Can I pass CEH with Sybex material only?

mika123mika123 Posts: 23Registered Members ■□□□□□□□□□
I will do the CEH exam using the following resources:

1. CEH v9: Certified Ethical Hacker Version 9 Study Guide (http://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245/ref=sr_1_1?ie=UTF8&qid=1462949335&sr=8-1&keywords=ceh)

2. CEH v9: Certified Ethical Hacker Version 9 Practice Tests (CEH v9: Certified Ethical Hacker Version 9 Practice Tests: 9781119252153: Computer Science Books @ Amazon.com)

Which part of the official courseware do I really need?

Physical Course-ware - $885


Exam Prep- $139


DVD tools- $130


Physical DVD -$199


i labs- $200

Bying all the material would be very costly. So do I really need all this stuff or is it enough to just use what I listed under 1. and 2.?

Comments

  • thewiz8807thewiz8807 Posts: 96Registered Members ■■□□□□□□□□
    Curious to know this as well. Cheers.
    Goals: Network+ (Done) -> CCNA: R&S (Done) -> CCNA: Security (Done) -> Security+ (Done) -> ITIL v3 Foundation (Done) -> CASP (Done) -> CCNP: R/S (In Progress) -> CCNP: Collaboration -> CCSK -> CCSP -> CISSP
  • kMastaFlashkMastaFlash Posts: 1,012Registered Members ■■■■□□□□□□
    Answer to this question: No. Is it a good start yes. However, there are some things the book doesn't cover like ALE and stuff like that. Also one of the main fundamental items EC-Council tests on the CEH methadology, this author screws it up and doesn't use the exact methadology EC-Council wants you to know. I would recommend buying the Matt Walker AIO new guide when it comes out. I know he is publishing a new study guide for CEHv9 I think it comes out in August or September of this year? not sure. But for practice tests, buy the transcender and boson exams. Transcender I found was the closest to the real thing. Boson was great for re-enforcing the concepts. The practice test book is good for on the go prep for keeping concepts fresh in you mind but not for actual exam prep for practice exams as there are types on the book like UPD port instead of UDP. I would say buy the following and you should be good to go:

    1. Sybex CEHv9 book
    2. Matt Walker AIO CEHv9 book
    3. Transcender practice exams CEH
    4. Boson CEHv9 practice exams
    5. Official courseware CEHv9

    Forget the I Labs as they are not worth the $200. You can just download Kali Linux, get some linux vulnerable vms or even metasploitable and a windows test client and be good to go.

    Save the $200 towards the courseware books.
    As for the tools, just know nmap and the different switches, tools like Kismet, Nikto, Metasploit, Cain and Abel and Cryptcat and other tools mentioned in the official courseware and heartbleed, shellshock poodle etc. when they are used not really knowing the utility in depth for exam purposes but good to know in general. Best of luck!
    2018: CCSK
    2019: CWSP,Cloud+,Project+,CASP,PenTest+,CWNA,CCNA Security,GXPN,GREM
    2021: LPIC-2,JNCIS-ENT,eLearnSecurity Courses
  • Mike7Mike7 Posts: 1,052Registered Members ■■■■□□□□□□
    It depends on your experience.
    Perhaps try the CEH Assessment first.
  • PlantwizPlantwiz Posts: 5,057Mod Mod
    The warning to oneself is as soon as the question, 'how little can I get by with and pass' comes to mind, start thinking about a different career path.

    Why shortchange yourself in your chosen profession?

    Basic thought, the more specialized and sophisticated the certification, the more hands-on time one will need, whether that is in a lab, time in a job, and/or supplemental study materials from a couple reputable sources. No short cuts ;)
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • thewiz8807thewiz8807 Posts: 96Registered Members ■■□□□□□□□□
    That IS a lot of money to fork out for a certification backed by an organization that's under the microscope right now. Unfortunately for me, it is highly regarded among the organization I intend to work for. So if there's anyone out there who acquired the certification with a book or two, I'd like to hear your opinion on things. Going to take that assessment and see how I do. Just finished my Sec+ and finishing up my CASP, hopefully there's some carry over on the material.
    Goals: Network+ (Done) -> CCNA: R&S (Done) -> CCNA: Security (Done) -> Security+ (Done) -> ITIL v3 Foundation (Done) -> CASP (Done) -> CCNP: R/S (In Progress) -> CCNP: Collaboration -> CCSK -> CCSP -> CISSP
  • infield13infield13 Posts: 17Registered Members ■□□□□□□□□□
    Just passed CEHv9 today.

    I go with everything kMastaFlash said and Mike7's link for the assessment test.

    I would also advise if this if it is an option. If your local college has a Cybersecurity program and has a class that has the CEH cert bundled in I would look into taking that. That way you go hands on experience with realish life labs. You also get to learn hopefully from an instructor that is either a Pentester or some type of security professional.

    If that is not an option what kmastaflash said is the best bet. Mainly learn the different tools and how to recognize what type of attack is being used (sql injection, xsite scripting etc...)
  • markulousmarkulous Posts: 2,375Registered Members ■■■■■■■■□□
    Mike7 wrote: »
    It depends on your experience.
    Perhaps try the CEH Assessment first.

