The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

CISSP, CEH and GCIH: Which Is Right for You?

EC-Council CEH


CISSP GCIH CEH Bewildered security guyYou’ll need two years of IT experience, validated through EC-Council’s application process, to take the CEH certification exam.


If a candidate attends official training, however, either at an Accredited Training Centre, via the iClass platform, or at an approved academic institution, then the candidate is eligible to attempt the CEH exam without going through the application process.


To improve your chances of passing the exam, you should still ideally possess two years’ worth of IT experience. You should also have a good knowledge of TCP/IP, Windows Server and a basic familiarity with Linux and/or Unix.


Certification is gained by passing CEH Exam 321-50, a 125 question, multiple choice exam. You’ll have four hours to complete the exam; a passing score of 70 percent or better is required for certification.


As with (ISC)², professionals are recommended to study for the certification through Accredited Training Centers, that will possess the most up-to-date curriculum, practical labs and official instructors.




While there are no official prerequisites for GCIH certification, you should possess an understanding of basic networking protocols and security principles as well as experience with Windows Command Line.


To achieve a GCIH certification, you must pass the GIAC Certified Incident Handler (GCIH) exam, composed of 150 questions. You’ll have 4 hours to pass this proctored exam. Get a passing score of over 73 percent to achieve your GCIH certification. GIAC exams are open book and you’re encouraged to take advantage of this.


While no specific training is required for GCIH certification, there are many routes to learning the certification objectives. GIAC recommend practical experience, independent study or GIAC courses from training providers.


Certification career prospects and earnings


Certifications are a brilliant way to learn new skills, but it’s important to consider your potential career opportunities too.




CISSP commands a huge amount of respect across IT (and HR!) and will greatly improve your chances of landing high-paying job roles. Top roles, like the CISO (Chief Information Security Officer) in IT security often cite the CISSP in job specifications.


CISSP-certified Chief Information Security Analysts (CISO) earn an impressive median salary of $160,000 (PayScale).


EC-Council CEH


By familiarizing yourself with how criminal hackers think, you’ll be better prepared to secure your own business, or any businesses that hires you.


EC-Council’s CEH is a great fit for roles like penetration tester where CEH certified professionals can earn an average salary of $88,500.


It’s worth noting that penetration testing is a domain in which hands on experience is highly desirable. Because of this, make sure to supplement a CEH certification with on-the-job experience.




GIAC are invested in providing certifications that align to job roles. As such, the GCIH is uniquely focused on hands-on skills necessary for the job role of an Incident Handler.


GIAC certifications are a good indication of cybersecurity skill and knowledge and are used by employers to select employees for hiring and promotion.


These certifications fill gaps in security knowledge and few other qualifications cover the same material. Plus, GIAC certifications also contain invaluable practical knowledge, proving you know how to perform the task required.


“Not only did my GIAC certification help display my capabilities to my future employer to land a new and exciting job, but the skills obtained during my training and testing saved a great deal of their budget dollars,” says GCIH-certified Jared McLaren.


GIAC GCIH holders can expect good salary prospects too. The average salary for a GIAC holder with 1-to-4 years of experience is $72,000. This increases to $100,000 for 10-to-19 years of security experience (PayScale).



Alex Bennett of Firebrand TrainingAlex Bennett is a technical writer for Firebrand Training. Working at the forefront of the IT training industry, Alex uses his insider knowledge to write regularly on IT security, networking and cloud technology.