Passed C|EH on 11/11/16

E Double U

Primary study materials:

- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)

Secondary
- any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)

Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.

My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.

Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.

Update: My score is 83.

Mike7

Congrats!

E Double U

Now I have a moment to give some more details about what I was hit with that others might (and some cases 100% sure will) see on the exam:

- Make sure to have a thorough understanding of Nmap. Know the purpose, the different switches, the outputs, different scan responses to closed/open ports, the flags used by each scan, etc.

- Recent vulnerabilities (Heartbleed, Shellshock, POODLE, FREAK, etc).

- TCP/IP & OSI layers - know the protocols/services used by each layer

- Ports (of course), ACLs, subnetting, differences between IPv4/IPv6, Google search operators, IPsec, social engineering, N-tier architecture, physical security, virus types (know what each does), PKI, SOAP, DNS, 802.11, firewalking, IDS (types, evasion techniques), salts, collisions, ARP, DEP, footprinting, banner grabbing, rainbow tables, brute force/dictionary/hybrid, and much more.

- Tools - Nmap (so nice had to mention it twice), Wireshark, John The Ripper, Metasploit, Burp Suite, hping, Netcat, Kismet, and a few more. The study material mentions way too many tools to go out and learn each one. Look at each CEH methodology phase, pick a few of the most well known tools from each phase, and get familiar with those. I focused on tools I've seen on the job, during GCIH studies, and some of the top tools mentioned on SecTools.Org Top Network Security Tools.

- Attacks - SQL injection, buffer overflow, XSS, CSRF (understand the goal of each, how to recognize/mitigate them)

- Incident handling steps (the order is not as important as knowing what actions are performed at each step)

- Symmetric/asymmetric encryption types, advantages/disadvantages

There were no simple questions like what does this tool do or what is the definition of that term. A question would display an output and I had to either choose what was done to produce that output, which tool was used, or what was attempted/accomplished.

The Boson exams were extremely helpful in reinforcing the material. Good explanations for the correct and incorrect answers plus the references on where to study on that topic. I found a 15% off code at https://www.retailmenot.com/view/boson.com. I also subscribed to have Skillset email me a question a day which I found helpful.

horusthesun

Congrats !!!

greg9891

congrats!

khaledit2015

Good info thanks a lot

E Double U

@ khaledit2015 - When do you plan on taking the exam?

bamahonky

Congrats. I had similar issues when communicating with EC-Council. No response from emails then get multiple responses from different people.

E Double U

bamahonky wrote: »

No response from emails then get multiple responses from different people.

Please don't get me started lol.

DAVIS NGUYEN

Congrats!

TreySong

E Double U wrote: »

Primary study materials:

- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)

Secondary
- any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)

Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.

My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.

Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.

Update: My score is 83.

Congrats! It seems the EC Council makes the process difficult for candidates who do not take up training with them or their approved training centres before the exams.

E Double U

@TreySong - I don't like to jump to conclusions, but that is possible.

materwelon

congrats! thx for the detailed post. nice info

E Double U

@ materwelon - No prob! Hoping that the info helps other C|EH hopefuls.

NetworkNewb

Grats on the pass! Did you find the GCIH similar to the CEH? Seems like there would be some overlap.

IaHawk

Congrats on the pass. I lost interest in CEH when I asked their "customer support" a few questions before attempting to apply for the exam. I may still give it a shot after I take GCIH early next year.

[Deleted User]

Congrats! Now you are one of us!! Whats next?! Happy holidays!

FillAwful

Congrats! CEH does make a good keyword search for HR! GCIA is by far the most fun and rewarding Cert I have ever received. It's like the being able to see the matrix (Blonde..redhead...brunette..) have fun with it!

E Double U

Thanks guys! Good luck to anyone else planning on tackling this and I hope you have a better experience dealing with EC-Council than I did.

@ IaHawk - there is plenty of overlap between GCIH and CEH. If money is not an issue, I think whoever gets one should knock out the other.

@ kMastaFlash - I have GCIA and CISM on the brain.

@ FillAwful - CEH gets way more results in my job searches than anything by GIAC so I just had to get it out of the way.

nokouri

Way to go, congrats! Its on my to-do-list!

Mike7

E Double U wrote: »

Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.

It was a smooth experience for me last July. Looking through the mail records

• Monday : created EC-Council store account to pay for eligibility application form. Submitted form
• Tuesday : my manager was contacted via email
• Wednesday : complete form faxed to EC-Council
• Thursday : Eligibility approved. Paid for exam voucher and received voucher code

Guess it was smooth as I am in Asia and EC-Council folks are probably based in Malaysia. Malaysia time zone is GMT+8 so that may explain the long email response delay for you folks in US and Europe. Try emailing them your US Monday to Thursday evening or night.

greeneon

Thanks for the tips! I must remember them.

E Double U

@ greenoen & nokouri - Good luck guys!

@ Mike7 - Maybe I just had bad luck lol.

Arrmanas

Congratulations on the Pass!!

Next stop .... C|HFI? ECSA?

E Double U

@ Arrmanas - no more EC-Council for me in the foreseeable future lol. I'm interested in more GIAC or getting into ISACA.

canito487

E Double U

Do you feel that Matt Walker's AIO 2nd edition is good enough for CEHv9?

Thanks in advance!

E Double U

@ canito487 - It was good enough for me

E Double U

Passed the exam a month ago, received my welcome kit notification from Aspen on Friday, and today I receive an email from EC-Council saying my eligibility application was rejected.