Post of Shame: Missed the CEH v8 by 3 Points
Failed the CEH v8 by 3 points. Not happy. I feel like two months of study has been wasted. And it's the first certification/license exam I've failed. Through my study of the CEH, I've felt like maybe technical security is not for me, as reading stuff from the world of compliance/audit/governance/controls/risk comes naturally to me, however I felt like it was just much more difficult to study for this exam. I feel like failing this has reinforced that feeling. The sheer amount of information in the study materials is overwhelming. I even did well to memorize the common ports, nmap switches, what the mainstream tools do and in what situation they would be used. I felt really good going into the exam, during it I was feeling decent, not great, not bad, just ok.
Study resources used:
Certified Ethical Hacker (CEH) Cert Guide by Michael Gregg (new one for the v8 )
Official EC Council CEH courseware
Kali Linux and Metasploitable home lab
Admittedly I went light with the labbing, however I did not feel the test questions were overly technical nor would 500 hours of labbing have helped. I'm very disappointed that EC Council does not give you a print out with a score in each of the domains. That's awful in my opinion.
I'm open to any recommendations, thoughts, help. I'm planning on going back to studying. I will immediately switch to the CEH Certified Ethical Hacker All-in-One Exam Guide as that has been the tried and true resource in the past. I'm also going to dedicate a lot more time to labbing, even if I feel that wasnt the major factor in failing.
Alternatively, I'm thinking of just going line by line in the CEH outline/syllabus and studying each topic directly. I've had great success with doing that in the past.
Study resources used:
Certified Ethical Hacker (CEH) Cert Guide by Michael Gregg (new one for the v8 )
Official EC Council CEH courseware
Kali Linux and Metasploitable home lab
Admittedly I went light with the labbing, however I did not feel the test questions were overly technical nor would 500 hours of labbing have helped. I'm very disappointed that EC Council does not give you a print out with a score in each of the domains. That's awful in my opinion.
I'm open to any recommendations, thoughts, help. I'm planning on going back to studying. I will immediately switch to the CEH Certified Ethical Hacker All-in-One Exam Guide as that has been the tried and true resource in the past. I'm also going to dedicate a lot more time to labbing, even if I feel that wasnt the major factor in failing.
Alternatively, I'm thinking of just going line by line in the CEH outline/syllabus and studying each topic directly. I've had great success with doing that in the past.
Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Comments
This! The boson exam had me confused when I was going through the questions. I said "what on earth, where are these coming from?"
But sure enough they're spot on! Couldn't have passed without them since it really tests if you know the info.
I really think the AIO books are great. The practice exam book does a great job of explaining why each answer is right or wrong.
“You build on failure. You use it as a stepping stone. Close the door on the past. You don’t try to forget the mistakes, but you don’t dwell on it. You don’t let it have any of your energy, or any of your time, or any of your space.” - Johnny Cash
You'll crush it next time.
I never felt study guide will a good thing to be use as a primary resources. How you consider to read Chapter 3 onwards of counter hack reloaded and latest edition hacking exposed to be use along with the study guide?
Anyway, since you failed by 3 score, making the mark again would be really easy for you.
It is your personal IPS to stop the attack.
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Did you do any practice tests?
I generally try to avoid taking tests unless I'm consistently scoring WAY above the pass line. Taking more difficult practice exams like Boson's would probably be a good approach too (though I haven't personally used them). Keep your chin up though. It obviously interests you or you wouldn't have started down this path. So just try a different approach.
I got an 88 on it and I blazed through the test, but I was very prepared. Learned my lesson when I took the Sec+ without really studying after CISSP, and got a 751. Passing is a 750.
You took Sec+ after CISSP? I feel like a comment like that should automatically be followed by an explanation, lol.
I can tell you that you are on the right track with that thought. I found this test really difficult in that for lack of better words I had to "dumb it down." The level of thinking is not similar to the CISSP. I was really frustrated with this exam and the CHFI because of their structuring and sub-par grammar. If you're doing this for the MSISA the transender quizzes were lousy. I wish I had known about Boson, I would have given them a try.
The scope of this test alone is mind boggling.... 19 domains... really? some questions are really deep in the weeds asking you about a proper commands or output and the choices have an extremely subtle difference. Then some questions are so darn obvious that you second guess yourself as the answer you think it is could not possibly be that obvious.
I'd be interested to hear your thoughts about the Boson exams.
It sounds like the questions are weighted, with some being worth more points than others.
I mentioned in another thread that the Boson CEHv8 practice exam are currently based on CEHv7 references. Some of the CEH modules only have a few questions, while other modules have quite a few. Boson also claims that any topic you may see in its CEHv8 practice exams is not necessarily found in the actual CEHv8 objectives. I'd like to see a question-by-question comparison with the Security+ practice exam to see how many questions are duplicated between the two products.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
I'd be curious to see the same...
Michael Gregg: ISBN-13: 978-0789751270
CEH Study: https://play.google.com/store/apps/details?id=com.pintarify.ceh
Tools/Systems/Programs -- It had to be from this. It's weighted 32%
A
network/host based intrusion
B
network/wireless sniffers (e.g., WireShark, Airsnort)
C
access control mechanisims (e.g., smart cards)
D
cryptography techniques (e.g., IPsec, SSL, PGP)
E
programming languages (e.g. C++, Java, C#, C)
F
scripting languages (e.g., PHP, Java script)
G
boundary protection appliances (e.g., DMZ)
H
network topologies
I
subnetting
J
port scanning (e.g., NMAP)
K
domain name system (DNS)
L
routers/modems/switches
M
vulnerability scanner (e.g., Nessus, Retina)
N
vulnerability management and protection systems (e.g., Foundstone, Ecora)
O
operating environments (e.g., Linux, Windows, Mac)
P
antivirus systems and programs
Q
log analysis tools
R
security models
S
exploitation tools
T
database structures
hang in there! Good things don't come easy. No doubt if you study some more you will pass the 2nd time!
M.I.S.M: Master of Information Systems Management
M.B.A: Master of Business Administration
Now excuse me while I go cram on tools and command lines.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Well the one thing we have in common other than just barely failing is that we both used the Michael Gregg book. After reading the Matt Walker CEH AIO (v7) I can tell it's a much better book than the Michael Gregg book. The Gregg book is like a good on the job reference.
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Yea I've moved to the Matt Walker book too. I will follow that up with the Official CEH Review guide as it seems to be a concise book mapped directly to what the CEH v7 exam objectives were. From everything I've seen not much has changed.
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework