CEH - Passed on 9/21/2016 - Preperation and Reflections

dstehldstehl Member Posts: 8 ■□□□□□□□□□
PREPARATION

Though some of my previous years of work and graduate studies have been in healthcare and global futures security, I earned my first IT certifications this year (A+ in April, Net+ in June, Sec+ in July). A company I have project-partnered with in the past was aiming to support a cyber-security track individual who could operate in the private sector beyond TS matters, and I was the willing participant. Thus, they sponsored by self-study eligibility application. I have engaged totally in self-study, but with the understanding that their organization will need me at some future point to help them put some of the CEH suite of activities into practice (not necessarily as their lead, however).

Anyway, after finishing Sec+ in late July, I meandered for a few weeks through Walker's All-in-One (AiO) bundle, had a week off, and had close relative pass before spending the last 2 weeks in diligent preparation. I read posts from this forum from the beginning (August) to get an idea of what I should expect and how I can hedge my study plan to not be overly surprised. This mostly entails using multiple reference materials - like defense in depth as your strategy for mitigating the the risk of tunnel vision studying and getting waylaid by too much focus on X, Y, or Z.

Perhaps my favorite supplement were the Boson Practice exams. When others recommended them and noted their thorough explanations, I did not grasp how significant they would be. Honestly, I know I learned a huge amount in the final three days prior to the exam simply by supplementing what I understood with the answers supplied in the Boson answer description spaces. I had a discount from the summer that made the price around $75, but $100 would have been fine given how much I think they're worth.

I used Skillset sparingly. I didn't pay for the Pro-version (though September seems to be offering a 50% subscription rate), and so I never got much out of it (since I like to study intensely in batches, and I kept getting the "stops." A better resource for practice would be Quizlet, but much of the information is dated. However, Quizlet tech would be fantastic for uploading the glossary at the back of AiO or for the different tool names and their description/use. I did not "get into" the Cybrary.it course on the matter, though I may look into the CB Nuggets course even though I'm through, since there is some training I think could be extremely helpful to learn.




Weeks 1-3
Read each chapter, taking the quiz at the end of each. Slowly process and think about the information/implications


Week 4
Off; Work


Week 5
Funeral out-of-state. Read Walker's AiO review .pdf


Weeks 6-7
Take each 25-29-question quiz from AiO supplement book. Check Quizlet and Skillset (<5 hours).


Week 8
Take AiO and Boson software exams (300-Question AiO set; Boson tests A-D; 400-Question AiO set; Random Boson set); Take actual exam















Regarding the Boson sets, I took the first 3 in the same manner and the 4th differently. For Tests A, B, and C, I took the exam in study mode and clicked, "show answer" to immediately see how each question was meant to be answered and the rationale. Furthermore, this also provided me with all kinds of information about the wrong answers that further prepared me for the REAL exam. For Test D, I took it in simulation mode. Whereas it took me about 2 hours to through each of A, B, and C, in the manner described, it only took about 80 minutes to go through D, since I wasn't learning anything (of course, I immediately retook D in study mode afterward, breezing through the exam to read the answer descriptions).

My scores in the AiO and Boson are listed below. These scores are reflective of the following dates:
  • 9/16 for AiO-300, (75%)
  • 9/19 for Boson A-B, (61%, 78%)
  • 9/20 for Boson C-D and AiO 400, (72%, 84%, 88%) and
  • 9/21 for Random Boson (about an hour before I took the exam). (95%)
These should give you a little understanding as to where I was prior to taking the actual exam (which I took online through ProctorU).


EXAM REFLECTIONS


I was vastly over-prepared in some areas and felt under-prepared in others. I certainly thought during the exam. I likely over-thought many of the questions, as I marked nearly 30% of the questions to review before submitting. Whereas I was completing the Boson exams in 80-90 minutes. I took 3 hours for the actual exam. Part of that was being overly paranoid, but that also reveals how unsure I was on some questions - like where typos could have actually affected the meaning of the question and/or the correct answer. If I were to coach myself in preparing for the exam after-the-fact, I would recommend doing the drudgery work of making quizlet cards for each of the tools, specifically where switches were similar or the tools' names could be mixed-up. I would do the same for each of the famous exploits.

My recent trek through the CompTIA trio certainly helped me pick the information up quickly and compartmentalize it efficiently. I had a framework in place for the knowledge to fit, and that framework made the difference in allowing me to speed through certain sections. I am thankful to have completed this certification and now be able to spend time on the actual hands-on platforms, as I did not spend time working with a home lab (I have a Kali machine but haven't touched it for CEH prep). Certainly, as I try out some of the tools, my study has enabled me to quickly know what I'm doing and what's going on under the hood (as it should given I just earned the certification).

I hope listing out some of my experiences and reflections help you on your path toward CEH certification and development. Godspeed.

P.S. For those with the experience and willingness to do so, please advise as to how I might stabilize my knowledge with the practical skills. My intent was to take Off-Sec's free Metasploit course and read the Metasploit and Penetration Testing books of the same rank. If there is a better or more interactive way, I'm all ears. Thanks.

