Showing posts with label ethical hacker training. Show all posts
Showing posts with label ethical hacker training. Show all posts

Friday, 16 October 2015

Top 5 FAQs about CEH v 9

 By Sarah Morgan

EC-Council recently launched version 9 of their flagship Certified Ethical Hacker certification. This course contains the latest content in the field of ethical hacking and IT security. It will continue to develop the skills of IT professionals to protect businesses, reacting to and preventing cyber-attacks. But what’s different? What do you need to know about it? Here are the top 5 FAQs to explain all you need to know about CEH v9.

Q: How has the CEH v9 curriculum changed?

A: Largely, the structure of the course has remained the same. There are now 18 modules rather than 20. The two modules “Trojans and Backdoors”, and “Viruses and Worms” have been condensed into one module known as “Malware Threats”. Also, the modules “Buffer Overflows” and “Penetration Testing” have been removed. However, the majority of the content has been relocated to other areas of the course including the “System Hacking” and “Hacking Mobile Devices” modules.

There has also been changes to some of the content itself. Most notably, the inclusion of a Cloud Computing module. It applies general areas of security like service hijacking and penetration testing and covers cloud specific security and tools like CloudPassage Halo. This is a great addition as it reflects the current trend, with cloud technology now crucial to many businesses.

Q: Can I apply CEH v9 content to my business and my role? 

A: The skills you’ll learn will be the very latest available. The principle of the CEH course is to improve your skills and abilities in a practical environment and will prove its value most, in real-world situations in your workplace. However, it’s almost impossible to stay in front of hackers or predict what they’ll do next. But, you’ll have the most current skills in the industry, which’ll be invaluable when facing new types of cyber-attacks. 

If you’re not yet an ethical hacker, but looking to make the step forward in your career, having these up-to-date skills, and the certification to demonstrate it, will put you in the best possible position to boost your career.


Image courtesy of EC-Council


Q: Isn’t this knowledge harmful? Why make it so readily available?

A: EC-Council ensure that social responsibilities are fulfilled before they allow someone onto any CEH course. All candidates must have a minimum of two years IT security related experience before they can sit a CEH course. Plus, all candidates are required to sign an ethics agreement, which states they will respect the knowledge they learn and not misuse it in any way. Every CEH candidate must also agree that they will only use what they have learned for lawful actions. These processes and requirements make the course and the knowledge within, as safe as possible.

Q: I have CEH v 8, do I need to update it for it to be relevant? 

A: CEH v 8 is currently still available for you to sit but this won’t be the case for too much longer. If you already have version 8 or even version 7, your skills and knowledge will still be relevant and your experience is of course vital in helping you stay current.

In such an ever-changing industry though, it doesn’t take long for your skills to become out-dated. CEH v 9, with its additions of new attack vectors and addressing new vulnerabilities will be perfect when you want to update your skills. I would recommend getting your skills updated as and when you can, to ensure your skills don’t become out-dated. 

Q: Am I the right candidate to sit CEH v 9?

A: CEH v 9 has prerequisites much like previous versions. To meet these prerequisites you must have at least two years IT experience with a strong working knowledge of TCP/IP, Windows Server (NT, 2000, 2003, 2008, 2012) and a basic familiarity with Linux and/or Unix. 

If you’re looking to become an ethical hacker, it’s a great job choice for the future and the new CEH will stand you in good stead. Businesses of all sizes, are realising the value ethical hackers bring to a business. This is leading to the current trend of businesses recruiting more and more ethical hackers. CEH v 9 is the most current edition of the popular certification, covering more attack vectors than ever and updated for the most modern technologies. If you want the latest in ethical hacking knowledge and skills, CEH v 9 will provide exactly that.

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 20 January 2014

The benefits of the Certified Ethical Hacker certification


By 


Certified Ethical Hacker, or CEH, certification is one of the hottest picks for IT security professionals pursuing a career in penetration testing. However, it’s often overlooked as a viable certification option by most information security pros. Although the certification is a must-have for penetration testers, its benefits are not limited only to this small niche of professionals.

The CEH exam is a relatively new credential in the IT certification industry, but its importance and influence have grown quickly. Provided by EC-Council, the CEH exam was the first certification to bring the so-called dark side of IT into the limelight. Before the CEH exam, there was no certification that taught the methods and tools that hackers use to penetrate computer systems. The CEH exam focuses on how hackers find and exploit vulnerabilities. The course includes everything from the tools of the trade to ethics.

