Passed my CEH!
grungeisevil
Member Posts: 39 ■■□□□□□□□□
in CEH
Apologies for the late post. I passed my CEH on 8th Jan, 2016. Took the class back in November last year. Spent about two weeks prior to the exam to study. Here are some things I saw on the exam:
1) Various Tools - Be prepared to know how these tools work from the syntax to the output. Suggest to install Kali and try it out vs. just reading. Saw atleast 10 questions on NMAP alone.
2) Heartbleed, Shellshock, POODLE - Know these vulnerabiities, how they are exploited, and what is the outcome of the exploitation. Expect to see scenario based questions here.
3) Other topics: Risk Management, Incident Management, Laws, ALE calculation, Types of penetration testing, Types of hackers.
I used the CEH v9 lab guide as my main source of reading, and Google to supplement. Practice questions can be obtained at www.skillset.com, which is FREE, btw. What helped me was of course having a hands on lab I built using Oracle VirtualBox and installing Kali Linux + W2k8 Server.
On the exam, I get a lot of questions asking if it was difficult. IMHO, it is not as difficult to a point that you're second guessing yourself at every question (yes, I faced this when taking CISSP). That being said, you stil need a solid understanding of all the chapters and some practice.
Will be more than happy to answer any questions. Thanks for reading my post.
1) Various Tools - Be prepared to know how these tools work from the syntax to the output. Suggest to install Kali and try it out vs. just reading. Saw atleast 10 questions on NMAP alone.
2) Heartbleed, Shellshock, POODLE - Know these vulnerabiities, how they are exploited, and what is the outcome of the exploitation. Expect to see scenario based questions here.
3) Other topics: Risk Management, Incident Management, Laws, ALE calculation, Types of penetration testing, Types of hackers.
I used the CEH v9 lab guide as my main source of reading, and Google to supplement. Practice questions can be obtained at www.skillset.com, which is FREE, btw. What helped me was of course having a hands on lab I built using Oracle VirtualBox and installing Kali Linux + W2k8 Server.
On the exam, I get a lot of questions asking if it was difficult. IMHO, it is not as difficult to a point that you're second guessing yourself at every question (yes, I faced this when taking CISSP). That being said, you stil need a solid understanding of all the chapters and some practice.
Will be more than happy to answer any questions. Thanks for reading my post.
Comments
-
danny069 Member Posts: 1,025 ■■■■□□□□□□Congrats! Thanks for the post. I am tackling this exam in March no matter what. The CEH lab guide, which has a lot of practice labs I assume, did you find it helped you a lot with the tools and how to exploit the vulnerabilities of shellshock, heartbleed, poodle, etc.?I am a Jack of all trades, Master of None
-
Uniquewarlock Member Posts: 14 ■□□□□□□□□□By "Lab Guide" are you referring to the the 3rd Courseware book "Lab Manual" with all the CMD slides and what not? Btw Congrats !
-
grungeisevil Member Posts: 39 ■■□□□□□□□□Thanks all.
danny069: it definitely helped but I would strongly suggest you explore the tools beyond the guide. For the new vulnerabilities, articles from Google and YouTube videos helped me to really understand what it is and how you should exploit it. Good luck with your exam, sir.
Uniquewarlock: Yes, sir. That is the one. Again it's helpful, but explore beyond the tools beyond what's in the guide. Also don't forget the theoretical piece of the exam. Good luck! -
Uniquewarlock Member Posts: 14 ■□□□□□□□□□Thank you so much for the reply, but while I have you I have one more :P do you recommend any resources to help me grasp the ALE/SAO scenarios and the instances if I find a bitcoin account and a bank account during a pen test, do I stop? lol
-
grungeisevil Member Posts: 39 ■■□□□□□□□□Uniquewarlock wrote: »Thank you so much for the reply, but while I have you I have one more :P do you recommend any resources to help me grasp the ALE/SAO scenarios and the instances if I find a bitcoin account and a bank account during a pen test, do I stop? lol
Try this one and see if it helps Risk Assessment | CISSP Security-Management Practices | Pearson IT Certification
For your second question, I'm not sure if its in the guide. What I do remember is that people's safety comes in at no 1.
HTH -
impelse Member Posts: 1,237 ■■■■□□□□□□CongratsStop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
precisemmc Member Posts: 13 ■□□□□□□□□□I purchased the nmap cookbook and Im going through a few of the scans among them all, could you please give me a few to remember. I would assuming the tools thats used for firewalking? sU sX etc etc Thanks
-
IronmanX Member Posts: 323 ■■■□□□□□□□precisemmc wrote: »I purchased the nmap cookbook and Im going through a few of the scans among them all, could you please give me a few to remember. I would assuming the tools thats used for firewalking? sU sX etc etc Thanks
OK so know the TCP hand shake.
nmap -sN. Know what a null scan is and how it works. what the responses are to open and closed ports.
nmap -sF. Know what a FIN scan is and how it works. what the responses are to open and closed ports.
nmap -sX. Know what a XMAS scan is and how it works. what the responses are to open and closed ports.
etc...
Here is the list of switches i studied: -sA -sF -sI -sL -sN -sO -sP -sR -sS -sT -sW -pI -PO -PS -PT -oN -oX
Know your -T0-5 switches.
^^^Also know how they work on/against different operating systems. Windows does not follow RFC 793.
Know your ICMP Types and Codes -
JockVSJock Member Posts: 1,118precisemmc wrote: »I purchased the nmap cookbook and Im going through a few of the scans among them all, could you please give me a few to remember. I would assuming the tools thats used for firewalking? sU sX etc etc Thanks
If you help with nmap, Google is your friend:
https://nmap.org/
29 Practical Examples of NMAP Commands for Linux System/Network Administrators
Top 30 Nmap Command Examples For Sys/Network Admins***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)
"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown -
shiffler24 Member Posts: 18 ■□□□□□□□□□When you say you read, "the CEH v9 lab guide" do you mean the PDF's last EC-Council has for purchase? i.e. the modules and lab PDF's.
-
grungeisevil Member Posts: 39 ■■□□□□□□□□precisemmc wrote: »I purchased the nmap cookbook and Im going through a few of the scans among them all, could you please give me a few to remember. I would assuming the tools thats used for firewalking? sU sX etc etc Thanks
The examples IronmanX and JockVsJock posted are spot on. Study those and you'll do fine -
grungeisevil Member Posts: 39 ■■□□□□□□□□shiffler24 wrote: »When you say you read, "the CEH v9 lab guide" do you mean the PDF's last EC-Council has for purchase? i.e. the modules and lab PDF's.
Yes, if you can get your hands on those, it would be beneficial. -
grungeisevil Member Posts: 39 ■■□□□□□□□□Congrats.
Any plans for another certification in near future?
Thanks FrankTh. I am prepping for CISA and perhaps if time permits, go for ISO 27001 for Lead Auditor. Would very much venture into IT Audit. -
shiffler24 Member Posts: 18 ■□□□□□□□□□grungeisevil wrote: »Yes, if you can get your hands on those, it would be beneficial.
Thank you and I forgot to say congrats on your pass! I have those slides and also have online labs through CEH. I purchased this last year for v8, but after the version change I emailed them and asked for access to v9 at no charge and they were able to provide those. I plan on reviewing those to see any new changes outside of what I've read in the Matt Walker CEH Certified Ethical Hacker bundle (second edition).[h=1][/h] -
Sch1sm Member Posts: 64 ■■■□□□□□□□shiffler24 wrote: »I purchased this last year for v8, but after the version change I emailed them and asked for access to v9 at no charge and they were able to provide those
-
shiffler24 Member Posts: 18 ■□□□□□□□□□Wait, really? I asked for this and got told no. Who did you e-mail?
Hey Sch1sm, sent you a PM with that information! -
Sch1sm Member Posts: 64 ■■■□□□□□□□Good to see the totally legit and professional organisation that is the EC-Council being consistent!