Steve Young - Fotolia
It seems like even though the Certified Ethical Hacker certification has been around for a while, it's becoming more popular and prominent lately. What does this credential entail, and is it best suited only for penetration testers?
It seems there are new security certifications popping up every day as the training market attempts to capitalize on the high demand for information security professionals. The reputation of certifications can diminish over time if the tests are not stringent enough to produce quality information security professionals. Everyone in the security profession can repeat an anecdotal story involving a certified individual who could not get the job done, which placed the rigor of that certification into question. The Certified Ethical Hacker (CEH) is one of these older certifications that has not just survived these anecdotal stories, but is starting to see some growth.
Learning about information security can be difficult. The best security professionals seem to have a passion for technology and practice their craft on their own to hone their skills. Their experience may have been gained while pushing the limits of what constituted legal activity. People without access to the technology or who were put off by the possibility of incarceration can use certifications to build their knowledge and start their careers. Certifications can offer value if they're viewed as building a foundation of knowledge, not as indicating mastery of the entire subject.
The Certified Ethical Hacker certification is in a sweet spot between entry-level certifications like CompTIA's Security+ and advanced-level certifications like CISSP. The main focus of CEH is the technical aspects of information security. It starts by building a foundational knowledge of protocols and networking hardware before delving into vulnerability assessments and network penetration. Good security knowledge starts with a firm understanding of the basics, which makes the CEH just as applicable to systems administrators as to penetration testers.
The CEH certification exam contains 125 questions that must be answered in four hours with a score of 70% or better. Over 75% of the questions on the exam cover security-specific material including firewalls, vulnerability scanners and exploitation tools. Regulatory issues such as PCI DSS represent only 4% of the remaining questions, which may not be enough for those with no experience in an industry where compliance plays such a big role. The technical questions do a good job covering the tools used every day by security professionals, which may account for the certification's rising popularity.
The CEH certification is a good intermediate test that covers the technical aspects of information security. It is introductory enough that other members of IT could use it to gain insight into the world of information security. It is technical enough to be useful to those who have some introductory experience with information security tools and want to learn more. Both of these facts probably contribute to the increasing popularity of the CEH certification. However, using the "hacker" designation in the name of the certification probably didn't hurt the popularity of the program either.
Ask the Expert
Have questions about enterprise security? Send them via email today! (All questions are anonymous.)
Looking to take the next step in your security career? Check out SearchSecurity's guide to security certifications.
Dig Deeper on Security industry certifications
Related Q&A from Joseph Granneman
The consequences of phishing attacks could fall on the victims as enterprises start to punish employees who fall for this age-old scam. Expert Joseph... Continue Reading
CERT's ITPM certification is designed to help enterprises with their insider threat programs. Expert Joseph Granneman discusses the certification and... Continue Reading
Privileged users pose a growing threat to organizations. Expert Joseph Granneman looks at this insider threat and shares ways to mitigate it. Continue Reading