Code of Conduct and Ethics: As an ethical hacker you will need to make sure that you adhere to a code of conduct or ethics to ensure you remain trustworthy (and employed).
In the case of EC-Council’s CEH credential you are expected to adhere to their Code of Ethics in your dealings lest you be decertified.
In order to make sure you fully understand what you will be expected to abide by when you become a CEH, I have provided the official EC-Council Code of Ethics here (with slight rewording for clarity).
Read it to make sure you are comfortable with everything expected of you as a CEH.
- Keep private and confidential information gained in your professional work (in particular as it pertains to client lists and client personal information).
Not collect, give, sell, or transfer any personal information (such as name, email address, Social Security number, or unique identifier) to a third party without client prior consent.
- Protect the intellectual property of others by relying on your own innovation and efforts, thus ensuring that all benefits vest with its originator.
- Disclose to appropriate persons or authorities potential dangers to any e-commerce clients, the Internet community, or the public that you reasonably believe to be associated with a particular set or type of electronics transactions or related software or hardware.
- Provide services in your areas of competence, being honest and forthright about any limitations of your experience and education.
Ensure that you are qualified for any project on which you work or propose to work by an appropriate combination of education, training, and experience.
- Never knowingly use software or a process that is obtained or retained either illegally or unethically.
- Not engage in deceptive financial practices such as bribery, double billing, or other improper financial practices.
- Use the property of a client or employer only in ways properly authorized and with the owner’s knowledge and consent.
- Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.
- Ensure good management for any project you lead, including effective procedures for promotion of quality and full disclosure of risk.
- Add to the knowledge of the e-commerce profession by constant study, share the lessons of your experience with fellow EC-Council members, and promote public awareness of benefits of electronic commerce.
- Conduct yourself in the most ethical and competent manner when soliciting professional service or seeking employment, thus meriting confidence in your knowledge and integrity.
- Ensure ethical conduct and profession care at all times on all professional assignment without prejudice.
- Not associate with malicious hackers nor engage in any malicious activities.
- Not purposefully compromise or cause to be compromised the client organization’s systems in the course of your professional dealings.
- Ensure all penetration testing activities are authorized and within legal limits.
- Not take part in any black-hat activity or be associated with any black-hat community that serves to endanger networks.
- Not be part of any underground hacking community for purpose of preaching and expanding black-hat activities.
- Not make appropriate reference to the certification or misleading use of certificates, makrs or logos in publications, catalogues, documents, or speeches.
- Not be in violation of any law of the land or have any previous conviction.
