CEH Help

cysec

Hello Everyone,

I am confused about the CEH exam question selection. Does EC select the exam questions from submissions by "industry experts" to use to test or do they create them "in-house" and vet them out through industry expert(s)/feedback before using to test potential candidates?

Perhaps if they create the questions "in-house" or not .... Due to the recent V9 update would purchasing the following directly from the "source" (EC-Council) https://store.eccouncil.org/product/cehv9-courseware-usm be a more appropriate option for realistic exam style questions / preparation?

I greatly appreciate any advice.

Thank you.

danny069

I'm sure they create the exam "in house" as you said and run them by a few people in the field. That being said, if you have an extra $850 to spend on top of the $600 for the exam I'd say sure go for it. If not I'd wait for the new CEH books to be released on amazon next year.

cysec

Thank you for the input Danny. I am currently reading Matt Walker until new materials are available.

Can anyone attest to EC's Courseware whether V8 or V9 being an accurate / realistic representation of exam questions presented during the actual test?

My concern is that regardless of the new material they (EC) have added to the exam the questions in the courseware purchase are not as representative of what is tested compared to other resources.

In other words, does Boson / other 3rd party testing materials depict better exam style questions regardless of the new sections added to V9?

Thanks.

tomatotux

I can tell you I used the v8 materials and a few extra study videos, but everything with the exception of the book was free and I passed this past weekend. It was tough but it is doable.

cysec

Congrats Tom! Thank you for the helpful post.

ChaseBenfield

Nothing from Matt Walker AIO, Boson, or Sybex other than information already in the official CEH v8 course material was relevant to the exam. Seriously, nothing. I just passed on DEC 17th and was a little frustrated I wasted my time with all that. Aside from the course materials, you are better off just keeping up with current attacks and creating a hack lab. Tools are the biggest part of the exam and although the questions are in multiple choice format there are very minute syntactical differences between available selections. Just study the official course materials and look into attack types you aren't familiar with doing yourself on OWASP. For example, how about them buffer overflows?: https://www.owasp.org/index.php/Buffer_Overflow

Sch1sm

Buffer overflows have been removed in version 9 of the course btw

cysec

@ChaseBenfield
1st - Congratulations!
2nd- Thank you for sharing brotha... This is exactly what I was hoping for... someone providing the type of experience/ feedback who has hit all the relevant materials including the recent exam
3rd- Time to go holiday $hopping @ the online EC store https://store.eccouncil.org/product/...courseware-usm lol
Last- Good luck on the CHFI!

All the best- Merry Christmas/Happy Holidays : )

John-John

This whole thing is so confusing. The scope of security is so wide. How can we possibly know every little detail and different type of tool that is being used. I want to take this test but I would like a clear outline of what I should study. If buffer overflows are being removed from the test then what else is changed? It seems like studying now is a waste of time because we don't know what to study.