Hello,

CEH = Certified Ethical Hacking (certifications, diploma, courses, notes, videos, training, et al).

My question is - can someone verify if this certification teaches techniques that are often the cause of real-world problems (in other words, useful in real life), or is it just another qualification that works only on paper, with people who passed walking around like Rambo, thinking they can hack AND prevent everything, but coming up woefully short in real life?

Perhaps any CEH here can opine on this?

(Well, not Rambo really, but the hacker in Swordfish played by Hugh Jackman...you get the idea...)

Have Phun

Hi Aimless,

CEH, CISSP etc are useful if you look for a work AND they guy hiring you has no idea of what it means AND the guy that watch the CV for him has no clue (or now power).

To me, it is a quick way to skip useless curriculae...

I second Maximus' opinion.

However we're talking about -certification-. A little paper that aims to show a company or a client you're not a complete retard and know your onions about IT sec, that's what they're for.
I'd say anyone who got interested in IT sec in any way can pass it and may not still be able to do incident response or a simple whitebox audit.

On the other side you have real technical and real-life cases oriented trainings/certifications (offensive security i guess, but i'm sure there are better ones), but they doesn't ring a bell when you mention it to the recruiter, especially outside 'murica...

If you want to increase the value of your CV, EC-council certifications may help a bit, but prefer some that is job-oriented (like LPT if you're doing pentesting or CHFI if you're doing forensics).
If you want something that `acknowedges` your technical level, don't do that.

I never took any SANS course but I heard some of them are technically valuable, maybe someone knows better.

It's all about business anyway, right?