+ Reply to Thread
Results 1 to 22 of 22
  1. Junior Member Registered Member
    Join Date
    Oct 2017
    Posts
    2
    #1

    Unhappy Denied CEH Eligibility

    Hello All,

    My name is Peace101 and I am new to this forum. A couple of days ago, I submitted my CEH eligibility form so that I could purchase the voucher. Unfortunately, I was denied due to my lack of "experience" in the Information/Cyber Security Industry. My background is as such: a bachelor's in Computer Engineering, a master's in Computer Forensics from George Mason University, and one year working in a federal government SOC. In addition to sending my application and resume, I'd also sent my graduate school official transcript and a penetration test writing sample. In the application, I also stated this with the following information:

    • Masters of Science in Computer Forensics from George Mason University (1.5 years)
    - Performed malware reverse engineering
    - Possess practical penetration testing knowledge
    - Performed both network and traditional forensic analysis
    - Practical knowledge of incident response


    • Basic understanding of TCP/IP protocols and networking


    • Proficient in the use of Kali Linux and its various tools (Nmap, Aircrack, SqlMap, Nessus, Nikto, TCPDump, Wireshark, Metasploit)


    • Proficient in the Python scripting language
    - Created automated scripts for both penetration testing and work-related use


    • Performed vulnerability assessments


    • Worked in a Security Operation Center (SOC) environment [1 year]
    - Performed log analysis
    - Performed Packet Capture Analysis
    - Network Forensics
    - Malware Analysis
    - Email Analysis

    When I received the denial, I called EC-Council headquarters and directed to front desk which yield to no resolution. What other options can I take?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Mar 2014
    Posts
    622

    Certifications
    Alphabet-soup
    #2
    Well, their requirement is 2 years work experience (not school) or to take their course. So your other option would be to wait 1 year or take their course.
    Reply With Quote Quote  

  4. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,821

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #3
    A much as I despise this organization the eligibility criteria is clearly not being met so this is on you. BlackBeret is right, either wait or pay $850 for training.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    May 2013
    Posts
    1,207

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #4
    Well you either probably 1.) didn’t read the requirements close enough, or 2.) thought you could squeeze through.

    2 years of work experience is pretty clearly stated so hopefully you didn’t pay out of pocket. Get the feds to pay for your training or wait till you have 2 years.
    Reply With Quote Quote  

  6. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    165

    Certifications
    CISSP, GPEN, eJPT, CSA+
    #5
    I would just walk away from this cert if I were you. It will get you through the HR person but more Security professionals think this cert is a joke.
    Completed: CISSP, GPEN, eJPT, CSA+, M.S. Information Security
    Current Goal: eCPPT
    Five Year Plan:​ RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ Python for Security Professional (Cybrary)
    Reply With Quote Quote  

  7. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,600
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #6
    CISSP and CEH are very good certs to get you in for a first-round interview, so I woundn't discount CEH if you are looking for InfoSec work. However, for the "net cred," there are a lot better "Hacking+" certs out there.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Oct 2017
    Posts
    2
    #7
    It said that you have to have 2 years of information security experience not 2 years of working in the information/cyber security industry. If they stated the latter, I wouldn't have an issue, but they stated the former.
    Reply With Quote Quote  

  9. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,821

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #8
    Original post mentioned only the SOC job. What other security experience do you have?
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    May 2013
    Posts
    1,207

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #9
    Quote Originally Posted by Peace101 View Post
    It said that you have to have 2 years of information security experience not 2 years of working in the information/cyber security industry. If they stated the latter, I wouldn't have an issue, but they stated the former.
    It looks like they have some inconsistencies of how they word things on their website.

    Under the FAQ (https://www.eccouncil.org/programs/c...rmal-training-) it says "work experience", but under other areas it says related experience.

    Just for future reference, if education can be applied, they will usually have some kind of a waiver description area. Any experience requirement is going to only be work experience.
    Last edited by TechGuru80; 10-13-2017 at 09:11 PM.
    Reply With Quote Quote  

  11. Junior Member Registered Member
    Join Date
    Apr 2013
    Posts
    4
    #10
    Easy. Don’t spend your hard earned $$$ with them. Choose another Certification. I have a CEH, and have not seen any real value. EC-Council has poor customer service as well.

