CEH query

Discussion in 'Training & Development' started by Luke Garbett, Jul 6, 2007.

  1. Luke Garbett

    Luke Garbett Bit Poster

    17
    0
    11
    Me again.

    I questioned the MCDBA course recently, and i am still 100% set on taking it. However i am also interested in the CEH course as i think it would be very beneficial to have the two together. This way i could not only design and implrement a database, but would also be bale to ensure its sercurity and also help mintain network security at the same time. Plus it never hurts to have another certification to your name now does it?

    Only problem is, i was looking on the EC Council website (eccouncil.org) whom i believe run the course, and it states
     
    Certifications: BTEC Nat. Dip. in ICT Systems Support
  2. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    I read that 'restriction' a different way.
    I'm sure they will not "ban" you from class or from the exam, but passing it without experience will turn out to be a tough job.
    What's the use of throwing away money for an exam you will fail for sure?
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP
  3. Luke Garbett

    Luke Garbett Bit Poster

    17
    0
    11
    but surely then I would still be eligable without experience, but not recommebded, wheras the info they print says not eligable?
     
    Certifications: BTEC Nat. Dip. in ICT Systems Support
  4. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Luke

    Think of it this way - how would they check to see whether you were truly eligible? This would involve a lot of work on their part (checking references, contacting employers etc etc) so I think it's safe to assume that you couldblag it if you wanted to.

    However, without some decent experience - not only as a network admin but specifically as a security admin, you would not pass the exam. I'm planning on taking it in August - and I already have two years' security admin experience and - whilst I am confident of passing - I know it will still be a hard exam to take.

    IMHO (and I'm sure someone like Tinus or MattWest will shoot me down if I'm wrong - as they've already taken it) the CEH is one of those certs that is probably practically impossible to pass without extensive experience putting the concepts tested against into practice.

    Here's a quick quiz for you:

    1 - Can you explain what Cross-Site Scripting is - and the difference between persistent and reflected versions?

    2 - Checking through logs from the login form of a public-facing web application you notice the following entry coming up time and time again:
    Code:
    user:' or 1=1--
    What does this suggest to you?

    3 - Describe the difference between a FIN and NULL port scan

    4 - What would be considered 'passive' attacks and what would be considered 'active' from the following list:

    Port Scan
    Dumpster Diving
    Google Searches
    Social Engineering via Telephone
    ChatRoom Monitoring
    Newsgroup Trawling

    5 - Choose the answer that best describes the following:
    A malicious program installed by an end-user disguised as a useful program


    Worm
    Virus
    Trojan Horse
    Malware

    6 - Why might you run 'netstat -n -o' from a command prompt on a machine you suspect has been compromised?


    To check that the IP address and subnet mask of the network card has not been changed
    To enumerate TCP sessions associated with the machine and identify these sessions by associating a RID with them
    To enumerate TCP sessions associated with the machine and identify these sessions by associating a PID with them
    You cannot use two parameters in the same netstat session - you need to run both commands separately

    7 - Statement A - It is not possible to sniff traffic using a packet analyzer in a switched network.
    Statement B - It is possible to sniff traffic from a hub.


    Which of those statements is true?

    A
    B
    Both
    Neither

    I reckon if you can answer those questions already, without studying, then you are a decent candidate for the CEH. If some of them make no sense at all to you, then you would probably be throwing your money away by trying to study for this and the MCDBA at the same time. I like your angle though - there is a MASSIVE amount of career progression to be made in WAPT (Web-Application Pen Testing) and concentrating on Database Security is definitely an interestinmg concept. I just think it's one of those things you should decide on after a good three or four years in the industry as a whole, rather than trying to pigeonhole yourself so early on.
     
    Certifications: A few
    WIP: None - f*** 'em
  5. Luke Garbett

    Luke Garbett Bit Poster

    17
    0
    11
    yeh suppose you got a point.

    Think i'll probaly just settle for the MCDBA (which will be very hard work to study for and pass as far as i believe in itself), and then like you say, maybe in a few years i could concentrate on the CEH and security angles within the DB's.

    thanks guys for your help/advice
     
    Certifications: BTEC Nat. Dip. in ICT Systems Support
  6. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    I won't shoot you. You are right. As my trainer said: "We'll go a mile wide and an inch deep."
    We got to see some 60 different tools and in the exam you could expect some tool-output and the question "What is going on here." If you just saw the tool for the first time in class you will not know and reckognize the outputs. There is your two year experience.
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP
  7. Luke Garbett

    Luke Garbett Bit Poster

    17
    0
    11
    What about the comptia Security+, is that any better for a begginer in the security industry?
     
    Certifications: BTEC Nat. Dip. in ICT Systems Support
  8. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    Excellent choice!
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP
  9. Luke Garbett

    Luke Garbett Bit Poster

    17
    0
    11
    I think ill look more into that one then, good job i asked you guys for advice first otherwise would of wasted a fair bit of money on the CEH course.

    Cheers guys. been a huge help
     
    Certifications: BTEC Nat. Dip. in ICT Systems Support
  10. Theprof

    Theprof Petabyte Poster

    4,607
    83
    211
    Security+ is something I want to take also, but not at the moment as I want to have some experience before I pursue the cert.
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.