EC-Council has recently
announced major revisions to several of their training certification programs.
The changes are meant to keep up with current technology, as well as be a
leader in the Cybersecurity Certifications realm. The changes are meant to
ensure that their certifications remain towards the forefront of certifications
sought after by cybersecurity professionals. Of those changes, major ones were
made to the C|EH certification. Will taking the C|EH make you a hacker
overnight? Sadly, no. It’s not meant to do that. Only through follow-on
training and experience will one be able to achieve a level of competency
required to become a “white-hat” hacker. It does give you a solid foundation to
launch your career, however.
WHAT ARE THE CHANGES TO THE CLASS AND CERTIFICATION? LET
ME START WITH A BACKGROUND:
The C|EH is the basis for
the “offensive” line of training. Tools and techniques are shown to the
students. Upon successful completion of a C|EH
course and examination, you are given your certificate acknowledging
your passing the certification. In moving forward, there was often a “fog” of
what to do next. In the revamp of the C|EH (along with the other
certifications), EC-Council has made a clear path towards mastery of
penetration testing. In moving forward from the CEH, one can move on to
the EC-Council
Certified Security Analyst (ECSA) certification (which has also
been revamped), and then onto the Licensed Penetration Tester (LPT).
C|EH v10 takes v9 to the next level. The C|EH v10 has included
several new modules to further assist students in becoming more “offensive”
oriented, rather than “defensive” and reactionary. The first change is the
inclusion of a vulnerability analysis (VA) module. Instead of being included in
another module, vulnerability analysis becomes its own module. This includes
methodology, various tools and techniques, and ways to ensure your organization
maintains a robust VA environment. The Center for Information Security (CIS)
just released their v7 security controls, and Vulnerability Management was
moved up into the #3 spot. By having an entire module on VA, this aligns with
the importance stressed in ensuring a thorough vulnerability
analysis/remediation environment.
Next, EC-Council added an
entire module on Malware Analysis. While not an in-depth exploration of the
topic, a methodology of how to go about doing malware analysis, and what tools
to use, is now included in the C|EH curriculum. By doing some reverse
engineering on these problems, students get more hands-on experience in some
coding techniques.
Of the additional
modules, Internet of Things (IoT) is the last module that was added. This
includes some IoT topic discussion, various IoT platform attacks, and tools for
attack.
EC-Council also did a
revamp on the presentation of the modules, including hand-on virtual labs as
part of the module training. With so much information to be presented to
students in a boot-camp style format, it helps to have some of the labs done in
the module itself, rather than after class in the evening.
Other changes are subtle
and may not be known to students. These include having their exams be ANSI
certified. Since v8, all C|EH exams meet ANSI certification requirements; v10
is no exception. Also, the course content of the C|EHv10 maps to NICE
v2.0 requirements.
One other thing to
mention about C|EHv10: it continues to be DoD 8570 compliant.
C|EHv10 becomes available
on April 1, 2018.
FREQUENTLY ASKED QUESTIONS
Where
do you recommend we received C|EHv10 Training?
We offer C|EHv10 training.
Our trainers are Experts, so you will receive training from people that have
practical experience, instead of just "book knowledge". Check out
our CEH
Course Page for more information.
Where
does the the C|EHv10 fit in with the EC-Council Penetration Testing Track?
EC-Council divides the
Penetration Testing Track into 3 sections:
·
Core
·
Advanced
·
Expert
The Core section starts
with the C|ND. The C|ND is a good progression from the CompTIA Security+. After
C|ND is the C|EH, then the C|EH Practical.
The Advanced section
starts with the ECSA, then progresses to the ECSA Practical.
The Expert section starts
with the L|PT, then progresses to the L|PT Master.
Do
I have to take the Practical?
No, you do not have to
take the Practical. If you do not take the Practical, you will have to identify
yourself as C|EH. If you pass the Practical, you can identify
yourself as C|EH (Practical).
How
long is the C|EHv10 Practical?
The C|EHv10 Practical is
a 6 hour Proctored Exam with 20 Practical Challenges. You have to score a
70% to pass.
No comments:
Post a Comment