+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 30
  1. Member
    Join Date
    Dec 2016
    Posts
    37
    #1

    Default CEH exam cost doubt

    Am I correct in understanding that in order to write ceh exam i need to
    1. Spend $850 USD plus pay fee for course to an approved institute? So total will be more than 2k
    2. Prove that i have more than 2 years experience by paying $100 to EC council and then pay another $500/$600 for wxam to EC / pearson vue
    Can someone please clarify?
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Oct 2011
    Location
    Phoenix
    Posts
    63

    Certifications
    CISSP, VCP-DCV, VCP-Cloud, CCNA Security
    #2
    You are correct, unfortunately. I already paid my $100, not too happy to drop another $650 for the exam in a few weeks.
    Reply With Quote Quote  

  4. Senior Member Moldygr33nb3an's Avatar
    Join Date
    Jul 2016
    Posts
    193

    Certifications
    A+, Network+, Security+, Project+, CSA+, CASP, CEHv9, CCNET, CCNA R&S
    #3
    Quote Originally Posted by Offtopic View Post
    Am I correct in understanding that in order to write ceh exam i need to
    1. Spend $850 USD plus pay fee for course to an approved institute? So total will be more than 2k
    2. Prove that i have more than 2 years experience by paying $100 to EC council and then pay another $500/$600 for wxam to EC / pearson vue
    Can someone please clarify?
    Yes, the CEH is really expensive.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    957

    Certifications
    C****, C***, C**
    #4
    Quote Originally Posted by Offtopic View Post
    Can someone please clarify?
    The options are listed on https://cert.eccouncil.org/applicati...ility.html#ceh
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    May 2016
    Posts
    1,647
    #5
    A lot of security jobs either require or prefer the candidate possess that certification. Second only to the CISSP.

    IMO I would forget Security + and those others and just get the CEH until you had the experience for the CISSP. Just saying...
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Feb 2017
    Posts
    7
    #6
    I passed the CEH v9 today.

    My suggestions.

    Understand the following:

    firewalking
    nmap -A and -O commands
    when to use hping
    when a Microsoft O/S will not respond to ICMP
    LM vs NTLM
    password salting
    Rainbow attacks
    RC4, AES, PKI
    process to encrypt message
    use of hashes for integrity
    written auth for pen testing
    understanding impact of Heartbleed and ShellShock (Bashshells and O/S impacted)
    few questions on IPSec (know what layer of OSI)
    some interesting router protocol questions on OSPF
    of course a subnet mask question
    a IP4 vs IP6 question
    know when to use HIPAA
    some WireShark filter commands (4 or 5 of those)
    know TCP three-way hand shake
    a few IPS vs IDS and stateful firewall questions
    MAC flooding and CAM buffer overflow
    know asymmetric vs symmetric advantages
    Reply With Quote Quote  

  8. Member
    Join Date
    Dec 2016
    Posts
    37
    #7
    I am not sure why CEH is considered one of three Elites. When i searched for jobs requiring cissp, there were 222 job postings. Cisa resulted in 172 jobs.ceh? Only 26.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    May 2013
    Posts
    1,189

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #8
    If you have two years experience, you can pay the $100 fee plus the exam fee and be good to go...you don't have to buy the official courseware if you want to use books like Matt Walker's AIO. If you don't have the two years experience it will be drastically more expensive.
    Reply With Quote Quote  

  10. Junior Member
    Join Date
    Feb 2017
    Posts
    7
    #9
    About the test:

    There will be three or four questions that you have to allow for cultural differences, as if the test was translated from Spanish to English.

    Like: If the car is speeding then the police will be told as soon as the driver understands.

    Also, be prepared for smashed up NMAP results in a horizontal line, like:

    Host is up. Not shown 979 ports. 21/tcp open, 22/tcp open, etc.

    I think Youtube videos are better than the books.
    Reply With Quote Quote  

  11. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    399

    Certifications
    LFCS, GCIH, eJPT, CCNA, CAPM, Sec+, Net+, A+
    #10
    Quote Originally Posted by Offtopic View Post
    I am not sure why CEH is considered one of three Elites. When i searched for jobs requiring cissp, there were 222 job postings. Cisa resulted in 172 jobs.ceh? Only 26.
    CEH is certainly not. It was a joke. There was a job posting where some clueless HR monkey considered the CEH on equal footing with certs requiring much more time and effort to achieve. It was sarcasm.
    Reply With Quote Quote  

  12. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Galloway, NJ
    Posts
    1,326

    Certifications
    A+, Network +, GSEC, GCIH, Lunatic+
    #11
    Quote Originally Posted by ethical-hacker-73 View Post
    I passed the CEH v9 today.

    My suggestions.