    This Cert is not transformative for your career. Don’t look back.
    Reply With Quote Quote  

  12. I drink and I know things Ertaz's Avatar
    Join Date
    Jan 2006
    Posts
    663

    Certifications
    CISSP, CASP, CSA+, GPEN, CCNA Cyber Ops, Security+, MCP
    #11
    Capture.JPG

    If you're going for DOD, the CEH is now obsolete. The CSA+ seems a much better value.
    Reply With Quote Quote  

  13. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    193

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #12
    "When not reading and understanding the requirements goes wrong" is what this should be titled. CEH from a learning standpoint is not very good but it does open MANY doors for you. Also, CSA+ isnt recognized by the DoD yet (at least where I work anyway). Whats the source for that chart?EDIT: nevermind, found it on DISA. That's wierd tho because we don't accept it here.
    Last edited by McxRisley; 10-30-2017 at 08:09 PM.
    Reply With Quote Quote  

  14. Senior Member IronmanX's Avatar
    Join Date
    Mar 2015
    Location
    Ontario Canada
    Posts
    308

    Certifications
    C|EH
    #13
    Looks like CSA+ is a lot cheaper too.
    $320 USD for the exam.

    CEH is now $950 USD for the exam.

    Annual renewal is a little cheaper $50 vs $80.

    Looks like CSA+ does not have any experience requirements.

    "Recommended Experience Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, CSA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus."
    Reply With Quote Quote  

  15. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    165

    Certifications
    CISSP, GPEN, eJPT, CSA+
    #14
    Quote Originally Posted by supasecuritybro View Post
    I would just walk away from this cert if I were you. It will get you through the HR person but more Security professionals think this cert is a joke.
    And to the person who sent me some feedback to this comment regarding that the eJPT is a joke, my thought is at least to get it you have to do hands on work and not just do rogue memorization on tools, so it is ok with me being a joke to people. The CSA+ cost me $50 not a bad fee to see what it was about and it was still way better than the CEH.
    Completed: CISSP, GPEN, eJPT, CSA+, M.S. Information Security
    Current Goal: eCPPT
    Five Year Plan:​ RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ Python for Security Professional (Cybrary)
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,315

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #15
    (*Psst!*)

    Prefer looking into certs like SANS GPEN or OSCP as more mainstream or accepted certs to pursue in lieu of the C|EH.

    - b/eads
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    May 2013
    Posts
    1,207

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #16
    Quote Originally Posted by supasecuritybro View Post
    And to the person who sent me some feedback to this comment regarding that the eJPT is a joke, my thought is at least to get it you have to do hands on work and not just do rogue memorization on tools, so it is ok with me being a joke to people. The CSA+ cost me $50 not a bad fee to see what it was about and it was still way better than the CEH.
    Sometimes it’s not always about what YOU value the most in a certification, it’s what an employer values or wants. Regardless of the opinions on the quality of CEH, HR departments know what it is and sometimes getting past them is half the battle.
    Reply With Quote Quote  

  18. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    165

    Certifications
    CISSP, GPEN, eJPT, CSA+
    #17
    Quote Originally Posted by TechGuru80 View Post
    Sometimes it’s not always about what YOU value the most in a certification, it’s what an employer values or wants. Regardless of the opinions on the quality of CEH, HR departments know what it is and sometimes getting past them is half the battle.
    Yeap. It's also why the CISSP sometimes suffers in some circles. Companies have made it the defacto cert in a lot of job requirements but its not a technical cert when they are looking for someone with a lot of hands on. It is very strange for me to have the conversation when people tell me they met someone with a CISSP and doesn't know how to be technical.
    Completed: CISSP, GPEN, eJPT, CSA+, M.S. Information Security
    Current Goal: eCPPT
    Five Year Plan:​ RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ Python for Security Professional (Cybrary)
    Reply With Quote Quote  

  19. Censorship is Un-American JockVSJock's Avatar
    Join Date
    Dec 2006
    Location
    SATX
    Posts
    1,102

    Certifications
    M.S. in MIS/MBA, Network+, A+, Linux+, Security+, C|EH, RHCSA
    #18
    Considered yourself touched by an angel or divine intervention, or whatever you want to believe in.