What many security professionals do not yet realise is that the benefits of studying for and achieving this certification stretch beyond the field of penetration testing and into everyday network and application security. In addition to meeting the regulatory standards for employment for many top security positions, you can gain a wealth of knowledge that is otherwise not easy to obtain.  Besides your unique, new title, you’ll also get the following benefits, if you decide to get your CEH certification:

Understanding risks and vulnerabilities

The CEH course is made up of the following task and knowledge domains:

Task domains
  • System development and management
  • System analysis and design
  • Security testing
  • Reporting
  • Mitigation
  • Ethics

Knowledge domains
  • Background
  • Analysis/Assessment
  • Security
  • Tools
  • Procedures
  • Policy
  • Ethics

These domains are comprehensive and form a solid foundation for understanding how vulnerabilities affect organisations on a day-to-day basis.

Thinking like a hacker

The CEH course gives “white hat” IT professionals a glimpse into the mindset of a typical hacker. The focus of an IT professional is always on keeping bad guys out and maintaining secure systems. Over time, many IT pros develop a reactionary mindset. Battling with the bad guys will always involve reacting to threats and events as they occur, but it’s far more valuable and powerful to understand how the bad guys think and to be able to anticipate their moves. By learning the hacker mindset, you’ll be able to take a more proactive approach and see beyond current security tools and policies to know where and how an attacker might try to gain access to your network.

Learning how exploits evolve

Besides demonstrating the hacker mindset, the CEH course also provides valuable insight into the entire life cycle of an exploit. For many security professionals, the way exploits evolve to take advantage of vulnerabilities is a mystery. While security pros are trained to prevent and respond to known vulnerabilities, little attention is paid to the life cycle of the exploit itself, from its conception to its destructive use in the real world. The level of insight gained by becoming a CEH allows you to look at exploits and vulnerabilities objectively and to spot potential attack vectors and weaknesses before the hackers do.

Learning about the tools of the trade

Another overlooked benefit of the CEH certification is the amount of knowledge you can get regarding the tools of the hacker trade. While most IT pros have experience with at least some of the tools used by a CEH, they often lack the in-depth knowledge that’s required to use these tools for criminal purposes. Learning how malicious attackers use various tools allows you to better secure your networks, applications, and other assets.

To learn more about Ethical Hacking and its benefits, watch the following video with EC-Council President Jay Bavisi:



About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Wednesday, 23 October 2013

Hacker Halted Europe Interviews Part 2 – Jennifer Lesser


By 


In October, EC-Council’s Hacker Halted came to Europe for the first time. Firebrand attended the conference in Reykjavik, Iceland and interviewed industry experts about the hottest topics in cyber security.

In this video Jennifer Lesser, Facebook’s Director of Security Operations talks about her keynote presentation on “Winning the Security Awareness Game”.

Ms Lesser spoke about how Facebook turned its internal security awareness campaign into a game that engaged every employee in the organisation. She explained that Facebook wanted to create a program that fit into its organisational culture. So they decided to launch “Hacktober”, a full month of hacking, when employees are encouraged to hack and protect themselves from being hacked.

During “Hacktober” Facebook simulates a series of attacks on its system, which include malicious emails, breaching the company’s physical perimeter, phishing and more. To find out more about how Facebook turned security awareness into a company-wide game, watch the full interview. 



Click here to watch the first Hacker Halted Europe interview with Jay Bavisi.

About the Author:       
Peter writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself.

Thursday, 25 February 2010

What are 10 best IT Jobs right now?

As the demand for emerging technologies such as virtualization, cloud, network security and social computing grows in 2010, IT professionals would look to stand out in the crowded job market.  Here are top 10 IT job titles that could gain traction in 2010:

  1. Ethical Hacker/Security Specialist:  According to a CompTIA survey, 37% of high tech workers intend to pursue a security certification over the next 5 years.  Nearly 20% would seek ethical hacker certification during the same period.  13% were looking for computer forensics as the next immediate certification they would pursue.
  2. Virtual systems manager
  3. Capacity manager
  4. Network Engineer
  5. Open source specialist
  6. Service assurance manager
  7. Electronic health records systems manager
  8. Sourcing specialist
  9. Service catalog manager
  10. Business process manager.