The Certified Ethical Hacker (CEH) certification has become one of the hottest certifications in the INFOSEC field. I have been seeing a lot of job postings requiring or desiring candidates with this certification. Some of the federal contractor jobs are offering $120k+ per year! Employers these days (especially the federal government) want their employees to have a “mind like a hacker.” Having the skills to do penetration testing on your own network has become highly sought after after all the recent high profile data breaches. The OPM data breach was a big wake up call for the federal government and they are hiring thousands of cyber security professionals. Having the skills to use the open source network penetration tools is key.
I recently took and passed the CEH exam and used Matt Walker’s CEH Certified Ethical Hacker All-in-One Exam Guide, Third Edition with awesome results. I considered doing a 5 day boot camp, but decided to try a self study first to see how difficult the material was. I felt like this book covered the material well enough to pass on its own with out having to use additional exam simulators although any extra studying wont hurt your chances. Already having the CompTIA Security+ really helped me understand some of the concepts in this book. I’ve taken a lot of certification exams and have read through many certification books and this is honestly one of the best ones I’ve used so far. The book’s author is really good at keeping the material interesting and entertaining. There were even a few parts that were funny! Enough for it to not seem like such a chore to read through. The material is condensed into easy to comprehend sections. I found the official EC Council material to be very dry and hard to get through. This book does a much better job of keeping the concepts interesting. Even though you wont learn and master everything you need to know to become a true “ethical hacker,” most people will be able to pass the test using just this book. The exam itself seemed much easier than I was prepared for after doing the practice questions in the book. The actual test questions felt very familiar to the style of the book. One thing to keep in mind while studying this material is the practical use of some of the networking tools. Make sure that you are comfortable with the tools in the labs. NMAP sticks out as one of the tools that had a lot of uses on the actual test.