I just passed CEH with 92%. As much as I dislike CEH and EC Council I had to take this for the WGU MSISA. Studied (more like REVIEWED) on and off for 2 weeks. Having been through CISSP and GCIH made this real easy but that mean ti gained no new knowledge.
Resources
- Matt Walker 2nd edition AIO book
- CEH Certified Ethical Hacker Practice Exams book also by Walker
- some of the iLabs
- Boson practice exams
One of the questions I had was repeated verbatim 3 times. I've never seen this before in 15+ certification exams I've taken. Same concept asked differently yes, never the exact same question. Another thing that struck me as odd is that some questions had only one valid answer that anyone with no experience could've gotten correct. An example would be:
"Which part of the car is responsible for producing music"
A) Wings and ailerons
Periscope
C) Speakers and radio
D) Sail
Also saw some questions that answered themselves, like:
"What kind of shotgun do you use to hunt birds?"
A) shotgun
revolver
C) pistol
D) rifle
I can't recall any grammatical errors as others have mentioned. But I gotta be honest, I didn't read the whole thing as I was able to discern the answers quickly.
Must know your tools. Understand NMAP, Nessus, hping, Metasploit. Know the TCP/IP stack. Understand how things react to the different tools. Know what happens on each phase of the hacking ethical hacking process.
Conclusion: this exam is WAY overpriced. It's absurd that it costs the same as the CISSP which has proven to have big ROI. Due to the tools covered it is definitely a step above Security+, but just a tiny step. Someone here called it "Hacking+" and that is definitely appropriate. I think it provides a good overview of the ethical hacking process and is more than enough to give those who like to pursue a career in practical security a glimpse of what's involved. If you've done other higher level stuff then there will be next to zero value for you.
