RE: EC-Council certs

["Roger A. Grimes" <roger () banneretcs com>]

I've got a bunch of security certs (Sec+, CISSP, TICSA, CEH, CHFI, MCSE:
Security, etc.) and I thoroughly enjoyed the CEH exam and its material.


Here's my 1/2 cent on the CEH exam:
It's a good overall test, with less errors than many of the tests
(although it did have a higher than normal rate of typos), and it is a
nice cross selection of questions and subject matter material about
hacking and defense. The exam is over a 100 questions, many of them
moderately technical, so it is a good test. It even had a few Snort or
Libcap captures and asked you to tell what type of attack was going on
(i.e. Buffer overflow vs. SQL injection) and those particular questions
weren't blatantly easy.

Basically, the CISSP exam is the only security exam with an extreme
amount of "industry weight" in that it is probably the best credential
for helping you get a job.  The GIAC is probably the best at teaching
you a particular subject and is the most practical.  The CEH is a good
exam, but I'm not sure how much job or hiring influence it has.  If more
people studied or took it, I think it would gain more respect in the
industry. 

The CISSP can really help get your foot in the door, but the GIAC is
going to teach you more.

Roger

************************************************************************
***
*Roger A. Grimes, Banneret Computer Security, Computer Security
Consultant 
*CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4), CEH, CHFI
*email: roger () banneretcs com
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection for Windows by
O'Reilly
*http://www.oreilly.com/catalog/malmobcode
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
************************************************************************
****



-----Original Message-----
From: dallas jordan [mailto:dallas.jordan () gmail com] 
Sent: Tuesday, April 12, 2005 11:07 AM
To: security-basics () securityfocus com
Subject: EC-Council certs

Does anyone have any experience/opinion on certifications from
EC-Council?  I have been looking at some of the certs they offer, such
as the Cert Ethical Hacker, or the ECSA and was wondering if they hold
any weight in the industry or were even worth the effort. Thanks for any
advice.
--
Dallas Jordan CCNA, CISSP

Ernst & Young LLP
Security & Technology Solutions (STS)
E-mail:  Dallas.Jordan () ey com

------------------------------------------------------------------------
---
Earn your MS in Information Security ONLINE Organizations worldwide are
in need of highly qualified information security professionals.  Norwich
University is fulfilling this demand with its MS in Information Security
offered online.  Recognized by the NSA as an academically excellent
program, NU offers you the opportunity to earn your degree without
disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------