If you have ever
wondered what Ethical Hacking is, you have come to the right place.
The Ethical Hacker Certification, also called the Certified Ethical
Hacker (or C|EH), is the certification that is designed to get the
security professional up to snuff in their abilities to uncover
security flaws both from within and outside their companies networks.
This means that the Ethical Hacker Certification is there to help
people in their venture to become an ethical hacker. An Ethical
Hacker is commonly referred to as a White Hat Hacker in the
underground. These hackers utilize the same tools the unethical, or
Black Hat, hackers use, but they use them to help their company to
fix the vulnerabilities. That means that when a criminal hacker is
using their skills for their own gain, the ethical hacker is using
theirs to help organizations become more secure.
The latest version
of the Ethical Hacker Certification is C|EH Version 8. This version
was made publicly available on 8th May 2013 by
the International Council of E-Commerce Consultants.
When you take the
exam it is geared to help students evaluate their knowledge of
security in general. It also focuses on ethical hacking, focusing
particularly on a range of topics that are across seven knowledge
areas and six task areas. What the certification is supposed to do is
test the students knowledge of both the tactical methods and tools,
as well as the overall systems and security knowledge that is the
base of their ethical hacking skill set.
The seven knowledge
areas are as follows:
- Background - Web technologies, Protocols, Networking technologies, and more.
- Analysis/Assessment - Risk assessment, Systems analysis, Data analysis, and more.
- Security - knowledge of a range of policies, technologies and security domains.
- Tools/Programs/Systems - knowledge in operating systems, applications, methodologies and tools.
- Methodology/Procedures - Service Oriented Architecture, N-tier application design, cryptography, Security architecture, and more.
- Policy/Regulation - Compliance regulations, Security policies, and more.
- Ethics - The appropriateness of hacking, Professional code of conduct, and more.
The six task areas
are as follows:
- System Management and Development
- System Audits and Analysis
- Security Testing of Vulnerabilities
- Reporting
- Mitigation
- Ethics
To be eligible to
take the Ethical Hacker Certification you should have taken one of
the C|EH training courses at a registered training facility, though
it is not a requirement to take the exam. Students that wish to not
partake in the training sessions are required to show proof of at
least two years experience in the field of computer security. This is
to be done by submitting the eligibility application form along with
the application fee. For those students who have taken the training
course the exam can then be taken through a web based examination
system. If you training course does not include the cost of the
examination, there may be an additional charge for the examination.
Students who pursue a self study methodology will have to pay the
application fee as well as the examination fee to take the
examination. Typically the examination will have one hundred and
twenty five multiple choice questions to be answered. You are given a
four hour time frame to complete the exam. To earn a passing grade
and become a Certified Ethical Hacker you must achieve a minimum of
seventy percent on your exam.