Home page logo
/

basics logo Security Basics mailing list archives

RE: CEH program and Sybex Study Guide
From: "Tony Johnson" <TonyJ () aemf org>
Date: Mon, 26 Sep 2011 13:37:26 -0700

What would be considered superior training. I hold the following
Certifications. I am now focusing on security as my carrer. What are
The best most infective courses from an operations prospective.

MCP,MCSA,MCSE,MCTS,MCTIP,VCP,CCNA,CIW,Project+

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gage Bystrom
Sent: Monday, September 26, 2011 1:00 PM
To: security-basics () securityfocus com
Subject: Re: CEH program and Sybex Study Guide

Can't say I have any to be honest. However I collect  study materials
for various certifications and the likes to plan out what I may
consider getting. Unfortunately only a few make that list since I am
more of an independent learner. Most certifications are nothing but
shiny(maybe) pieces of paper to me.

In particular all of the resources I've collected on CEH, it is
particularly noteworthy in the entire course can be summed up be
reading whatever the latest core Hacking Exposed book is out at the
moment.

While such information is critical for beginners it simply isn't
enough in the practical world. It'll help land you the job, but unless
the security is super low and susceptible to trivial attacks, it isn't
enough to land you the "box".

I don't know how many security professionals hang out in areas where
they come in contact with the underground(not talking carders here),
but if you ask around and get a reply it becomes blazingly obvious
that a lot of certifications are waay off when it comes to a realistic
targeted attack. Simply because an authorized penetration tester
doesn't have to worry about the same things a malicious attacker has
to do. Pentesters can take shortcuts and are almost religiously taught
such shortcuts in certifications, books, and methodology. These
shortcuts WILL make you miss what a malicious attacker WON'T miss.

Hence if you're only training is coming from something like CEH, and
your not heavily learning from far superior sources, then you will be
sorely lacking when it is time to face the music, providing yet
another embarrassment to the industry.

On Mon, Sep 26, 2011 at 12:40 PM, Hanson Coffie Kyeremeh
<Hanson.Kyeremeh () vodafone com> wrote:
Hi Gage,
What certifications do you have?
Best Regards,
Hanson Coffie Kyeremeh
Network & OSS Security Manager
Vodafone Ghana
Cell:+233202001119

Sent from Vodafone BlackBerry® Smartphone

----- Original Message -----
From: listbounce () securityfocus com <listbounce () securityfocus com>
To: security-basics () securityfocus com <security-basics () securityfocus com>
Sent: Mon Sep 26 19:28:59 2011
Subject: Re: CEH program and Sybex Study Guide

CEH is good for getting a job, not for knowledge. Any serious hacker
would laugh at the content CEH covers. I would advise only taking it
if you plan on heavily supplementing it with real knowledge.

On Mon, Sep 26, 2011 at 12:11 PM, gig <gigabit () satx rr com> wrote:
Alberto,

I've been through a week long CEH class taught by Global Knowledge.  The
content was ok, but I was frustrated in that the instructor couldn't talk
about how to defend against these attacks.

Regardless, if you have an interest in hacking, yes, you should pursue this
certification...and yes, it will help you gain credibility as an Information
Security professional.

Since we don't know your knowledge or experience level, it's difficult to
know if this is best use of your time.......but the this general statement
will always hold true:

All things being equal, having certifications is better than not having
them.

Hope this helps you.


----- Original Message ----- From: "Alberto Medina" <amedinaj () gmail com>
To: <security-basics () securityfocus com>
Sent: Saturday, September 24, 2011 1:59 PM
Subject: CEH program and Sybex Study Guide


Hi all,
I know maybe in this list you have talk a lot about CEH program, but I want
to know what do you really think about this program (CEH)? Is this really
useful to start in information security? And what do you think about the
Sybex Study Guide, by "Kimberly Grave"?
I do this question because a couple of years ago I took the CompTIA
Security+ exam and passed it, but I wanna to continue the preparation in the
field of information security and Ethical hacking, and someone recommended
me the "Certified Ethical Hacker" certification as a good way to continue
the path, so a bought the Sybex Study Guide for the exam, but I don't see a
lot of difference between the content of Security+ program and this one, I
thought I'd find the CEH deeper in the subject than Security+ program.
In fact, I found this Sybex guide is not very actual, there's not any
mention to Windows 7 or even Vista, the tools mentioned are kind of old, in
the "cracking password" section they don't talk about rainbow tables, only a
littler mention; in the "backdoor" sections she (the author) recommend
adding an additional hard disk to the computer and boot from there for
protection using the backdoor she mention, or buy a Windows netbook, but
it's not better using a VM in for testing?
Anyway, I just want to know what you think about this program? If not, what
do you recommend for continue the path to Ethical Hacking and Information
Security.

Thank you and best regards,
Alberto Medina

(Excuse my English :) )


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault