Security Basics mailing list archives

Re: CEH program and Sybex Study Guide

From: Todd Haverkos <infosec () haverkos com>
Date: Tue, 11 Oct 2011 08:53:38 -0500

Sven Aluoor <aluoor () gmail com> writes:

On Thu, Sep 29, 2011 at 5:43 PM, Michele Orru <antisnatchor () gmail com> wrote:

because it's a noob certification.


Question: will I find a pen testing job after passing CEHv7? I have
neither know how about pen tests nor experience. I work as a UNIX
admin.


Hi Sven, 

Plan on that answer being no unless you do a lot of self study on top
of it, build your own test lab, get very comfortable with tools like
foca, nmap, metasploit, nessus, and networking with someone who's
willing to work with you.  A Unix admin can be a very good basis, so
you're better off than someone rolling out of school declaring "I
wanna be a hax0r for a living!"  The good news is that there's lots of
work to go around.

However, I think it's fair to say that you'd be more likely to get
considered for a dedicated security role (IT security audit, ids
analysis, AV administration, identity management, general security
engineering perhaps) with a demonstrated interest in and achievement
of a security specific certification than you would without it.

But no, getting CEHv7 by iteself is unlikely to make a pen testing job
jump out and scoop you up.  If however in the process of getting one
you find yourself in a really excellent class with a great instructor
and it allows  you to network with some folks who are already doing
penetration testing, then it might be the catalyst you're looking for.  

Best Regards, 
--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: CEH program and Sybex Study Guide Sven Aluoor (Oct 10)
- Re: CEH program and Sybex Study Guide Todd Haverkos (Oct 11)
- RES: CEH program and Sybex Study Guide Fabio Nascimento de Mello (Oct 11)
- Re: CEH program and Sybex Study Guide Enis Sahin (Oct 14)
  - Re: CEH program and Sybex Study Guide Sven Aluoor (Oct 24)
    - RES: CEH program and Sybex Study Guide Fabio Nascimento de Mello (Oct 25)