    Understand the following:
    Except for the questions about HIPPA and OSCP all of the materiel looks like stuff I learned taking the GSEC. I always thought the CEH was a pentest related certification, it looks more like a basic foundational cyber security cert, like Security+ / GSEC to me.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  13. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,813

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #12
    First rule of Infosec: the terms 'CEH' and 'elite' should never be within 500 yards of each other.
    Reply With Quote Quote  

  14. Senior Member impelse's Avatar
    Join Date
    Dec 2006
    Location
    Houston, TX
    Posts
    1,211

    Certifications
    CISSP, CEHv7, CCNA, Security+ 70-290, 70-291 CCNA:S
    #13
    This would be eternal discussion, really the CEH is general knowledge for penetration testing and allow you pass the HR or recruiter filter. For real pentest is worthless.
    Reply With Quote Quote  

  15. Senior Member coffeeisgood's Avatar
    Join Date
    Apr 2016
    Location
    padded walls surround & protect me
    Posts
    132

    Certifications
    CISSP, CISA, CISM, Sec+
    #14
    Quote Originally Posted by Offtopic View Post
    I am not sure why CEH is considered one of three Elites. When i searched for jobs requiring cissp, there were 222 job postings. Cisa resulted in 172 jobs.ceh? Only 26.
    As I spend more & more time studying for the CEH, I am learning some good tools, tricks & information to reinforce what I already know. I actually really enjoy some of the material. As for it's actual professional value? There is some but overall I feel its a potential future HR check / filter. Some of my clients might be slightly impressed but if that was my only cert? I sure hope not. If my employer was not paying the cost of CEH exam w/ a little bump for me if I pass at the end, not sure I would spend my own coin.

    I paid my own way for my CISSP & CISA... it was those certs that landed my interview for my job (cracked the HR barrier). I knew a little in the industry I was trying to crack into & had some experience, so it was that & my glorious personality landed my job today.

    curious, where did you see CEH was one of the 3 elites? (CISSP, CISA &... ?)
    as for value for jobs, I would lean on these a bit more... CISM, OSCP, PMP
    (yes I know PMP isn't a "tech" cert but combined with other tech certs, it fits the conversation here)

    OSCP might not have more # of job "postings" but I bet there are more actual jobs that would snatch you up faster vs just the CEH
    that said, I'm curious of the number of OSCP's that also have their CEH. I bet it's pretty high.
    The CEH seems like its like dipping your toes in the pool water to see if its too cold or hot. OSCP is jumping in the pool.
    Reply With Quote Quote  

  16. Senior Member IronmanX's Avatar
    Join Date
    Mar 2015
    Location
    Ontario Canada
    Posts
    307

    Certifications
    C|EH
    #15
    Quote Originally Posted by coffeeisgood View Post
    curious, where did you see CEH was one of the 3 elites? (CISSP, CISA &... ?)

    OSCP might not have more # of job "postings" but I bet there are more actual jobs that would snatch you up faster vs just the CEH
    that said, I'm curious of the number of OSCP's that also have their CEH. I bet it's pretty high.
    The CEH seems like its like dipping your toes in the pool water to see if its too cold or hot. OSCP is jumping in the pool.
    If you search top certs CEH is always in there.
    Not saying it should be but it is.

    As far as job posting go I saw this recently:
    Job Board Search Results

    Certification
    SimplyHired
    Indeed
    LinkedIn Jobs
    TechCareers
    Total
    CEH 1,977 2,184 1,427 257 5,845
    CISM
    3,286 3,585 2,337 10,629 19,837
    CISSP
    10,526 11,617 7,632 15,212 44,987
    GSEC
    1,317 1,477 954 128 3,876
    Security+
    3,038 3,396 1,275 1,431 9,140


    I think OSCP fills a niche and its never really going to be a top cert. (Pen test niche)
    Top for that niche sure but for general IT Security probably not.
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Oct 2010
    Location
    NATTED to nowhere!
    Posts
    508

    Certifications
    S+, N+, CEH, CSSLP, CISSP, CGEIT, CCSA, CCNA, CRISC, CASP, RHCSA, RHCE, CBE, GCIH
    #16
    The CEH is a good foundation for InfoSec. There are others which cost more but give you a better ROI.

    Good Luck
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,310

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #17
    Two things made the CEH what it is today. First it was the first cert in the "pen testing" (a generous description of the coursework and exam itself); two, it was almost immediately adopted by the DoD as a second tier requirement. Through in the fact even a government employee can pass it and you've got the current situation.

    Only to make it worse is the acceptance of WGU endorsing it as well. Really its all but frowned upon by many security people.

    - b/eads
    Reply With Quote Quote  

  19. Member
    Join Date
    Jan 2017
    Posts
    96
    #18
    I posted on this briefly elsewhere on here, but i had ultimately decided against the CEH. The name itself being cringeworthy aside, I actually completed the Ver 8 study guide/questions and, in comparison to the OSCP, youll drown quickly if you tried to perform a pentest based on the CEH.


    Practical skills are completely non-existent with this cert.
    Its an HR cert pretty much. But the real question is, why dont i have it.


    Well, Im paying out of pocket, so cost.

