Passed CEHv8 - Thoughts and Study Tips

ZzBloopzZZzBloopzZ Posts: 192Member
Took the test yesterday and passed with a score of 88%. I took my sweet time (spent little under 3 hours) and marked 2-3 questions intentionally wrong in hopes to avoid CRA (ridiculous that we even have to THINK about doing this).

As so many have stated before, it is basically Security+ but with also questions about tools/syntax and reading related logs/reports to identify type of attack.

I definitely OVER studied, but have no regrets as I learned things that will help me for life in this career. I honestly have never studied so hard before either and am truly proud with myself. (Studied for 2 weeks, 4-6 hours on weekdays and 10+ on weekends.) I tried to UNDERSTAND everything to very low level detail. From basic subnetting, hex/dec/binary conversions (had to learn how to do long division and multiplying large numbers again, embarrassed to say!) and how 3 way and 4 way handshake work in full detail. I also memorized/understood all of the main vocabulary words, ports, and syntax for the main tools. Ran a VM with Kali and played around with the tools for about an hour total.

Study Material (In Order Used):

1. CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition
2. VTC CEH Videos (Took just 2 days to go through the parts I was interested in. Greatly helped with the tool demos and especially the Cryptography chapter.)
3. Nmap 6 Cookbook - The Fat Free Guide to Network Security Scanning eBook ($5 for Kindle version on Amazon)
4. Random YouTube videos to understand basic subnetting and hex/binary/decimal conversions. Then did bunch of practice samples each morning for 30 minutes for 2 days until I internalized it.
5. Total Tester (Comes with AIO book, no need to buy bundle) - Used last 2 days before exam, and re-read items I got wrong.

Study Method/Tips: (2 weeks total, since there were 2-4 days I did not study at all due to busy life)

- Firstly, buy a blank notebook and write all of your notes in there. This will help with organization since I did it on blank sheets of paper and have over 15 sheets unorganized all over. Really wish I used a notebook. Also, buy those narrow stickies to make place holders for interesting things in the book. For tool type stuff, I would put stickies on the top of the pages, and things I had to memorize/concepts to understand I put stickies to the right/left of the page.
- Started studying 9/1 and read one chapter a day of the AIO book. I took my time reading and tried understand the concepts properly. Then would do review and then practice exam. The chapters that I did the worst on I marked them down as a reminder in my notes.
- Then watched the VTC videos which re-affirmed much of the things in the AIO book. Especially helpful for the various tools, most in linux which helped since AIO was mostly Windows tools. The Crypotgraphy chapter was especially useful. I only watched the videos for topics that I was not confident about so basically took me 1.5 days to go through.
- Watched YouTube videos to further understand basic subnetting and hex/binary/dec conversions.
- Installed Kali and played around with the tools for about an hour.
- Read "Nmap 6 Cookbook - The Fat Free Guide to Network Security Scanning" - VERY helpful to fully understand nmap. It is straight to the point with examples. There is no fluff or BS, it took me just 2 hours to read it. I skipped the last 2 chapters which were for more advanced stuff.
- Then I re-read each chapter review in the AIO book, and re-read sections that were helpful. Especially parts where author says it is on exam.
- Last 2 days, did Total Tester non stop and learned concepts for questions I got wrong. This was the most helpful in the end, as there were some questions I thought I knew but was thinking too hard for about the answer.

The main issue I have with the exam is that the wording can be tricky. There were few questions where technically 2 questions could be correct. You just have to not think too hard. Also, it asked questions about outdated operating systems from 2000 and before. Pretty ridiculous. Also, read up on PCI DSS and access controls (such as MAC, DAC etc.) on Wikipedia as that was not in my study material.

No need for Boson IMHO, since this is a low level exam. However, to repeat myself I learned ALOT and and felt that it was worth it.

Next step, I plan to attack CISSP and plan to study for 6-8 weeks. However, since there is a new exam I am going to wait for end of the year for updated books to be released. Start studying early 2016 when it is dark/cold outside.

Thanks everyone for the support and feedback. I would have not been able to pass this exam without this community. I was always intimidated by the exam due to the $3000 fees until I learned about the application waiver process for self-study here.


Extra Tips:

1. Take your time on the exam, 4 hours is MORE then enough to take your sweet time and review questions before going to the next section. Once you complete a section, you cannot go back.
2. Don't drink too much water 2 hours before exam, use restroom before exam. I almost pissed my pants towards 3/4th of the exam due to too much water LOL. Wasn't sure if I was allowed to take bathroom break so I just kept it through.
3. It's best to make a long term goal. Make a definitive date of when you want to take the exam.
4. Don't let your pride/ego get in the way. I originally had scheduled the exam for 9/18, but I just did not feel ready, so decided for 9/21. However, was still some doubt on 9/20.. so finally scheduled exam for 9/22. I basically took my dad's advice on this, only take the exam when you are 100% ready/confident. Pushing back a few days or even week is nothing in the bigger picture. He has over a dozen certs including CCIE etc. Glad I pushed it back those 3 days in the end, as it really helped me alot once I started doing the practice exams.


  • fuz1onfuz1on Posts: 961Member ■■■■□□□□□□
    Congrats on CEH and good luck on CISSP! Great score and write-up, BTW | ProHacker.Co(nsultant) | ITaaS.Co(nstultant) | | @fuz1on
    Transmosis | | LinkedIn |
    If evil be spoken of you and it be true, correct yourself, if it be a lie, laugh at it. - Epictetus
    The only real failure in life is not to be true to the best one knows. - Buddha
    If you are not willing to learn, no one can help you. If you are determined to learn, no one can stop you. - Unknown
  • cyberguyprcyberguypr Senior Member Posts: 6,841Mod Mod
    Congrats on the pass!
  • Mike7Mike7 Posts: 1,062Member ■■■■□□□□□□
    Congrats and thanks for the write-up.
    However, to repeat myself I learned ALOT and felt that it was worth it.

    Then did bunch of practice samples each morning for 30 minutes for 2 days until I internalized it.

    Yup, that's the way. Most infosec exams have subject areas that overlap, the difference is usually in the depth of knowledge required and the perspective/priority different exams focus on.

    Some of the knowledge gained in CEH will come in handy in your CISSP study. Just remember to put on the infosec manager hat and remove the ethnical hacker hat while studying.

    Look forward to your CISSP exam review. :D
  • dragonsdendragonsden A bunch of em... San DiegoPosts: 228Member ■■■■□□□□□□
    Nice write up and congrats on the pass! You study method seems almost identical to mine. I'm taking the exam tomorrow morning, doing last minute studies. Did you have any subnetting questions or binary/hex conversion? I'm going to do some refreshers on this if you tell me yes. I know there are a few subnetting questions which I'll need to prep for.

    On my practice exams, I'm scoring 84 - 87%. But I'm doing a careful note review and going over fuzzy concepts. Hope to get this in the 90%s. I've definitely over prepared to. I just hope it pays off tomorrow. But sounds like if I ace this thing, I'll get audited? That sucks...Ive worked my ass of so I can ace this thing.
    Dragonsden, MSISA:WGU
    Currently Studying: DevSecOps / Ansible
    Love FreeNAS? Well, this guy is giving away a FreeNAS 'NAS' for 'FREE'!
  • ZzBloopzZZzBloopzZ Posts: 192Member
    There was no hex questions at all.

    There were 2 questions that had CIDR notation, but with common sense for those particular questions I did not need to convert anything. /24 means all IP's 0-255.

    Best of luck!
Sign In or Register to comment.