Taking CEH Saturday 8/1...tips?

zaaazaaa Member Posts: 18 ■□□□□□□□□□
in CEH
Hey all,

I'm taking the CEH on Saturday and have used the following material:
  • Boson ExSim
  • Read Matt Walker's Book - 2nd Edition
  • Went thru all CBTNuggets videos
  • Practice labs with Kali and vulnerable machines in VMs
I just took the second exam in ExSim and hit it right at 80% - I'm missing questions like "Which PCI DSS Requirement would you most likely run xyz tool". I know what PCI, HIPAA, NIST, etc. are - but the very specific questions on them I am missing.

Should I be OK with getting in the 80% range on boson? Should I expect to see very specific questions on PCI, NIST 800-30, etc? Anything else I am majorly missing I can knock out in the next day?

Thanks
· Share on FacebookShare on Twitter

Comments

  • Arnie335Arnie335 Member Posts: 63 ■■□□□□□□□□
    Hey Zaa - I used about the same resources as you and had no trouble with the exam which I recently passed 3 days ago. Boson was an awesome resource as it had full explanations of the questions I got wrong. Does your AIO contain the full set of practice questions? Those helped a lot too - as well as the Total Tester software that came with it (my book was digital, you may not have this). Anyhoo, here are some tips for you:

    1. Know nmap really well and know what responses you get from open/closed ports.
    2. Practice your subnetting (Boson has about 3 or 4 questions on that)
    3. Use your best judgement on questions you don't know the answer to. Sometimes keywords in the question and can point to the correct answer.
    4. Don't stress too hard!

    Good luck!
    · Share on FacebookShare on Twitter
  • diggitlediggitle Member Posts: 118 ■■■□□□□□□□
    Study materials I used:

    --Professor Messer's Nmap Secrets -- By far the best learning material for TCP/IP and NMAP.. icon_sad.gif It's no longer available i happened to get it before he no longer offered it. I've provided a link below for the course enjoy.

    *** link to professor messer's nmap secrets is below****

    https://www.dropbox.com/s/y382v623hu...Basic.iso?dl=0

    --Pearson's Certified Ethical Hacker Cert Guide
    --Matt Walkers Certified Ethical Hacker: Exam Guide (AIO) both 1st and 2nd editions
    --Sybex Certified Ethical Hacker Version 8 Study Guide
    --Android Eccouncil CEH app -- Really the best testing engine for CEH over BOSON. I used BOSON for Sec+ was fantastic but I've found that the official Eccouncil app is better.

    About Exam:
    Use process of elimination and when in doubt go with your gut feeling.


    Nmap, Snort, Wireshark, are the main in depth tools! You must know them very well. The rest is just knowing what tool is for which thingy ma bop..

    To make folks feel better about what type of questions they ask in regards to tools here:


    For example Disclaimer **this is not a question on the exam its just a similar**

    Engineer A has been asked to perform a test of a web application for a company. Which tool is best used for web application testing?

    A.) nessus
    B.) nmap
    C.) cain
    D.) TCP over DNS
    C.) nikto


    Good luck!
    c colon i net pub dubdubdub root
    · Share on FacebookShare on Twitter
  • zaaazaaa Member Posts: 18 ■□□□□□□□□□
    Thanks guys. I passed today - 80%. Not as high as I would like but a pass is a pass. In case anyone else reads the thread, the TotalTester software is very close to the CEH exam questions. Boson is good, but I would say more difficult than the actual exam (seems typical of Boson, CCNA was like that with them).

    If you were on a budget, I'm confident the Matt Walker book with Total Tester (included with the book) would get you a pass as long as you know the material in the book well and practice the tools. As others posted, nmap knowledge is an absolute must.

    CBT Nuggets was OK - not worth the money unless you already have the sub in my opinion. It is a good supplemental but personally I think you need more material than just that. CBT really shines with showing you all the hands on stuff and using Linux pentest tools. For some reason the Walker book is like 90% Windows tools, which is odd since I would wager most testers are using a Linux distro like Kali to do their actual pen testing with. I feel like CBT Nuggets was more real world where as the Walker book was more focused on getting an exam pass.
    · Share on FacebookShare on Twitter
  • Arnie335Arnie335 Member Posts: 63 ■■□□□□□□□□
    Right on, man! Congrats on passing!
    · Share on FacebookShare on Twitter
  • Carlp2Carlp2 Member Posts: 7 ■□□□□□□□□□
    diggitle wrote: »
    Study materials I used:

    --Professor Messer's Nmap Secrets -- By far the best learning material for TCP/IP and NMAP.. icon_sad.gif It's no longer available i happened to get it before he no longer offered it. I've provided a link below for the course enjoy.

    *** link to professor messer's nmap secrets is below****

    https://www.dropbox.com/s/y382v623hu...Basic.iso?dl=0

    --Pearson's Certified Ethical Hacker Cert Guide
    --Matt Walkers Certified Ethical Hacker: Exam Guide (AIO) both 1st and 2nd editions
    --Sybex Certified Ethical Hacker Version 8 Study Guide
    --Android Eccouncil CEH app -- Really the best testing engine for CEH over BOSON. I used BOSON for Sec+ was fantastic but I've found that the official Eccouncil app is better.

    I can't seem to find the official EC Council CEH app. Do you have any more details or a link to the play store?
    · Share on FacebookShare on Twitter
  • diggitlediggitle Member Posts: 118 ■■■□□□□□□□
    I don't see it anymore either icon_sad.gif I also used the one below though.

    ___https://play.google.com/store/apps/details?id=com.pintarify.ceh&hl=en
    c colon i net pub dubdubdub root
    · Share on FacebookShare on Twitter
Sign In or Register to comment.