Just passed my CEH =)

ChaseBenfield

Hey all,

I just passed my CEH exam a few days ago at Pearson VUE and thought I might be able to save others studying a ton of time.

What I studied:

• Official CEH books (Volume 1, Volume 2, Lab Manuals, and Aspen pdf versions)
  
• Matt Walker AIO exam guide
  
• Sybex
  
• Boson

I also took an official "bootcamp" through New Horizons. This included a virtual lab environment to complete a small set of labs on Windows Server 2008, Windows Server 2012, Windows 7, and Backtrack systems without internet access.... This proved to be utterly useless (although other online hacking bootcamps have a better rep).

I took the initiative to set up a hack lab on Windows 7 Ultimate with Kali Linux, Windows 8, Windows Server 2008, and Windows Server 2012 Virtual Box VM's. With these I went through all labs provided in paper version and aspen pdf version lab manuals (more in pdf and the pdf books actually have pages of text to accompany slides in paper back version). I also played with all the tools provided not covered in the lab manuals.

What WAS NOT on the Exam:

• ANYTHING FROM MATT WALKER AIO EXAM
• ANYTHING FROM SYBEX Other than information you may need if you don't know basic networking and the like.
• ANYTHING FROM BOSON I learned a ton of information since I studied all rights wrong answers and scored 100% just didn't help for the exam.

What was on the exam:

• TOOLS, TOOLS, TOOLS from lab manuals. Many with specific questions on the operation of tools, and syntax of command based tools.
• QUESTIONS ON RECENT EXPLOITS WITHIN THE LAST FEW YEARS FUNNY CONSIDERING OFFICIAL MATERIAL WAS COPYRIGHTED IN 2011
• SCENARIO QUESTIONS BASED OFF CONCEPTS FROM OFFICIAL MATERIALS Basically know how attacks work along with respective ports, protocols, architecture, victims/attacker relationships, and OSI layers. If you know this and can visually recall the processes in the slides you are good.

I post this because I was honestly ready for the exam months ago, but read online to study the Matt Walker, Sybex, and Boson. I always over prepare and knew the information from each like the back of my hand. When I realized all of that was for not I knew I had to post. Also, my voucher was for the CEH v8 but I have a sneaking suspicion my exam was CEH v9. Pearson VUE simply told me it was CEH 312-50. Luckily I keep up with security threats and want to know the inter-workings of them as they come out so I read a ton of white papers. Questions on the exam cover material outside the scope of the CEH v8 official course material, but it doesn't deviate into the AIO, Sybex, or Boson. The only information that was relevant from AIO, Sybex, or Boson IS ALREADY IN THE OFFICIAL COURSE WARE. It is faster to go through the course ware than to get familiar with all the information from outside sources.

Honestly the whole experience was really fun for me. I can't wait to dive deeper. I am studying for the CHFI now and will schedule that within the month. Not as hyped up for CHFI because the course material isn't very technical. I would prefer to move onto the Penetration Testing with Kali certification, but unfortunately I am under a scholarship atm and don't have the cash on hand to invest in that.

wayne_wonder

So you purchased the official courseware? isn't that like $850 or something like that?

ChaseBenfield

Honestly I am not sure. I used my Post 911 GI Bill which covered the "boot camp" and courseware. But I did have an argument with my friend the other day over some of the information and was able to easily search for the lab manuals and courseware free online through slideshare.

OctalDump

That's pretty awesome. My favourite:

I also took an official "bootcamp" through New Horizons. This included a virtual lab environment to complete a small set of labs on Windows Server 2008, Windows Server 2012, Windows 7, and Backtrack systems without internet access.... This proved to be utterly useless.

I did the 'v8' (I think, it was close to the change over), and found that there was stuff in the Boson that wasn't in the AIO that was tested, so I'm not sure that the AIO was ever completely complete.

psheehan5

Chase, thank you for the in depth post. I took the boot camp in August and am very interested in getting certified and pursuing this as a career path. However, I've kind of been put off by all the negativity surrounding the test content. It's nice to see folks succeed. Congrats again!
PS

danny069

Congrats!

TechGuru80

Don't start up the version nonsense again. You bought a voucher to take whatever version is released at the time of sitting...not the version out when you purchase the voucher.

Congrats on the pass.

grungeisevil

Hello there Chase (hope I got your name correct),

I'm studying for CEH too at the moment. A little overwhelmed with all the tools to be honest. Without violating the NDA, would you mind sharing what's the breakdown percentage in terms of tools and their syntax, exploits, and theories?

I read that this version had like Risk Management, ALE/SLE, HIPAA, Threat Modeling, Incident Management, etc. Did you see those on the exam?

