Certified Ethical Hacker (CEH) Certification GuideBy Sean Wilkins
The term hacker has traditionally had a bad reputation with many people as it brings up feelings of being exploited or having ones privacy breached. As with anything in life, there is always going to be the bad with the good and in the world of network security there are always going to be individuals, organizations and countries looking to gain access to the secret information of their opponents.
The purpose of the Certified Ethical Hacker certification is to validate the credentials, background and intentions of a network security professional. These professionals have the knowledge and ability to breach the security of a target for malicious purposes but instead of using these abilities maliciously they use them to increase the security of a network. This article provides an overview of the Certified Ethical Hacker (C|EH) certification, how it is structured and the steps that need to be followed to obtain it.
C|EH Certification Review
As stated in the overview, the purpose of the C|EH certification is to provide candidates a way of validating their abilities as well as their intentions. By obtaining the C|EH certification, a network professional can show prospective employers or clients that their intention is to use their abilities to increase the security of a system and/or network and not to decrease it. By having a formalized certification that can be offered to companies, the C|EH also establishes that hacker is not a term that is only associated with negative actions.
To obtain the C|EH certification, a candidate must pass the current version of the C|EH exam, as of this writing the current version is v8. The C|EHv8 exams consists of a proctored computer exam which contains 125 multiple choice questions which the candidate has 4 hours to complete and must obtain a score above 62% to pass. However, not just anyone can just go out and study and take the C|EH exam; before a candidate is allowed to schedule the exam they must be deemed eligible.
There are two ways to become eligible to take the C|EH exam:
- Attend an official C|EH instructor led course, computer based training (CBT), online live training or academic learning
- Submit an eligibility form and be manually approved to take the exam, to be approved a candidate must:
- Have at least two years of information security related experience.
- Remit a $100 non-refundable eligibility application fee
- Submit a completed exam eligibility form.
C|EH Exam Layout
The C|EH exam is structured into seven different sections; I have listed them in order of weight (shown in %):
- NIDS, HIDS, ACL, DNS
- Programming and scripting languages
- Cryptography techniques
- Port scanning
- Network topologies
- Routers, modems, switches
- Operating environments and antivirus systems and programs
- Log analysis tools
- Security models
- Exploitation tools
2. Security (25%)
- Network and physical security
- Threat modeling
- Systems security controls
- Application/file server
- Verification procedures
- Social engineering
3. Procedures/Methodology (20%)
- PKI, SA
- Security architecture and testing methodology
- N-tier application design
4. Analysis/Assessment (13%)
- Data analysis
- Systems analysis
- Risk assessments
- Technical assessment methods
5. Background (4%)
- Networking, web, systems, mobile, telecommunication technologies
- Malware operations
- Communication protocols
- Backups and archiving
6. Regulation/Policy (4%)
- Security policies and compliance (i.e. PCI)
7. Ethics (2%)
- Professional code of ethics and hacking appropriateness
Although ethics only represents 2% of the exam, the CEH code of ethics are extremely important and any violations are taken very seriously. Penalties for violating the code of ethics include decertification, suspension of certification and even the publication of infractions and litigation.
Whether the term hacker will ever be used by the larger population with both a positive and negative meaning will be seen over time. The C|EH certification provides a process of allowing these network security individuals to validate their abilities and their intention to use them for the good of a company or client.
About the Author
Sean Wilkins is an accomplished networking consultant for SR-W Consulting (http://www.sr-wconsulting.com) and writer/editor for infoDispersion (http://www.idisperse.info). Sean has been in the IT field for over 15 years, working with companies like Cisco, Lucent, Verizon and AT&T as well as several other private companies. Sean holds certifications with Cisco (CCNP/CCDP), Microsoft (MCSE) and CompTIA (A+ and Network+). His educational accomplishments include: a Master’s of Science in Information Technology with a focus in Network Architecture and Design, a Master’s of Science in Organizational Management, a Master’s Certificate in Network Security, a Bachelors of Science in Computer Networking, and an Associates of Applied Science in Computer Information Systems.
Author's Website: http://www.sr-wconsulting.com