consider Certified Ethical Hacker certification to be a minimum requirement when looking to appoint someone for a cyber security role. This certification may be exactly what you need to get the recruiter’s attention.
Let me elaborate, from a beginner’s viewpoint: the 5-day course that I attended covered the basics of ethical hacking. Arriving at the training center on Monday, I was given a box with the following contents: courseware, a lab manual, an exam voucher, and login credentials to the APSEN portal.
Courseware: this is made up of two hard cover copies but you can download soft copies from the ASPEN portal. The total number of chapters covered by these manuals is about nineteen. The manuals cover, among others, the following topics: Introduction to Ethical Hacking, Cryptography, Session Hijacking, SQL Injection, etc. Each of these topics is covered at about “1 inch vs. 1 mile” depth-level. It really is up to the student to research and learn more during and after the 5-day course.
The courseware is loaded with useful URLs and pentesting tools. It is impossible to cover each tool to any level of detail during the five days. The courseware endeavors to only introduce the tools and further learning is recommended. Let’s relate this back to the exam; you will be presented with screenshots of some of the popular tools, e.g. Wireshark, and you will be expected to either identify the tool or interpret the results.
Lab manual: our instructor did not directly refer to this at all during the 5-day course. I am not suggesting that the manual is to be ignored during your preparation for the exam. I think the purpose of this manual is for the student to set-up a lab after the course, or better yet, to subscribe to The Virtual Hacking Labs and start practicing before taking the exam. (I took about 4 – 5 weeks after the conclusion of the Certified Ethical Hacker course to prepare for the exam. I did not specifically spend this time on practical learning in the labs. I spent it studying the courseware. However, you will do well to practice some nmap commands, SQL statements, etc. before you take the exam.)
ASPEN Portal: your entire course resources are available here, e.g. soft copies of the courseware. I recommend that you login to this portal as soon as you can. You are able to download tons of material, including virtual machines that you can use to build your own lab.
The second question that you probably have on your mind is: What did I like and not like about the course? It really is hard to say what I did not like about the course. The reason being that what I “didn’t like” about the course was that it focused mainly on theory, and was limited in practically learning “how to hack.”
I am reluctant to state minimal practical training as a dislike because I don’t think that the creators of this course designed it to be a practical course. IMHO, it definitely was not intended to be like OSCP; you can read my associate’s OSCP review here.
I liked the simplistic approach in which the material was presented. I had the opportunity to attend a course presented by a very experienced pentester with many years of experience. The EC-Council recognizes the best Certified Ethical Hacker course instructors annually and our instructor was awarded this recognition a few years back. I only became aware about this award after the exam. It would be worthwhile to do a bit of research about your prospective instructor. (I am not sure if information about award-winning instructors is available outside of the ASPEN portal.)
CEH Instructor Led Training
Let me share what happened during one of the classes to highlight the importance of attending a course led by an experienced instructor. I attended the course during the week of May 8th, 2017. On Wednesday the 10th, our instructor asked if we’d like to see a demo of the EternalBlue Double pulsar hack. We, of course, said YES! On May 12th, major international news networks covered the news about WannaCry Global Ransomware attack. The WannaCry attack exploits the same vulnerability that was demonstrated in our class a few days before the Global Cyber Attack. It is absolutely imperative to choose your training centre well. An experienced instructor will bring some fresh and latest content to the class and this will inspire you to learn more than what is covered in the class.
The Exam: I recommend that you find yourself a very good study guide and study it very well. I mentioned that this is very much theory-based, and there are certain things that you will have no choice but just memorize – I hated this about the course. (I apologize for not mentioning this earlier under the dislikes!) I got hold of a 761-paged study guide and studied it. I managed to pass the exam on my first attempt. I should mention that my instructor recommended the study guide that I used to prepare for the exam. (I cannot overemphasize the need to find a reputable training center employing experienced instructors.)