Thanks again Chase, and congratulations on the pass. Awesome job!

ablindsey

I just passed the CHFI yesterday, it will be cakewalk compared to the CEH

tmurphy3100

I am far from starting to study for this, but I wonder how useful the Pluralsight videos are...they are still adding more to the course.

mstd0n

Well done!

DAVIS NGUYEN

Congrats!

ccnpninja

Congrats!

Dollarhyde

Congrats

hermit84

I passed the exam today

hermit84

hermit84 wrote: »

I passed the exam today

Please forget v8. It is v9 already. No matter what voucher you have. AIO book is too simple for the exam.
What you should expect.
1. Review the exam outline,
Certified Ethical Hacker Exam Information

Tools/systems/programs are 32% (40 Questions)
2. Review the course outline,
http://www.eccouncil.org/Certification/professional-series/ceh-course-outline
Find and understand what are the possible tools and threat of each topic

grungeisevil

Congratulations hermit84,

Could you share if you saw questions like Risk Management, Threat Modelling, HIPAA/SOX/ISO, ALE/SLE calculations and the works?
How about scenario based questions? Would they revolve around theory or how the exploitation would work?

Thanks!

gncsmith

Congrats!

hermit84

grungeisevil wrote: »

Congratulations hermit84,

Could you share if you saw questions like Risk Management, Threat Modelling, HIPAA/SOX/ISO, ALE/SLE calculations and the works?
How about scenario based questions? Would they revolve around theory or how the exploitation would work?

Thanks!

Risk Management, Threat Modelling, HIPAA/SOX/ISO, ALE/SLE calculations (Yes)

Scenario based questions (Both)

Tr1x5Ta

Congratulations!!

fuz1on

congrats!

ChaseBenfield

grungeisevil wrote: »

Hello there Chase (hope I got your name correct),

I'm studying for CEH too at the moment. A little overwhelmed with all the tools to be honest. Without violating the NDA, would you mind sharing what's the breakdown percentage in terms of tools and their syntax, exploits, and theories?

I read that this version had like Risk Management, ALE/SLE, HIPAA, Threat Modeling, Incident Management, etc. Did you see those on the exam?

Thanks again Chase, and congratulations on the pass. Awesome job!

Hey,
Honestly I am not 100% sure of the specifics for Risk Management, ALE/SLE, HIPAA, Threat Modeling, Incident Management, but that rings a bell. I am very familiar with all of that information from a combination of experience, my undergraduate/graduate degrees, and studying for my PMP. I generally just thank my lucky stars for those questions and move on to the next one without much thought. I can say that nothing from those knowledge areas was deep in the weeds, but that could be due to my previous exposure.

Considering tools, my only advice is to get hands on in a lab and keep logs analyzing you're approach and results. There was a wide range on the exam.

BillV_

grungeisevil wrote: »

I'm studying for CEH too at the moment. A little overwhelmed with all the tools to be honest. Without violating the NDA, would you mind sharing what's the breakdown percentage in terms of tools and their syntax, exploits, and theories?

I read that this version had like Risk Management, ALE/SLE, HIPAA, Threat Modeling, Incident Management, etc. Did you see those on the exam?

https://cert.eccouncil.org/images/doc/CEH-Exam-Blueprint-v2.0.pdf

grungeisevil

BillV_ : Thanks for the link!

BillV_

No problem. The pieces you were asking about would fall in II. Analysis/Assessment (16 questions, 13%). Good luck with your studies.

slyweex

Hi there everyone,

Just passed my CEH today. Took me 45 minutes to pass with 80+ percent score. In fact it wasn't that bad as many people here whined. I do have some experience in the field of security (thouh I'm not a pen-tester) and that surely helped.
Most of the questions I've seen already on different testing sites (skillset, sample CEH tests around the Internet) in slightly different wordings. Either way the questions are pretty simple if you understand the topic and not trying to memorize the exam ****.
I believe the question set was of an updated version, as i've seen several questions on year 2014's exploits.
yes, there were couple of questions related to the ALE, HIPAA and other weird looking acronyms, but guys, seriously, it is not a rocket science and if you are able to multiply couple of numbers and understand what the word 'annual' means - these won't surprise you.
The exam definitely needs prior knowledge. Just remember, that it is an exam to test your security expertise, which, for the notice, is very valuable in the world. Don't expect an easy ride as you have to know how systems work beforehand and memorizing everything just won't work.
What i've used in my study was Matt Walkers second edition book and ECCouncil's study outline. What I'd done - read both, googled everything, that was unknown or unclear for me and wrote down for my further reference. Also I've played around with the mentioned tools. The same applied to the newly added material - mobile threats, cloud computing and so on.

On the other hand there were several errors in wording, mistypings and unclear questions. I believe it is what had cut my score by 14 percent.
So as the final word - don't be afraid and dig deep to find your answers and good luck on the exam.

impelse

Congrats guys