CEH Study Plan

Hi everyone! So I'll be studying for my CEH exam scheduled in the last week of September. I've been weighing on different study materials and would love to hear your thoughts about it. So far I'm planning on studying using:

1. Matt Walker's AIO v8 (Since the book for version 9 is not out yet, do you guys recommend this?)
2. Sybex Oriyano CEH v9 Study guide
3. Skillset
4. CEHv9 Courseware Slides

Thanks in advance you guys

Find more posts tagged with

Comments

nandykar

That is a good list. MAtt Walker's book is better than the Sybex book. Though the chapter on cloud computing is only present in the Sybex.

My suggestion - read all these but more importantly - create a virtual lab and practice the lab sessions with the tools.

Divergence

nandykar wrote: »

That is a good list. MAtt Walker's book is better than the Sybex book. Though the chapter on cloud computing is only present in the Sybex.

My suggestion - read all these but more importantly - create a virtual lab and practice the lab sessions with the tools.

Thanks! added cybrary.it to help with my labs

BuzzSaw

Divergence wrote: »

Thanks! added cybrary.it to help with my labs

FWIW: I would also recommend the Boson ExamSim. It's a touch on the pricey side (sometime you can get it on sale for about 75-80.00) but I think its very much worth it. It helps you find weak areas, and also gives really good explanation with source references. Personally, I think this is better than the Sybex book and Skillset combined . . .

Divergence

BuzzSaw wrote: »

FWIW: I would also recommend the Boson ExamSim. It's a touch on the pricey side (sometime you can get it on sale for about 75-80.00) but I think its very much worth it. It helps you find weak areas, and also gives really good explanation with source references. Personally, I think this is better than the Sybex book and Skillset combined . . .

Thanks for your feedback buzzsaw, found the link 312-50 CEH Practice Exam | Boson. The only reason i'm on hold is because its costs 90$ for only 500 questions, is it worth the money?

BuzzSaw

Divergence wrote: »

Thanks for your feedback buzzsaw, found the link 312-50 CEH Practice Exam | Boson. The only reason i'm on hold is because its costs 90$ for only 500 questions, is it worth the money?

You might be able to find a coupon code somewhere with a little google searching. I had a coupon code, but it has since expired.

"worth the money" is a relative term, but for me, and my study methods, I totally think it was worth it. Lots of questions, lots of answers, and good explanations. These helped me with the compliance portion of the test big time. You certainly couldn't pass the test with ONLY this, but I think this is a good tool to use as your final prep. You can check out my "passed 7/11" post for my take on it.

markulous

I think Matt Walkers guide was enough. Read that and be familiar with Nmap and you'll pass for sure.

BuzzSaw

markulous wrote: »

I think Matt Walkers guide was enough. Read that and be familiar with Nmap and you'll pass for sure.

So, not to say your "Wrong" but my experience was a bit different. I had at least 7-8 questions about compliance related topics (HIPAA as an example) while having maybe 5 NMAP specific questions. Strictly speaking, the AIO book, nor nmap would cover a decent subset of questions. I think other materials are needed for the newer revisions.

tmurphy3100

markulous wrote: »

I think Matt Walkers guide was enough. Read that and be familiar with Nmap and you'll pass for sure.

Is the second edition the newest one? I am confused because Amazon has 2 "Second Editions" with totally different pricing.

Divergence

BuzzSaw wrote: »

So, not to say your "Wrong" but my experience was a bit different. I had at least 7-8 questions about compliance related topics (HIPAA as an example) while having maybe 5 NMAP specific questions. Strictly speaking, the AIO book, nor nmap would cover a decent subset of questions. I think other materials are needed for the newer revisions.

May I ask what are the compliance questions about? HIPAA SOX DMCA? or are there any questions about risk assessment, business continuity disaster recovery? Thanks!~

shoey

Divergence wrote: »

May I ask what are the compliance questions about? HIPAA SOX DMCA? or are there any questions about risk assessment, business continuity disaster recovery? Thanks!~

You don't need to get very detailed with the compliance/legal questions; a general understanding and the field that they relate to is probably more than enough. I would definitely understand risk assessment, BCP, DRP, change/patch management, pentest phases, and most importantly... NMAP, NMAP, NMAP.

I purchased Matt Walkers AIO v8 and the Sybex v9. and both would be sufficient to pass this exam. Even though I'm a fan of Sybex - I found Matt Walkers AIO to be the better choice. Also, I would suggest downloading Kali Linux and actually using the tools. Best of luck!

BuzzSaw

Divergence wrote: »

May I ask what are the compliance questions about? HIPAA SOX DMCA? or are there any questions about risk assessment, business continuity disaster recovery? Thanks!~

It seemed like a little bit of everything, but generally just having an overall knowledge should be good enough. Like one things I did was list all of the major compliance \ regulatory actions and bill, and just get a general understanding of them. In one section of my notes I wrote a quick summary of the following:

18 USC 1029
18 USC 1030
CAN-SPAM
DMCA
SOX
GLBA
HIPAA
FERPA
FISMA
FITARA
NDAA
Computer misuse act of 1990
NIST 800's
PCI DSS and its 11 requirements
OSSTMM

Also, for what it's worth, I remember having a few questions about XOR operations which (I cant remember) if that is covered in AIO or not.

whoknew

Best of luck on the exam. I passed CEHv9 this afternoon. Here's what I used:

1. Sybex CEHv9 Study Guide (lots of questions/practice exams on-line)
2. Sybex CEHv9 Practice Tests Book (even MORE questions/practice exams on-line)
3. Skillset Pro (took 5 or 6 of their 150 question practice tests)
4. 12 week Penetration Testing course w/ labs at local community college
5. Watched a ton of Mr. Robot....especially the exploits

Also, look at BuzzSaw's comments above.....very sound advice in study topics. This exam is a no holds barred, everything is fair game & on the table, the rules are there are no rules kinda test.