Jump to content

Certified ethical hacker

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 60.51.46.178 (talk) at 09:04, 16 January 2015. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The White Hat Hacker/ Certified Ethical Hacker is a professional certification, provided by the International Council of E-Commerce Consultants (EC-Council).

An ethical hacker is usually employed by an organization who trusts him or her to attempt to penetrate networks and/or computer systems, using the same methods as a hacker, for the purpose of finding and fixing computer security vulnerabilities. Unauthorized hacking (i.e., gaining access to computer systems without prior authorization from the owner) is a crime in most countries, but penetration testing done by request of the owner of the victim system(s) or network(s) is not.

A Certified Ethical Hacker has obtained a certification in how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a hacker.

The code for the CEH exam is 312-50. The certification is in Version 8 as of late 2013.

The EC-Council offers another certification, known as Certified Network Defense Architect (CNDA). This certification is designed for United States Government agencies, and is available only to members of selected agencies. Other than the name, the content of the course is exactly the same. The exam code for CNDA is 312-99.[1]

Examination

Certification is achieved by taking the CEH examination after having either attended training at an ATC (Accredited Training Center) or done self-study. If a candidate opts for self-study, an application must be filled out and proof submitted of 2 years of relevant information security work experience. In case you do not have two years of information security related work experience, you can send them a request detailing your educational background and request for consideration on a case basis.[2] The current version of the CEH is V8 uses EC-Council's exam 312-50, as did the earlier versions. Although the new version V8 has recently been launched.[3] This exam has 125 multiple-choice questions, a 4 hour time limit, and requires at least a score of 70% to pass.[4] The test delivery will be web based via Prometric prime. The exam code varies at different testing centers. 312-50 exam at Accredited Training Centers (ATC).[5] The earlier v7 had 150 multiple-choice questions and a four hour time limit. The version 7 and version 8 exams costs US$500 for the actual test and US$100 as a nonrefundable fee for registration.[2] Prices apply in the United States (prices in other countries may differ),[2] and is administered via computer at an EC-Council Accredited Training Center, Pearson VUE, or Prometric testing center (in the United States).

Recertification

EC-Council Continuing Education (ECE) points serve to ensure that all certified professionals maintain and further their knowledge. Professionals must meet ECE requirements to avoid revocation of certification. Members holding the CEH/CNDA designation (as well as other EC-Council certifications) must recertify under this program every three years for a minimum of 120 credits.

Controversy

Certain computer security professionals have objected to the term ethical hacker: "There's no such thing as an 'ethical hacker' - that's like saying 'ethical rapist' - it's a contradiction in terms."[6] Part of the controversy may arise from the older, less stigmatized, definition of hacker, which has since become synonymous with computer criminal.

On the other hand, some companies do not seem to mind the association. According to EC-Council, there has been an increase of careers where CEH and other ethical hacking certifications are preferred or required.[7][8][9][10] Even the US government accepts this association and requires CEH accreditation for some jobs per DoD 8570.01-M guidelines.[11]

Further reading

  • Walker, Matt; CEH Certified Ethical Hacker All-In-One Exam Guide, The McGraw-Hill Companies, 2011. ISBN 978-0-07-177229-7
  • Graves, Kimberly; CEH Certified Ethical Hacker Study Guide, Wiley, John & Sons, Incorporated, 2010. ISBN 978-0-470-52520-3
  • Graves, Kimberly; Official Certified Ethical Hacker Review Guide, Sybex Publishing, 2006. ISBN 978-0-7821-4437-6
  • Gregg, Michael; Certified Ethical Hacker Exam Prep, Que Publishing, 2006. ISBN 978-0-7897-3531-7
  • DeFino, Steven; Greenblatt, Larry; Official Certified Ethical Hacker Review Guide: for Version 7.1 (EC-Council Certified Ethical Hacker (Ceh)), Delmar Cengage Learning, March 2, 2012. ISBN 978-1-1332-8291-4

References

  1. ^ http://www.eccouncil.org/courses/certified_network_defense_architect.aspx Certified Network Defense Architect
  2. ^ a b c http://www.eccouncil.org/courses/certified_ethical_hacker.aspx Certified Ethical Hacker Cite error: The named reference "cert" was defined multiple times with different content (see the help page).
  3. ^ https://cert.eccouncil.org/certification/certificate-categories/certified-ethical-hacker-ceh Become a Certified Ethical Hacker
  4. ^ Ethical Hacking and Countermeasures (312-50) Exam. "CEH v8 Exam (312-50)". Retrieved May 27, 2012.{{cite web}}: CS1 maint: numeric names: authors list (link)
  5. ^ "CEH v8 Exam (312-50)".
  6. ^ D'Ottavi, Alberto (February 3, 2003). "Interview: Father of the Firewall". Retrieved June 6, 2008.
  7. ^ http://hotjobs.yahoo.com/career-articles-6_unusual_high_paying_careers-600
  8. ^ https://cert.eccouncil.org/ Certification - CEH, CHFI, ECSA, LPT, ENSA, ECSP, ECVP, EDRP, CNDA, ECIH, ECSS
  9. ^ http://www.darkreading.com/security/management/showArticle.jhtml?articleID=213000149
  10. ^ http://www.esecurityplanet.com/hackers/how-to-become-a-certified-ethical-hacker.html
  11. ^ http://iase.disa.mil/iawip/Pages/iabaseline.aspx
Retrieved from "https://en.wikipedia.org/w/index.php?title=Certified_ethical_hacker&oldid=642734942"