Test Questions About Tools

XLIIXLII Posts: 14Member ■□□□□□□□□□
Hello, all! I am about 6-7 weeks away from taking the CEHv9 exam and have heard that there's a lot more focus on tools and questions about which tools do what. I am curious for those who have taken the exam how you would recommend studying for the tools section. Should I just make flashcards that list out something like "Network Discovery and Mapping Tools" and then list all of the tools associated with that topic? Also, from what I'm gathering, there is also focus on command line options such as the netcat and nmap and maybe questions about advance Google searching? I've already taken the CHFI test and that exam only seemed to cover integrated command line tools and their options such as tasklist, netstat, nbtstat, and arp but from what I'm gathering, there are a lot more questions about tools on CEHv9. Any advice would be welcome. Thank you all in advance for your time!

Comments

  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    I didn't get any responses from anyone so I'll respond to this myself since I just took and passed the exam today. My experience with the questions that I received was actually, in my opinion, very lightweight when it came to tools. Sure it had a few questions here and there about Nmap but only maybe three that were about command options and one about syntax. As for the other tools, it really only focused on picking a mainstream tool out of a lineup such as "Which tool does this?" or "Which tool would you use for that?" and I didn't even get that many of those. The ones that I did get were pretty obvious. I would say if you know the top 2-3 tools for each category, or even have a vague familiarity, you have a good chance at getting the question right. One trick to knowing which are the top tools on the exam is just to look at 2 or 3 different sets of material (such as maybe the Matt Walker AIO and then compare to the official coursework or Oriyano for example). Also, from the questions I received, I only really needed to know the gist of the tools. From what some were saying, including exam material, it sure seemed like you needed to know a lot about a lot of tools and that there was going to be a lot of focus on tools. Maybe I just got lucky but aside from some questions on Nmap, the rest were a breeze and the NMAP questions weren't a big deal anyway since I had been quizzing myself repeatedly on the command options. I've now completed the CHFI and CEH and will probably write up a big giant post on my experience with both in a separate thread when I get my official score report in a few days. If anyone else wants to chime in, feel free.
  • 636-555-3226636-555-3226 Posts: 976Member ■■■■■□□□□□
    thanks for the info! I'm thinking of finally biting the CEH bullet and taking the test next year (for resume building), so it's good to hear some honest exam feedback!
  • xxxkaliboyxxxxxxkaliboyxxx Posts: 466Member
    What were the majority of the questions related to if not tools? Also congrats!
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    Thanks! Questions such as scenario of when to use IDS or vulnerability scanning, security audit policy stuff, basic questions about ports, penetration testing ethics, stages (recon, scanning, etc...), and techniques, identifying different types of attacks (I had several about social engineering). Also some about vulnerability scanning in general and a few questions identifying standards (HIPAA, PCI, NIST, etc...). I also recall a reasonable number of questions about malware and identifying a type from a description. There were also some questions about encryption standards, IPSEC (know basic uses of AH, ESP, tunnel vs transport), and hashing and their uses as well as some questions about wireless security standards. If you're used to getting questions about simple situations or descriptions and you identify what you would do or what is being used or described, then you shouldn't have much of a problem. The questions were very well worded, straightforward, and simplistic. I was pleasantly surprised that there weren't as many as I would have thought where you would only be able to narrow it down to two possible answers and have to do a 50/50. I was easily able to narrow down to the right answer by process of elimination in the few cases that I was unsure of the answer. I see you have Sec+ which gets you at least half way there already. Just tack on some tools, Nmap usage, pen testing stuff, and maybe some policy/standards junk, and you're pretty much home free.
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    Of course! I hope it helps. If you do decide to go for CEH, don't feel like you have to over prepare, especially if you already have some security related certs. I wouldn't delay too much in getting it if you feel it's worth it. I spent about 8 weeks in preparation after getting the CHFI but a read through the Matt Walker AIO Third Edition, a few runs through the Boson exam simulator, and some review of Nmap commands and syntax and a few other tools, and I would have been through it much quicker.
  • xxxkaliboyxxxxxxkaliboyxxx Posts: 466Member
    Thank you for the detailed answer. I am most definitely over preparing, I feel like I'm burning out on the subject. I'm reading Matt Walkers all in one, taking the eLearning ejpt course, watching Purualsight 78 hour course, finished skillport CEH, hacking servers on VMware and even learning to program in python just in case.My brain is fried.

    Side note; how do I give this man a postive rep? Is this reddit?
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • E Double UE Double U Posts: 1,531Member ■■■■■■■■□□
    Thanks for the info XLII and congratulations!
    Alphabet soup: CISSP, CISM, CISA, GPEN, GCIA, GCIH, GCCC, CEH, etc

    2019 Goals: CCSP, CRISC

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • horusthesunhorusthesun Posts: 289Member
    Thanks for the advise everyone !!!
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    Thank you for the detailed answer. I am most definitely over preparing, I feel like I'm burning out on the subject. I'm reading Matt Walkers all in one, taking the eLearning ejpt course, watching Purualsight 78 hour course, finished skillport CEH, hacking servers on VMware and even learning to program in python just in case.My brain is fried.

    Side note; how do I give this man a postive rep? Is this reddit?

    More than happy to help! You definitely are covering more information than I did in my studies so as long as you feel you're absorbing it relatively well, I'd feel confident in you making an attempt. I made the mistake of burning out too only to find I could have comfortably made my first attempt a few weeks ago. I get pretty bad test anxiety so I always feel like I have to know absolutely everything but in this case, I was starting to get information overload and it was causing me to lose focus on some of the important topics.

