Who is better: a hacker or a security analyst ...?
When entering the university for the specialty "KOIB AS", probably, many believed that the course from 2 would be taught to break, implement, deface, spoof and spam, and then how to counteract what they had taught before - that what is not called Information , and Cyber ​​Security. In fact, it turned out the way it is written in the article on securitylab: Why is the university not able to train a security specialist? What can I say, in my former university in 90% of the described situation - the situation is similar ... perhaps, I hope, in higher education institutions of greater eminence, things are different. In the end, nothing else but self-development and self-study remains. And here our “American” friends come to the rescue, namely the EC-Council office. Probably, many have guessed that the discussion in this post will be about CEH and ECSA programs. I will not write about how to prepare for exams, what to read and how to practice, I will tell you what it all is about and about some of the features in the organizational preparation for exams.
As you can see, CEH, ECSA is not the entry level in the EC-Council hierarchy.
However, there are no “pre-requirements” to try to pass them. If you have a Russian university diploma in IT, a couple of years experience as a sysadmin or IBShnik, then I see no reason to study “1”, “2”, “3” levels. It is worth noting that CEH and ECSA are by no means a replacement for CISSP-CISA / CISM, which more often require, in addition, knowledge of methodologies, standards, information management systems, but not CompTIA: Security +, where for successful delivery it is enough to have a baggage of theoretical knowledge in terms of information technology. The tacit hierarchy of certification in cyber security is as follows: CompTIA: Security + -> CEH / ECSA -> CISSP-CISA / CISM. You can, of course, add GIAC somewhere, but to be honest in Russia very few people have heard of it.
Ethical Hacking and Countermeasures. At the moment, there is already 8 version of the training program. On the EC-Council website, it is described and consists of various modules:
Why Ethical? Because you sign a paper in which you say that you will not apply this knowledge against someone or something, i.e. you want to be “White Hat”, and if something happens illegal, the EC-Council will not be responsible for you.
To listen to the course on this program in the Russian Federation costs about 60 thousand in 40 hours. In my opinion, this is simply unrealistic! There is a lot of information, even more practice and putting it all in a week, 8 hours a day - this is some kind of brain explosion. In fact, after attending the training, you should be ready for the exam. There are 150 questions in it - just tests, without simulations. The cost of the exam, oh, this EC-Council, $ 500. Honestly, even abroad they are perplexed about such a cost, plus no second shot, discount voucher. There is an alternative option: we do not want to go to official courses, we are preparing ourselves. But here too, the obstacles are: EC-Council does not know how good you are, but you did not go to the courses, then confirm your skills by paying Eligibility fee = $ 100 and fill in the Eligibility form , indicating where, by whom and how much you work. They will check, and if they are satisfied, you will be allowed to pass the exam. If, in their opinion, you still do not reach the level of the applicant, no one is going to return $ 100.
As for the course, then, as I wrote, there is a lot of information, it is quite interesting and useful and covers the whole range of hacking issues of modern systems, but some issues and their solution is very trivial. The trainer, who is certified in many programs, conducts this course, quite informative, though the moments are crumpled up (due to lack of time, probably). However, it must be remembered that this course is not taught to protect; here, after each topic, only possible countermeasures are given: Counter measures.
Security Analyst v4. The level is a step higher than CEH. But in it, unsurprisingly, 50 questions are also tests. The cost of the exam, again less - $ 300. Why? I believe that he is simply less propiar among the power structures of the USA than the CEH.
As you understand, American public relations is not particularly relevant for the Russian Federation.
The ECSA program covers the following areas:
As you can see, there are much more areas to explore. It is believed that ECSA is handed over, those who have CEH (apparently, therefore, there are fewer questions), but you can try it yourself by examining the materials of the modules or by listening to the instructor, also for about 60 thousand rubles. The composition of the modules of percent for 40% repeats CEH, issues of network security, search for channels of leakage and application of standards are also considered. The situation with the purchase of vouchers and duties is similar to that described above. I will assume that ECSA is just the most suitable for domestic graduates of ZI and having experience in information security.
You also need to pay attention to the fact that when purchasing a voucher for examinations, Prometric or Pearson Vue services are used. EC-Council strongly recommends buying all the “bells and whistles” exclusively in its own store, and only then use the data and codes used when registering the exam with Prometric or Pearson Vue.
Personally, I think that at the moment it makes no sense to take CEH in Russia, it is very useful to listen to or study on your own course, yes. But with ECSA, the situation is even more ambiguous: it costs less, it is listed higher, it takes more knowledge to pass, because covers both Hacking and Defense, however less known and common. Everyone will make the choice himself ... If you successfully passed the CEH and ECSA, you will automatically receive the LPT status: lincenced penetration tester.
