Related Posts
What is designation at Senior 1 level ??
Hi Fishes,
This is on behalf of a friend .Can someone please put on some light on the below query ?
Company : Morgan Stanley
Designation : Associate - Global
Role : Compliance Technology Strategy
Division : Legal and Compliance
How is this position for a BE+ MBA , total 3+ years of IT experience in top MNC.What would be the expected CTC and next hierarchy designation ( after a promotion ) ? Morgan Stanley
I hope some genuine people are their in Fishbowl
Just now finished my MBA, So I'm looking for a role in Finance domain and I would appreciate your support.
My focused area is Investment banking, Financial markets, Financial analysis and reporting
I know you people will help me and I'm very grateful for you guys.
https://www.linkedin.com/in/manju-ram
How to Clear Sitecore 10 Certification?
More Posts
Kindly provide 4 more likes for DM. help pls
How do you quit your job at an agency?
Additional Posts in Cyber Security Bowl
Is Optiv a good place for pen testing jobs?
New to Fishbowl?
unlock all discussions on Fishbowl.



A lot of technical practitioners see things like the OSCP or some SANS certs as a ground floor for security work. For pen testing, it’s a great floor to start from.
For people who implement security solutions/systems, they typically see particular tool or ecosystem certs as the way to go.
CEH has its place for those starting out and want to learn basic stuff about attackers, but it just scratches the surface. A lot of folks in the pen testing/offensive side kinda shit on it because there of lots of others who like to pose as pen testers/offensive and people who worked hard at becoming offensive professionals think it makes them look bad/ill informed/etc. Sort of like a first year little leaguer acting like they know what it’s like in MLB.
Use it as a learning experience, but it’s a first step and not and end to anything. So don’t be a CEH-bragger, but
All of this. I’d also add that early versions of the CEH had a lot of questions like, “What’s the proper nmap flag to perform $type scan,” to which even most experienced people would simply say, “Who cares? Just run nmap -? and read the results. Besides, how else do you learn about new features?!”
I think it’s gotten better, but this is just one of the endemic challenges of writing an exam-based cert in an area where creativity is as valuable as repetition.
I appreciate these initial responses. I’m honestly just starting out making an attempt to immerse myself in the offensive side of things. I’m using my prep for the cert as just more training to expand my understanding of these types of concepts. Coming from the defensive and policy side of the house, I figure this is at least a decent little curriculum to to help me with that, leaving me to work those necessary countless hours on the practical application over the years to come. I’m merely trying to see what the rub is from all you folks out there.
Definitely not pride.... just something else to force me to learn something new (conceptually).
It’s a good cert for DoD work but commercial just go straight for OSCP and if your new to cyber in general Sec+ or Net+ would serve you better to get fundamentals down.