Today, with everything going online, from individual identities to global financial transactions, cyber space has become the new hotbed for criminals. Cyber attacks are almost inevitable, from anywhere at anytime, and the most terrifying facet is our unawareness of the attackers skills, funds, persistence and motivation, to be able to ascertain the intensity of the threat. Certified Ethical Hacker (CEH) is a professional that provides legitimate hacking services to organizations and the core responsibility is to identify vulnerable security loopholes in systems. The objective is to avoid black hat hackers and other dangerous elements from exploiting the organizations systems for ulterior motives or gains. The International council for e-Commerce Consultants has provided this safeguard for companies.
Purpose & Objective of CEH
The purpose of CEH is three-fold:
- It governs standards for specialists in ethical hacking to improve information security.
- Provide certified individuals with special hacking skills for organizations that are creating strategies to enhance information security.
- Recognizer and regulate the profession of ethical hacking.
The objective of CEH is to:
- Deliver a candidate who is beyond competent to manage information security
- Develop a competency to recognize and understand system attack techniques such as Trojans and viruses.
- Get an in-depth understanding of security aspects like Firewalls, Honeypots and IDS, to name a few.
- Become an expert in advanced concepts, of which some are securing IIS & Apache servers, advanced network packet analysis, using Powershell for Windows system admin.
- Stay abreast of the latest mobile development technologies in Android, iOS, Window phones and HTML.
Benefits of CEH
The EH certification helps you comprehend a hacker’s mind-set, allowing you to think and function like a hacker so that you are able to find glitches in the system in the same manner as a real hacker would. CEH teaches you the fundamentals of system exploitation, its vulnerabilities and countermeasures that can be used.
You master aspects of hacking such as, penetration, footprint, testing and reconnaissance. Social engineering is also an important aspect.
System attack techniques such as Trojan horse, viruses, worms and backdoor are also learnt during the CEH training. Other aspects also taught are, Dos (denial of service) attacks, session hacking, buffer overflow, system hacking and SQL injection. Hijacking web applications or web servers is also something you may learn, along with evading firewalls, IDS and Honeypots.
One frequently ignored aspect is soft skills. Being ethical tops the list. It’s followed closely by motivation, communication and problem solving skills.
The job market for CEH is very lucrative. The huge demand for demand in the global market for ethical hackers as security remains deeply embedded in every company’s strategy even as IT spend has grown to a staggering $4 trillion and $49 billion for security services a lone.
In the first year alone, an ethical hacker could well rope in $50,000 as annual salary, rising to $120,000 for a CEH with a few years of experience. The average salary of a CEH is pegged at $92,000.
A CEH certified person has the option of many job roles such as, forensic analyst, security manager, intrusion analyst, CND (Computer Network Defence) analyst, CND Incident Responder, CND auditor and CND Infrastructure Support.
Eligibility and Prerequisites
For a person to attempt CEH successfully there are a few prerequisites. The candidate must have, sound knowledge in TCP/IP, experience that is Information Security related and some education that is indicative of specialization in Information Security.
IT security officers, security administrator and auditors can take up CEH as a profession.
Examination and Certification
To complete the CEH requires a minimum 70% pass score in a multiple question exam, which has 150 questions and 4 hour to answer them in.
The certification is at a cost of $500.