Tuesday, 18 January 2011

CEH and Security+ Certifications

Over the past week I took (and passed) the Security+ and Certified Ethical Hacker (CEH) certifications (two more to add to my increasing list of certs).

Here are my thoughts about both exams.

Certified Ethical Hacker CEH

This was reasonably good exam, and passing it shows that you know something about IT Security in relation to hacking and countermeasures.

I found this exam easier than I expected (but having been on the Pentesting with Backtrack course, I guess anything in this field would seem easier).

The most interesting questions were around interpreting logs of hacker activity, and assessing what had been done or attempted. Having actually performed these attacks myself, I found it straight-forward, but interesting.

(I finished the exam in around half the time allowed, with a high passing score)

What does CEH prove?

  • A reasonable knowledge for attack vectors, and some tools (though you don't need to be an expert hacker by any means)
  • Knowledge of command line options, and interpretation of output, for various tools including
    • tcpdump
    • snort
    • nmap
    • hping
  • Understanding of various reconnaissance and scanning methods
  • Knowledge of several hacking techniques and methodologies
  • A good working knowledge of Wireshark and networking protocols
  • An understanding of DoS, rootkits and trojans

What doesn't it measure that I feel it should

  • Ability to use these tools in a real world environment
  • Ability to perform a penetration test, or defend a network

I would say this exam is focused more towards incident response teams rather than ethical hackers or penetration testers, but I enjoyed it, and would say that it was worth taking.


This exam was disappointing as I found it far too easy. Very much an entry level exam.

What does it prove?

  • A very general understanding of basic IT Security principles and networking protocols
  • Not sure other than that...

What doesn't it measure that I feel it should

  • Far too much to mention (I really don't think it measured my skills or challenged me)
I'm not sure who this exam is aimed at, perhaps IT staff who are taking their first steps into IT Security.

In Summary

CEH is a reasonable exam to prove a basic understanding in incident response, hacking, and network security. I would say this exam is worth taking, though certainly not as in-depth as something like OSCP or CREST.

As for Security+: If you are thinking of taking, or hiring anyone based on Security+; I would say look at other certs as this one is very much entry level.

My recommended certs

For all the exams, courses and certifications I have taken so far, I would most recommend the following based on their difficulty, value to a company, and ability to measure a person's skills and knowledge.
  • CISSP - For a very broad reaching view of IT Security
  • OSCP - For it's technical depth, and understanding of attackers
  • CISM - To help match IT Security to the needs, and risk tolerance, of a business


  1. In your recommended list, did you mean "OCSP" or "OSCP" ?

  2. OSCP (fat fingers on my Dell mini10)

  3. Congrats Ben, keep up the good work

  4. Hi, I need to ask you few stuffs related to certs, Kindly shoot an email to rafaybaloch@gmail.com.

    Warm Regards,
    Rafay Baloch


  5. Informative Post, Thanks for Sharing !!!
    CEH Training in Gurgaon

  6. "Nice post. You just post the right content i was searcing for. Good Job. CEH Course provide hands-on classroom training to scan, test, hack and secure systems and applications.


  7. Thanks for sharing your post. This information very helpful and good looking blog. You can also visit on : Ethical Hacking Training Institute in Delhi

  8. Fantastic article ! Indian Cyber Army is announcing Summer Internship2018” for the enthusiasts of Cyber security. Here internship will give you on-the-job experience, help you learn whether you and Cyber security industry are a good match and can provide you with valuable connections and references.

  9. This concept is a good way to enhance the knowledge.thanks for sharing. please keep it up. The Information security community consists of experts from a diverse range of disciplines, experiences, and training. Indian Cyber Army has been dedicated in fighting cyber crime, striving to maintain law and order in cyberspace so as to ensure that everyone remains digitally safe. Join with to create awareness, handle the project and make the career in this field.

  10. This post is about  training I really enjoyed while reading your article, the information you have mentioned in this post was damn good. Keep sharing your blog with updated and useful information..
    For more information about Training please click here: CEH Training In Hyderabad