Read what Salman, Khwaja had to say on LinkedIn: https://www.linkedin.com/pulse/how-ceh-experience-salman-khwaja-%D8%B3%D9%84%D9%85%D8%A7%D9%86-%D8%AE%D9%88%D8%A7%D8%AC%DB%81/
I have been certified as C|EH from EC Council recently. Grabbing that certification was like an experience in itself. It was no doubt a hard work combined with splitting time with office, family, and a non profit gig that I have been running. How was the journey? Well I was reading article, blogs, books, googling around terms, and watching you tube videos after my office hours. At times, I was wondering, just how much work I could do single handedly ?
I would say that my experience with the Certified Ethical Hacker (C|EH) by EC-Council was very good. The way that the course ware is laid out really makes you go the extra mile to attain the credential. You do not need to just study what was taught in class, you need to know the practical aspect too.
The best part about the training and certification was the consistency and thorough reading. I went through blogs, YouTube videos, C|EH books, and the CDs provided, but the best part is the practical implementation of how things are done when hacking a system. Hacking is truly a science and just an SDLC, it too has it’s phases, where information / work done in one phase builds up in next. By the way, it’s phases are RSGMC – Reconnaissance, Scanning, Gaining Access, Maintaining Access, and Covering Tracks.
I recommend the C|EH to Security Personnel, planning to build their career in Info Sec or Application Security.
So what are the tips one can learn from this certification experience. ?
First things first. Know the security landscape well, ranging from basic theoretical stuff like, hacking with permissions, to knowing your nmap (this is one tool, which you should master), and then knowing a bit about OWASP / Web Application exploits, regulations like HIPAA, PCI / PA DSS. Having an experience in Networks / Web Security and / or programming would help you also.