Comments

  • cpincke2892cpincke2892 Registered Users Posts: 2 ■□□□□□□□□□
    Thanks for sharing your experience! I am in the early stages of studying and I actually paused my Cybary video to read this post haha. I've been hearing a lot of good things about the Boson exam so I guess I will give it a try. I'm currently using Matt walker's book and practice exam guide alongside of the cybary videos.
  • kalikkalik Member Posts: 6 ■□□□□□□□□□
    I've recently passed it as well, all I did was read the official EC-Council materials and did like 300 test questions on the free version of Skillset. Got 98%, took me 2 weeks to prepare while working full time. The exam was pretty much as easy as Sec+, was disappointed to be honest.
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Congrats, that's one heavy load right there doing your A+, Net+, Sec+ each month consecutively. What's next for you?
    I am a Jack of all trades, Master of None
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • CuttlefishJonesCuttlefishJones Member Posts: 13 ■□□□□□□□□□
    Congrats! I can't wait to the the CEH over and done with now. I'm already booked up for the GPEN and OSCP to follow.
  • dstehldstehl Member Posts: 8 ■□□□□□□□□□
    Great job. Don't be too disappointed. ;)

    That's fantastic to be able to so quickly dominate this exam. Keep up the great work!
  • dstehldstehl Member Posts: 8 ■□□□□□□□□□
    The former response was to kalik
    danny069 wrote: »
    Congrats, that's one heavy load right there doing your A+, Net+, Sec+ each month consecutively. What's next for you?

    I am pursuing nothing on the certifications front - at least nothing that I know of. I don't have normal work in sec/infosec. I teach in a couple other fields that have had, from time to time, cross-over. I mentioned above the books I was thinking of reading and the free Metasploit training course offered by Offensive Security. I may also look at the Cybrary courses related to Pentesting again. Ultimately, what I would like is a regime to follow for learning the in-action use of the best tools in the best order, cutting out the inconsequential tools. Of course, the "hacker way" is often to figure things out on your own, but I would respond that it's also the hacker way to use what works. Thus, if anyone has a way that works in doing what I hope to accomplish, please recommend away. ;)
  • bamahonkybamahonky Member Posts: 52 ■■□□□□□□□□
    Congrats. I am getting really close to taking my exam. Very insightful post.
  • greg9891greg9891 Member Posts: 1,189 ■■■■■■■□□□
    Congrats!
    :
    Upcoming Certs: VCA-DCV 7.0, VCP-DCV 7.0, Oracle Database 1Z0-071, PMP, Server +, CCNP

    Proverbs 6:6-11Go to the ant, you sluggard! Consider her ways and be wise, Which, having no captain, Overseer or ruler, Provides her supplies in the summer, And gathers her food in the harvest. How long will you slumber, O sluggard?
    When will you rise from your sleep? A little sleep, a little slumber, A little folding of the hands to sleep, So shall your poverty come on you like a prowler And your need like an armed man.
  • Z0sickxZ0sickx Member Posts: 180 ■■■□□□□□□□
    thanks for the post man i'm planning on taking my exam in the next 10 days or so as soon as verification goes through....I will make flashcards on tools since i don't want that to be the reason i didn't pass, and i'll assume with switches it was mostly related to Nmap/Netcat and snort
  • dstehldstehl Member Posts: 8 ■□□□□□□□□□
    Z0sickx wrote: »
    thanks for the post man i'm planning on taking my exam in the next 10 days or so as soon as verification goes through....I will make flashcards on tools since i don't want that to be the reason i didn't pass, and i'll assume with switches it was mostly related to Nmap/Netcat and snort

    Yours was actually one of the posts I was following in my preparation. Thanks.

    I don't think you can go wrong with knowing the switches, as it shouldn't take a super long time to get familiar with them. The AiO has some good tables to start. It was an area were I focused the last couple days. The BOSON program has resources linked to the questions, and there are some good ****-sheets they link:

    http://www.sans.org/security-resources/sec560/netcat_****_sheet_v1.pdf

    https://technet.microsoft.com/en-us/library/gg651155.aspx


    Also, there is a good Quizlet deck - located below:

    https://quizlet.com/78071125/ceh-netcat-switches-flash-cards/

    https://quizlet.com/62924137/ceh-nmap-syntax-flash-cards/

    Also, I checked my score, and it was an 82.4%
  • DCMB985DCMB985 Registered Users Posts: 2 ■□□□□□□□□□
    Hi, I'm thinking of doing the exam myself and going on an official training course. I've started reading the two study guide books and preparations, but I don't come from a hacker background so the physical hacking part is all new to me... Should I continue?
  • dstehldstehl Member Posts: 8 ■□□□□□□□□□
    That's quite expensive in my opinion. I wouldn't go for it if you have to shell out more in the eligibility than you do for the exam itself, UNLESS you have a sure expectation that the certification can be monetized in your career within a reasonable time frame. That's a personal opinion. As for CAN you learn it even without the background. Yes. I believe you can learn almost anything with enough attention, time, and effort (undeterred inquiry).
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    Great post. Congratulations on the pass.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • TreySongTreySong Member Posts: 65 ■■■□□□□□□□
    Congrats. I am planning on doing the CEH in December.
  • R@d1shR@d1sh Member Posts: 8 ■□□□□□□□□□
    Congratulations as well. I'll be testing next week, I've been binging on the Boson practice exams. Their explanations of the answers are IMO excellent.
Sign In or Register to comment.