    There is a lot of criticism against the C|EH for the hype it generates and EC|Council for their lack of professionalism and their snake-oil sales approach to the IT certification industrial complex that they are a part of.

    Here is my review of me taking the C|EH.

    Successfully passed C|EH - My professional opinion on ECCouncil and IT Cert Industry

    After getting this cert, I've only been contacted for temp pen test/info assurance positions. That's it.

    Too bad this post wasn't stickied, otherwise I would have never attempted this cert:

    Wanna get EC-Council CEH? Think again.

    Honestly if you have the skill set that you wrote up, I would say go for info sec positions that matchs or exceed your experience. Do you live in a big or near a big IT city say like Silicon Valley?

    Quote Originally Posted by JDMurray View Post
    CISSP and CEH are very good certs to get you in for a first-round interview, so I woundn't discount CEH if you are looking for InfoSec work. However, for the "net cred," there are a lot better "Hacking+" certs out there.
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Jun 2008
    Location
    Wherever i lay my hat
    Posts
    191

    Certifications
    CEH v9,MCSA 2012, MCTS SCCM, VCP 5, MCP, ITIL v3
    #19
    Quote Originally Posted by supasecuritybro View Post
    I would just walk away from this cert if I were you. It will get you through the HR person but more Security professionals think this cert is a joke.
    That could be said about the CISSP any other cert! Give me experience over some expensive cert anyday
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,857

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #20
    Cert requirements are cert requirements. We're lucky if we can get waivers from some organizations.
    Just keep doing what you're doing and on top of that, you're getting great experience so far.

    There are other certifications that are probably more worth earning instead of the CEH. OSCP could be done while you're waiting for the two year requirement to be met. Maybe getting the SSCP as well??

    I know that the CEH is asked by a lot of companies but as much as it costs to take the test, I think that you could really use that money somewhere else.
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  22. Senior Member kMastaFlash's Avatar
    Join Date
    Aug 2012
    Posts
    897

    Certifications
    A+, Network+,Security+, EMCISA v2, MCP, MTAx2 , CCENT, CCNA R&S,C|EH,C|HFI,Linux+,LPIC-1,E|CSS,E|CES,GPEN,OSWP,Server+,LPT,GCIH,E|CIH
    #21
    Just hang in there! I found the C|EH to be useful. Just get another year of security experience and you'll be good. Best of luck hope things work out!
    2017:E|CSA E|CSP,eLearnSecurity Courses 2018: C|ND,ICND2,CCSK,CISSP,CCNA-Security,CSA+,GWAPT 2019: CWNA 2020: LPIC-2
    Reply With Quote Quote  

  23. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    239

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #22
    FWIW ... my .02 cents ...

    I think the value in CEH is what you make of it ... and what fits YOUR situation ...

    CEH isn't totally worthless IMO. Is it worth the (nearly) one thousand dollars? Probably not ... is it worth something? yes.

    I am neck deep in the middle of the OSCP course and I can say, without a moment of doubt, that the CEH compared to this is an entry level certification by far. However, a lot of the same study material I used for CEH I am going back and referencing in OSCP ... The skill sets do transfer .. albeit only a little.

    So, I'll just throw this out there. If you are in a position where someone else is going to pay for it? And you are trying to build up to something like OSCP? I don't see an issue in going for it. You will end up covering a lot of the same ground ... IF you only have 1000.00 and you have to pick what route to go, I would not go CEH and would explore other options with your own money.

    One last thought: While some (maybe even a lot) in the security field think CEH isn't worth the money, others that are in the technology field, but NOT focused on security still respect it. (Yeah, mostly because its a name ...) My current role is not only Security related, but overlaps a lot of other areas. When I am talking with customers (like it or not) "Certified Ethical Hacker" buys more credence with them than something they've never heard of like "OSCP" - When I am talking with someone very technical, OSCP is like the biggest name drop ever ....

    So I'm just saying, it depends on your situation! Your life! you lead it!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks