The latest version of the Certified Ethical Hacker (CEH) Courseware is due to be released and presented for the first time at Hacker Halted USA 2008 in June. Many small details of CEH Version 6 have been peppered on the Internet, as well as snippets of teaser copy on EC-Council’s own web site.
“With a total of 28 new and never seen before modules, covering the latest concepts, featuring more real life cases, and showcasing the latest hacking and security tools, the Certified Ethical Hacker (Version 6) will be the most advanced course ever.”
So I requested an interview with EC-Council to see if we could get confirmation as well as clarification. The questions are compiled from my own list as well as some others that were suggested by readers of The Ethical Hacker Network (EH-Net). EC-Council replied in a very timely manner with answers from both Haja Mohideen, co-founder of EC-Council, and Chuck Swanson, the instructor scheduled to teach the very first v6 offering of the course.
Here are the extended bios provided by the interviewees themselves:
Haja Mohideen is the co-founder of EC-Council. He is the creator of popular certification programs such as CEH, CHFI, ECSA/LPT. More than 17 years experience specializing in the development, support and project management of PC software and hardware in distributed computing environment. Excellent communication, interpersonal and organizational skills. A professional with a proven record of success and excelling in the ever-changing field of computer technology. Haja has delivered security training to top fortune 500 companies and government organizations like Fedex, Deutsch Bank, US embassy, Pfizer etc.
Chuck Swanson has consulted and trained in Italy, Greece, Ireland, Netherlands, Japan, Korea, Hawaii and throughout the United States. He specializes in Systems Management Server, Exchange, ethical hacking, computer forensics, and clustering, providing services to customers such as the Department of Defense (US and other countries) and various nuclear plants on the east coast. He is an author, subject matter expert, and speaker/presenter for Microsoft, Element K and EC-Council. Chuck won a National Cable Ace award as Host of the syndicated computer TV show, “Point-N-Click”, which aired for 9 years on Time Warner Cable. He also appears frequently on local TV and the WFBL radio show, “Technology Geeks”, as a computer expert. He has attained the following certification: MCT, MCSE: Security, MCSE+Internet, MCITP: Exchange, MCTS: Exchange, CEH, CHFI, ECSA, LPT, MCNI, MCNE, CTT+, Security+.
1. Thanks for joining us Mr. Swanson. Can you tell us a little about yourself?
CS: Sure. Hope the profile above helps. Other than that, I am a consultant 50% of the time with the rest of my time spent training, speaking and writing. I also go to conferences like BlackHat, TechnoSecurity, CSI, TechEd and others to keep up to date.
2. How were you chosen by EC-Council to be the first instructor to teach CEH v6 at Hacker Halted USA 2008?
CS: Sanjay [Bavisi, President of EC-Council] asked me ;-)
Also, I’ve taught more CEH classes than anyone, except for Haja ;-) It’s probably over 35 now, since the program started. Evaluations in the classes I taught are probably around 8.7 out of 9 for hundreds of students, so maybe that helped, too. ;-) I don’t know. :)
3. Thanks to you as well Mr. Mohideen for giving us some of your time. Could you briefly explain the differences between v5 and v6 of CEH?
HM: CEHv6 has been updated with tons of new hacking tools, new hacking techniques and methodologies. The ?ow of the content is the same except each module is refreshed with more content and new material. The slides are also updated to make them more presentable. There are over 50 modules in CEHv6. There are over 6GB of hacking tools distributed with the courseware from the latest viruses to the latest trojans. It is the most advanced curriculum. Details of the course modules will be released on http://www.eccouncil.org/ in the first week of June.
4. When will v5 officially retire?
HM: CEHv5 exam will be available until June 2009.
5. Did EC-Council simply add new modules or also update the already existing ones?
6. Can you provide a list of the module names separated by which are required and which are optional/self-study?
HM: Modules 1 – 21 are required, and the rest are self study.
7. Depending on the provider of the training, the CEH course can run either 4 or 5 days. Many of our readers report that with v5, the instructor couldn’t cover everything in the courseware. Now that v6 has 20 additional modules, is the instructor-led course going to be longer than 1 week?
CS: I never had problem getting though the modules in v5 and lower. Remember, some of CEH v5 modules are optional. Maybe some instructors were trying to cover all optional/self study modules. As far as I know, the course is still one week. A lot of reference material has always been in course, but I’m not sure on the timing of v6 yet as I haven’t taught it. ;-)
HM: No. The course is the same at 5 days. The extra modules are given as self-study.
8. With the plethora of tools and techniques offered in CEHv6, how many are given hands-on treatment in the instructor-led course? As a percentage, how much of the course is dedicated to hands-on lab time and how much to lecture time?
HM: 50% theory and 50% labs.
9. I have the CEH credential myself. I and many others have expressed that the CEH curriculum contains too many tools that are either outdated or not used regularly by professional penetration testers. Haja, does v6 of CEH address this concern?
HM: Let’s understand something here. The CEH program is about HACKING TOOLS. It is heavily focused on tools. How can you go to war, if you are not trained on the weapons used? Our stand is very clear on this. The CEH program is very successful around the world because of the tools based approach. The CEHv6 continues to do so. For Penetration Testing Methodology, EC-Council provides the excellent ECSA/LPT track which is a 100% methodology based training program.
10. Can you expand on EC-Council’s philosophy behind the certification path from CEH to ECSA. What is the main focus of each and how does it apply to real world security job roles.
HM: Here you go.
1. You first start with mastering hacking tools and techniques. Example: Metasploit, HTTP tunneling, bypasses Firewalls, breaching IDS, spreading viruses, creating trojans etc., etc. You spend time playing with all the tools in the CEH program. In other words master the deadly hacking tools by preparing to go to war.
2. Then you move onto Security Analysis with the ECSA program. This program will teach you SNORT, Nessus, Policy issues and mostly the analysis component of the security triangle.
3. Lastly you focus on 100% Penetration Testing Methodologies and how to go about and actually conduct the test in an organization. The LPT program covers this. Here you actually fight the war.
Thank you both for joining us, and we hope you will make yourselves just as readily available for follow-up questions as you did in providing this set of answers. Our readers may find it irresistible in asking Mr. Swanson his thoughts after instructing the first ever course using v6 of the CEH courseware.
Donald C. Donzal
The Ethical Hacker Network
EH-Net's Informational Page on CEH
EH-Net's Discussion Board on CEH
Hacker Halted USA 2008