    This cert, for what ive studied, and researched, others confirming my thoughts, is not worth what you pay at all.
    So i decided to get the OSCP for, which im preparing for as that will be money well spent and ill have an extremely solid foundation thats not based on general, loose theory.
    Last edited by Dr. Fluxx; 02-24-2017 at 03:39 PM.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Nov 2011
    Posts
    813
    #19
    Quote Originally Posted by Dr. Fluxx View Post
    I posted on this briefly elsewhere on here, but i had ultimately decided against the CEH. The name itself being cringeworthy aside, I actually completed the Ver 8 study guide/questions and, in comparison to the OSCP, youll drown quickly if you tried to perform a pentest based on the CEH.


    Practical skills are completely non-existent with this cert.
    Its an HR cert pretty much. But the real question is, why dont i have it.


    Well, Im paying out of pocket, so cost.

    This cert, for what ive studied, and researched, others confirming my thoughts, is not worth what you pay at all.
    So i decided to get the OSCP for, which im preparing for as that will be money well spent and ill have an extremely solid foundation thats not based on general, loose theory.
    Based on your post: I have now decided against taking this exam. Thanks.
    Reply With Quote Quote  

  21. Woohoo! It's over 1000!
    Join Date
    Aug 2015
    Location
    Australia
    Posts
    1,680

    Certifications
    RHCSA, Linux+, ACSA, ACTC, ACSP, MCSA:7, MCTS, ITIL F, Prince2 Pract, AgilePM Practioner, VCP-DCV, Storage+, CCNA R+S, CCNA Sec, Security+, CEH, CASP
    #20
    I don't know what it costs. I had the exam paid for as part of a Master's course I did (it was a "bonus" if you passed the subject, you got a voucher for this exam). So it was good value for me

    I do still see it listed in the same breath as CISSP and GIAC certs. But it definitely is entry level penetration testing, with some use for incident handling. Sort of what Net+ is to Cisco CCNA/CCNP/CCIE. If you really want to get into pen testing, then as part of your track I'd suggest elearnsecurity's Junior Pen Test cert, and eventually OSCP. Even then, that's just to orient yourself, in much the same way as a CCNA R+S isn't really going to put you in the position of designing complex, multi-campus networks, or the MCSA for engineering an Enterprise Windows environment. It's necessary knowledge, but not sufficient.

    The other certs in pentesting that have some visibility are OSCP and GIAC's GPEN and GCIH. Those are also not cheap, and OSCP has a higher barrier to entry. CREST also has some recognition is some markets (UK and Australia, perhaps others). And most people hiring pen testers put a low priority on certification, relative to say networking. They are much more interested in other proof of competence such as capture the flag, genuine interest in the area, and ability. You are more likely to have an interview that asks about your home lab, what tools you like, what you've done, how you might approach a problem, than about how well you did on the OSCP.

    So, with CEH you get the name, and you get some basics in the field of pentesting. What that is worth to you only you can answer.
    Reply With Quote Quote  

  22. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    184

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #21
    In addition to what OctalDump said about the interviews, You can expect to have questions over several different scenarios and what your methodology for that scenario would be as well as syntax for several different tools. This is one apect where the OSCP shines, If you have done most of the labs and passed the exam you should have your methodology for different scenarios down pact at this point. You will leave the course with an entirely different mindset and thought process when it is all said and done(at least I did).
    Reply With Quote Quote  

  23. Member
    Join Date
    Jul 2015
    Location
    Honolulu, Hawaii
    Posts
    81

    Certifications
    CASP, Cloud+, Mobility+, Security+, Storage+, OCPJP8, OCMJD7, Android Certified Application Developer
    #22
    CEH costs just as much as a wedding dress if you decide to buy the iLearn package! Haha!
    Reply With Quote Quote  

  24. Woohoo! It's over 1000!
    Join Date
    Aug 2015
    Location
    Australia
    Posts
    1,680

    Certifications
    RHCSA, Linux+, ACSA, ACTC, ACSP, MCSA:7, MCTS, ITIL F, Prince2 Pract, AgilePM Practioner, VCP-DCV, Storage+, CCNA R+S, CCNA Sec, Security+, CEH, CASP
    #23
    Quote Originally Posted by bjpeter View Post
    CEH costs just as much as a wedding dress if you decide to buy the iLearn package! Haha!
    "Darling, we can get married, or I can get certified. It's a tough choice, I know, but..."
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    271

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE
    #24
    I think this exam is too expensive... I would have done it but seriously it is more expensive then CISSP. As I am Canadian, I had to factor a 30% more due to exchange rate.. it's almost 1000$ CAN!.

    So my infosec cert track is: SSCP --> CISSP --> OSCP

    I know I can get CEH with a few week of reading, but not at this price. If I got a beta exam promo or a promo in the 300$USD, I would do it
    Reply With Quote Quote  

  26. Member
    Join Date
    Jan 2017
    Posts
    96
    #25
    NP.

    I just felt I get more bang for my buck.

    The CEH around the same price of the CISSP if im not mistaken and thats just insane.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks