Passed CEH 4/5/2016

kirlabkirlab Registered Users Posts: 3 ■□□□□□□□□□

I read a lot of bad things about the questions of this exam here. I was not very confident even after 2 weeks of deep work.
I want to contribute with my feelings.

CCNA / VCP-DV / Security+

I self study security since almost 1 years and half. My knowledge is between CEH and OSCP.(I Guess)
In February I would start to pass some certification, not to learn but to have a proof of my knowledge.
I pass the Security+ in two week and in fact I learn a lot of stuff (especially in risk management, threats, etc...)

So after I deeply learn to be ready for the CEH.

I used the following to study
: (**** Highly recommended to * not so much useful)
- Matt Walker Book CEHv8 ****
- Exam Prep V8 ***
- Cybrary ***
- CEHv9 courses and lab ***
- Skillset ** (until lvl 4 on each topic)
- CEH Assessment questions * (too hard compared to the real exam)

The Exam:
20Q: Risks/Vulnerabilities/Threat Assessment/Management, BIA, Recovery Plan, incident Response, ALE...
(thanks to the Security+ otherwise I have not been prepared for this type of questions)
15Q: Black/White/Grey hat/box SLA
10Q: Nmap / netcat / script Nmap
IDS, NIDS, IPS, Firewall (stateful, circuit, proxy, app and packet filter) and evading all this stuff
15Q: Legal Issues: NIST, HIPPA, Spy Act, ISO, PCI... (too much questions according to me)
5Q for each : Wireshark & tcpdump , XSS & CSRF, Vulnerabilities Scanner (Nessus, OpenVAS), Virus & Trojan (definitions), Shellshock & Heathbleed, Social Engineering (the basics tailgating, phishing)
2/3Q for each : Wifi tools and frequency and security, , Syslog, crypto (hash ans pwd)
1Q for each: Mobile, google, footprinting, DNS, SMB, XOR, tape

Nothing about Cloud, port, buffer overflow, web, SNMP

Only 1 answers to answer for each questions no "choose all apply"

I was scared about the tricky questions like I have already read in this forum. The type of questions where two answers on 4 are practically identical and good. I will say I saw about 20 on 125 questions like that. This remain a little bit sad.

To conclude it's not an easy test but it not so hard with a minimum of work.

Cheers icon_cool.gif


  • scottlinscottlin Banned Posts: 10 ■□□□□□□□□□
    Congrats!! Thank you for your comments. The whole test was multiple choice? No lab type questions? Did you purchase the CEHv9 materials from EC-Council? Do you think someone could pass the test using just v8 study material?

    Thank you
  • kirlabkirlab Registered Users Posts: 3 ■□□□□□□□□□
    Hi scottlin,

    The whole test was multiple choice (just select one answer on 4).
    No lab questions, if you considered to examine 4 line of log and find an answer is a lab question so there are about 10 like that.
    No need to buy the v9 material. I read the both and there almost no change. The v8 is good enough.

    Just Google for the V9:
    Shellshock, poodlebleed, Hearthbleed
    The different type of cloud (private, public, hybrid) and Iaas, Paas and Saas.
  • scottlinscottlin Banned Posts: 10 ■□□□□□□□□□
    Thank you Kirlab and congrats again!
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • ablindseyablindsey Member Posts: 20 ■□□□□□□□□□
Sign In or Register to comment.