Exam voucher: I think that you have an option to purchase this with your training voucher. Please keep in mind that the voucher is valid for 12 months. The exam must be taken at a certified exam center.
Certified Ethical Hacker Career perspective
Career Perspective: Again, you probably have noticed that I like to provide some context when rendering an opinion. I live in South Africa, and it is a developing country. You might have a different experience depending on where you live. So, will this certification increase your prospects of employment in cyber security? I believe so. Several recruiters have approached me ever since my LinkedIn Profile reflects completion of the CEH.
In conclusion: You need to recognize and acknowledge the CEH course for what it really is: a basic training in ethical hacking. If you are serious about a career in penetration testing, then you must consider at least one of the following after you get certified: Offensive Security Certified Professional (OSCP), EC-Council Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT), etc.
I am asking again because i have found out that during vulnerability scan that one needs to have some knowledge in software programming to be able to master the tricks of Hacking. am i wrong or right……….? At least you need to get to the level of scrip writing to me able to understand fully some of the script stuffs during vulnerability scan…….?
Good question, Tommy. I will attempt to answer your question based on what I understand it to be. No, you don’t need basic scripting skills to pass CEH exam. However, depending on what your next certification endeavor is going to be, basic scripting skills will definitely come in handy. Hope that answers your question?
Hello. You mentioned that your instructor recommended a study guide to assist you in preparing for your CEH exam. Can you share with me the name of this study guide so that I can download and review it?
Of course! Details below:
CEH v9: Certified Ethical Hacker Version 9 Study Guide
By Sean-Philip Oriyano
All the best on your exam if you are planning to take it! :)
i ve done the course long time as wondering how to rewrite the exam and the new tools
The Study Guide mentioned above will get you there… Consider searching for free online videos explaining some of the domains you struggle with. Video series by Keith Barker is pretty good: cbtnuggets.com
*I am new to all of these, are you sure I can start from the stretch to later attain my CEH?
*How long on the maximum am I expecting to complete this course, how much am I expected to spend on the training on the average?
*What are some of the things I should be looking out for as a newbie?
*I am presently working in the health sector, but, I would like to venture into a new field of professionalism where I can have more time with my family, and if possible earn more money alongside and later in the nearest future become my own boss in this same field of IT.
*Can you recommend any genuine institution I can get my CEH?
Your candid advice will be greatly appreciated.
* Yes, if you are willing to put in the time and effort, you can start from scratch and all the way to CEH.
* There’s no one-size-fits-all, I’m afraid. This will entirely depend on your background, time you can put in to go through the material, etc. Do you have a family? How much “free time” have you got? All these and other factors will determine this.
I attended a five-day classroom course. I wrote the exam a few weeks later.
* Learn… Learn… Learn! Be prepared to put in the time to learn and develop interest in hacking. Watch videos online, buy books (many are available as part of bundles), follow people (Twitter) that share freely available resources, etc.
* OK, that’s a tricky one. In the beginning, you will have to discuss with your family what your plans are, let them know that you are gonna have to invest time in a new field. In my limited experience, you are not gonna have more time, at least not in the beginning … at least not in the beginning. This field requires a lot of upfront time investment.
* I live in South Africa. The institution that offered the course I attended isn’t international. I can’t comment on this…
My advice: search for “master” instructors on EC-Council website. I can’t remember what they are called… I think it’s “master”? I think that they are announced each year. If you attend one of their classes, you are almost guaranteed a good learning experience.
One final comment: you will have to put in the time… willingness to learn … If I ever become in a position to hire someone, I’d probably spend 4mins asking about their cert.
The rest of the time, I’d ask about what they do during their free time, do they have a home lab, which YouTube channels do they subscribe to, what podcasts do they listen to, who do they follow on Twitter, why do they follow those individuals.
I guess I’m going off topic here? Point is, I think that security is a field that requires PASSION!
I hope that I answered at least one of your questions? In my humble opinion, this field is challenging and can be frustrating IF one is in it for the “wrong” reasons. :)