What am I missing?

DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
So I have been reading threads about the exam and I am getting the impression that its a lot more technical than some me of the material is leading to believe it is.

All I am reading is the Sybex book and really its like a review. Most of the tools it mentions are pretty common like nmap, nc, hping and wire shark. I have been using these tools off and on for a few years, but from the posts I feel that I need to dig a little deeper.

From the Sybex book it seems like a test that is testing you on the tools and very very basic usage. Is this correct?

I am at chapter 14 in a few days study and have literally learned maybe 10 or 11 things I did not know, but most of it was a review from my CISSP studies.

At any rate, can someone give me some insight into how technical the test gets.

For example how in depth would it go for tcp....TCP = 3 way handshake>ak/syn-ak/ak>ak /syn sequence numbers > increasing numbers with null inserts to guess following sequence in a victim>actual sequence and ak values increasing by one for each comm. How in depth do I need to understand the concepts?

Comments

  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    You can find out what you need to know from the blueprint.

    I don't have CISSP, but I know people with CISSP, and the technical knowledge I needed for CEH far surpassed the more management level info they seemed to have as it pertains to CEH specifically.

    Tool questions will vary from test to test. If you think you're already there, then download the boson exams and see how you do. The money is well spent IMO

    As for TCP, yeah that information helps, but that information is also just how TCP works. CEH will ask more specific things like TCP traffic through firewalls by showing you log screen shots. Understanding how ACL's work in a firewall (not just what an ACL is) Or understanding how exactly how different ports should respond under different scans, etc. Thats an example not an inclusive list.

    So you might know that stuff already, which is great. So I'd take some practice tests and go from there if you think you're up to par already
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Maybe half a feel . . .

    Personally I don't think that test matches up to the real think all that well
  • DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
    Thanks a ton guys. I'll hit up some more specific port scan with nmap like some fragmented and maybe scans with multiple flags set (Xmas) to see how they react with some different ports.

    Also, I have not done any MITM attacks so I'll try some when I get a chance.
  • ratbuddyratbuddy Member Posts: 665
    If you're actually paying for this cert (I wouldn't), I can heartily recommend the Boson practice tests, 312-50 CEH Practice Exam | Boson

    I had them provided by WGU and found they were the perfect level of difficulty - slightly harder than the real exam, and they included very detailed explanations of all answers, including incorrect ones.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    ratbuddy wrote: »
    If you're actually paying for this cert (I wouldn't), I can heartily recommend the Boson practice tests, 312-50 CEH Practice Exam | Boson

    I had them provided by WGU and found they were the perfect level of difficulty - slightly harder than the real exam, and they included very detailed explanations of all answers, including incorrect ones.

    I'm taking this right now to get my voucher from WGU. Some of the questions on there are worded so strangely. I don't think it's overly difficult otherwise, but it's a chore for me to understand some of them.
  • c5rookiec5rookie Member Posts: 53 ■■■□□□□□□□
    Having taken EC-Council and GIAC exams, EC-Council tends to be more basic memorization. If you feel that you have a solid grasp of the pen-testing methodology and which tools do what, you should be ok on the exam. That being said, there still is a significant amount to remember. I used freepracticetests.org since they have a large pool of questions for multiple certs ranging from Network+ to CISSP. Many of the questions come from members which contribute new material to ensure it stays current.
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    ratbuddy wrote: »
    If you're actually paying for this cert (I wouldn't), I can heartily recommend the Boson practice tests, 312-50 CEH Practice Exam | Boson

    I had them provided by WGU and found they were the perfect level of difficulty - slightly harder than the real exam, and they included very detailed explanations of all answers, including incorrect ones.

    +1 on this.

    The Boson test helped me a ton because it exposed areas of weakness for me, and ALSO gave great explanations. Worth the money IMO
Sign In or Register to comment.