Most importantly, it must be remembered that certification itself is not an end in itself. This is only an opportunity to confirm your skills and knowledge in a way that is not related to the education system in the Russian Federation.
I hope this information will be useful for you.
Thank!
General situation
As you can see, CEH, ECSA is not the entry level in the EC-Council hierarchy.
However, there are no “pre-requirements” to try to pass them. If you have a Russian university diploma in IT, a couple of years experience as a sysadmin or IBShnik, then I see no reason to study “1”, “2”, “3” levels. It is worth noting that CEH and ECSA are by no means a replacement for CISSP-CISA / CISM, which more often require, in addition, knowledge of methodologies, standards, information management systems, but not CompTIA: Security +, where for successful delivery it is enough to have a baggage of theoretical knowledge in terms of information technology. The tacit hierarchy of certification in cyber security is as follows: CompTIA: Security + -> CEH / ECSA -> CISSP-CISA / CISM. You can, of course, add GIAC somewhere, but to be honest in Russia very few people have heard of it.
CEH
Ethical Hacking and Countermeasures. At the moment, there is already 8 version of the training program. On the EC-Council website, it is described and consists of various modules:
Why Ethical? Because you sign a paper in which you say that you will not apply this knowledge against someone or something, i.e. you want to be “White Hat”, and if something happens illegal, the EC-Council will not be responsible for you.
To listen to the course on this program in the Russian Federation costs about 60 thousand in 40 hours. In my opinion, this is simply unrealistic! There is a lot of information, even more practice and putting it all in a week, 8 hours a day - this is some kind of brain explosion. In fact, after attending the training, you should be ready for the exam. There are 150 questions in it - just tests, without simulations. The cost of the exam, oh, this EC-Council, $ 500. Honestly, even abroad they are perplexed about such a cost, plus no second shot, discount voucher. There is an alternative option: we do not want to go to official courses, we are preparing ourselves. But here too, the obstacles are: EC-Council does not know how good you are, but you did not go to the courses, then confirm your skills by paying Eligibility fee = $ 100 and fill in the Eligibility form , indicating where, by whom and how much you work. They will check, and if they are satisfied, you will be allowed to pass the exam. If, in their opinion, you still do not reach the level of the applicant, no one is going to return $ 100.
As for the course, then, as I wrote, there is a lot of information, it is quite interesting and useful and covers the whole range of hacking issues of modern systems, but some issues and their solution is very trivial. The trainer, who is certified in many programs, conducts this course, quite informative, though the moments are crumpled up (due to lack of time, probably). However, it must be remembered that this course is not taught to protect; here, after each topic, only possible countermeasures are given: Counter measures.
ECSA
Security Analyst v4. The level is a step higher than CEH. But in it, unsurprisingly, 50 questions are also tests. The cost of the exam, again less - $ 300. Why? I believe that he is simply less propiar among the power structures of the USA than the CEH.
As you understand, American public relations is not particularly relevant for the Russian Federation.
The ECSA program covers the following areas:
As you can see, there are much more areas to explore. It is believed that ECSA is handed over, those who have CEH (apparently, therefore, there are fewer questions), but you can try it yourself by examining the materials of the modules or by listening to the instructor, also for about 60 thousand rubles. The composition of the modules of percent for 40% repeats CEH, issues of network security, search for channels of leakage and application of standards are also considered. The situation with the purchase of vouchers and duties is similar to that described above. I will assume that ECSA is just the most suitable for domestic graduates of ZI and having experience in information security.
Total
You also need to pay attention to the fact that when purchasing a voucher for examinations, Prometric or Pearson Vue services are used. EC-Council strongly recommends buying all the “bells and whistles” exclusively in its own store, and only then use the data and codes used when registering the exam with Prometric or Pearson Vue.
Personally, I think that at the moment it makes no sense to take CEH in Russia, it is very useful to listen to or study on your own course, yes. But with ECSA, the situation is even more ambiguous: it costs less, it is listed higher, it takes more knowledge to pass, because covers both Hacking and Defense, however less known and common. Everyone will make the choice himself ... If you successfully passed the CEH and ECSA, you will automatically receive the LPT status: lincenced penetration tester.
Most importantly, it must be remembered that certification itself is not an end in itself. This is only an opportunity to confirm your skills and knowledge in a way that is not related to the education system in the Russian Federation.
I hope this information will be useful for you.
Thank!
')
Source: https://habr.com/ru/post/182296/
All Articles