    Thanks for that link. I didn't know they had that. I got a better score than I thought I would so at least good to know I'm not totally clueless about this going in.
  • splash24splash24 Posts: 30Registered Members ■■□□□□□□□□
    The bare minimum i suggest is Matt Walker & Boson practice questions with Kali setup at home.Research every answer Boson has.Example : There is a question which asks Control number 11 in certain standard.You do not need to know that much details but introduces to the standard.Learn the terms well.
  • mika123mika123 Posts: 23Registered Members ■□□□□□□□□□
    I did 84% on the self assessment test. What does this mean for the real exam?
  • thewiz8807thewiz8807 Posts: 96Registered Members ■■□□□□□□□□
    mika123 wrote: »
    I did 84% on the self assessment test. What does this mean for the real exam?

    Someone answer this.
    Goals: Network+ (Done) -> CCNA: R&S (Done) -> CCNA: Security (Done) -> Security+ (Done) -> ITIL v3 Foundation (Done) -> CASP (Done) -> CCNP: R/S (In Progress) -> CCNP: Collaboration -> CCSK -> CCSP -> CISSP
  • beadsbeads Posts: 1,403Registered Members ■■■■■■■■□□
    CEH is all based on open source tools. No automagic involved. Relies heavily on NMAP (know the switches), Metasploit, Burb Suite, etc. The exam itself has gotten much easier over the years with few questions only an insider would know about hacking back in the early 2000s (identify which picture indicates a compromised Wi-Fi AP in Seattle, WA) type questions.

    As far as the 84% question. Its a good indication that if you didn't **** and haven't "tested" the questions before you should be able to achieve at least the 70 ior 72 percent needed to pass.

    - b/eads
  • EnderWigginEnderWiggin Posts: 549Registered Members ■■■■□□□□□□
    mika123 wrote: »
    I did 84% on the self assessment test. What does this mean for the real exam?
    I got 72% on the official EC-Council Pre-assessment test, then got 82% on the actual test. Not sure if I got lucky with the test questions or what, but yeah.
  • TechGuy215TechGuy215 Explore_Dream_Discover Philadelphia, PAPosts: 404Registered Members ■■■■□□□□□□
    You don't have to purchase any of the EC-Council material or classes if you don't want to.

    I used strictly Sybex along with a home lab setup with Kali and Blackbox, and of course my work experience.

    Just make sure you meet the minimum requirements if you're going the self-study route:

    *2 Years Professional InfoSec Experience
    *Submit a 100 Dollar Non-Refundable Eligibility Application Fee
    *Submit a Eligibility Application Form
    *Get Official Approval
    *Purchase your Exam Voucher (600 for PV)

    BTW I took CEHv8...score was a 92% and took me about 20 minutes.

    Good Luck to you! icon_thumright.gif
    * Currently pursuing: PhD: Information Security and Information Assurance
    * Certifications: CISSP, CEH, CHFI, CCNA:Sec, CCNA:R&S, CWNA, ITILv3, VCA-DCV, LPIC-1, A+, Network+, Security+, Linux+, Project+, and many more...
    * Degrees: MSc: Cybersecurity and Information Assurance; BSc: Information Technology - Security; AAS: IT Network Systems Administration
  • mika123mika123 Posts: 23Registered Members ■□□□□□□□□□
    How would you compare the real exam questions to the self assessment test?
  • danny069danny069 Posts: 1,025Registered Members ■■■■□□□□□□
    92% in 20 min sounds fishy to me. The self-assessment test is much easier than the real thing.
    I am a Jack of all trades, Master of None
  • cpcshubcpcshub Posts: 1Registered Users ■□□□□□□□□□
    Hi All,

    Firstly, thank you all on this thread for providing guidance on preparation of CEH exam. I am planning to sit for CEH v9 exam soon, which twst method would you recommend Pearson Vue Centre or Exam Voucher to do it at home ?

    thank you in advance
  • ethical-hacker-73ethical-hacker-73 Posts: 6Registered Members ■□□□□□□□□□
    You can set second hand CEH books on eBay for $2.00, I would start there.

    Warm up to it. Don't go and blow $1000.

    I passed the CEH v9 today.

    My suggestions.

    Understand the following:

    firewalking
    nmap -A and -O commands
    when to use hping
    when a Microsoft O/S will not respond to ICMP
    LM vs NTLM
    password salting
    Rainbow attacks
    RC4, AES, PKI
    process to encrypt message
    use of hashes for integrity
    written auth for pen testing
    understanding impact of Heartbleed and ShellShock (Bashshells and O/S impacted)
    few questions on IPSec (know what layer of OSI)
    some interesting router protocol questions on OSPF
    of course a subnet mask question
    a IP4 vs IP6 question
    know when to use HIPAA
    some WireShark filter commands (4 or 5 of those)
    know TCP three-way hand shake
    a few IPS vs IDS and stateful firewall questions
    MAC flooding and CAM buffer overflow
    know asymmetric vs symmetric advantages
  • cybermastercybermaster Posts: 8Registered Members ■□□□□□□□□□
Sign In or Register to comment.