    In addition, I also thought of a few other things that you may want to be sure to review. Sometimes stuff just pops back in from my experience yesterday. I'd make a point to review web based attacks (XSS, CSRF, SQL injection, buffer overflow) and know the OWASP top 5. You may need to know basic examples of each one. However, the questions I received such as those were also pretty obvious, especially by looking at the choices. Also, I should probably bring up Linux and Windows based questions. I honestly had very few of those and they were just about basic commands that you might use in an attack. If you're familiar with the Windows basics such as net use, netstat, nslookup, and so on or the most common Linux commands (such as 'ch' commands and maybe directory commands such as ls,cd,pwd) you'll probably do fine. I didn't get anything in depth about IPTABLES/IPCHAINS other than to know what it was. Same thing with questions about proxies. Also, know your firewall types (stateful, application, circuit, etc..) so you know which layers of the OSI they operate at. Still, nothing complex or tricky. Also, there were some nice 'common sense' questions about pen testing etiquette and even a few that you could answer just by plain English. Know the components and purpose of the equation ALE = SLE x ARO and Risk = Vulnerability x Threat. Physical security and types came up as well as identifying phishing (and variants such as spear phishing), social engineering (including tailgating/piggy backing). Also, two/multi-factor authentication and the three types. This was mostly just recognition such as describe what term is going on or what should be used in a given definition or scenario. Also, some basic questions about PKI came up as well as asymmetric/symmetric encryption, and email encryption (such as PGP or S/MIME). Make sure you know how to XOR and I guess I'd recommend being able to identify a network or broadcast address although I didn't actually get a question about that. If I think of anything else I'll keep dumping it here until I have time to do a more comprehensive write-up. Although I can only speak for my experience personally and there may be things you get that I didn't, I believe that you should at least have some peace of mind that the test really isn't intimidating and they are gentle with most of the questions. Hope this helps as well!
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    E Double U wrote: »
    Thanks for the info XLII and congratulations!

    Absolutely, and thank you!
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    Thanks for the advise everyone !!!


    Hope it helps!
  • xxxkaliboyxxxxxxkaliboyxxx Posts: 466Member
    wow, one of the best write ups without giving out just straight answer questions. Awesome, i'll make sure to highlight what you outline.

    I do find excuses more often now to stop studying by doing side projects aka learning basic programming, etc.

    I think you just motivated me to schedule my exam =)
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    wow, one of the best write ups without giving out just straight answer questions. Awesome, i'll make sure to highlight what you outline.

    I do find excuses more often now to stop studying by doing side projects aka learning basic programming, etc.

    I think you just motivated me to schedule my exam =)

    Thanks, and glad to hear it! This is really nothing that you should be worried about. If you are and want to boost your confidence just a little more and have a little cash laying around, the Boson exam engine was really good. I thought the actual exam was easier than the Boson but if you go through all of the questions and read the explanations for the ones that you feel a little iffy on, it will at least make the actual test feel more "breezy". Otherwise, you probably could do fine without it considering what you've already been doing. Just do it, get it over with, and go back to learning programming. icon_smile.gif
  • E Double UE Double U Posts: 1,531Member ■■■■■■■■□□
    XLII wrote: »
    If you are and want to boost your confidence just a little more and have a little cash laying around, the Boson exam engine was really good. I thought the actual exam was easier than the Boson but if you go through all of the questions and read the explanations for the ones that you feel a little iffy on, it will at least make the actual test feel more "breezy".

    Agreed! If someone can pass the Boson exams then they should be able to pass the real thing.
    Alphabet soup: CISSP, CISM, CISA, GPEN, GCIA, GCIH, GCCC, CEH, etc

    2019 Goals: CCSP, CRISC

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • xxxkaliboyxxxxxxkaliboyxxx Posts: 466Member
    Update: Purchase my ProctorU voucher and just about to schedule my exam. I have since passed my eJPT and thinking about purchasing the PTP from elearnsecurity just for some hands on before I think the C|EH
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    Update: Purchase my ProctorU voucher and just about to schedule my exam. I have since passed my eJPT and thinking about purchasing the PTP from elearnsecurity just for some hands on before I think the C|EH

    Good deal! Don't leave us hanging.
    Let us know how it goes. icon_smile.gif
  • XLIIXLII Posts: 14Member ■□□□□□□□□□
    Forgot to mention here that I FINALLY got my test results. Not sure why it took so long. Anyhow, I scored an 87% on the exam. I am not sure how this equates to how many questions I got right or wrong as I was told once that some questions are weighted differently. If anyone can confirm this, I would be interested to know. Also, in my write-ups here, I didn't see that I mentioned Wireshark on the list of tools to brush up on. It's not too big of a deal but my OCD won't let me sleep if I don't at least mention it. I only got a question or two on Wireshark but it is one of their focal points that you know basic filtering syntax, common protocols, and how to analyze simple packet capture output. Given that it's multiple choice, none of the questions I got about Wireshark were tricky or difficult so I wouldn't worry about it as long as you have some experience utilizing the tool.
  • dkorzhevindkorzhevin Posts: 45Member ■■■□□□□□□□
    Thank you, for brilliant exam review!

    Please tell - did you managed to write combined CEH and CHFI review, that you mentioned here?

    Dmitry
Sign In or Register to comment.