Passed C|EH on 11/11/16
E Double U
Member Posts: 2,238 ■■■■■■■■■■
in CEH
Primary study materials:
- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)
Secondary
- any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)
Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.
My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.
Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.
Update: My score is 83.
- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)
Secondary
- any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)
Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.
My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.
Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.
Update: My score is 83.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Comments
-
E Double U Member Posts: 2,238 ■■■■■■■■■■Now I have a moment to give some more details about what I was hit with that others might (and some cases 100% sure will) see on the exam:
- Make sure to have a thorough understanding of Nmap. Know the purpose, the different switches, the outputs, different scan responses to closed/open ports, the flags used by each scan, etc.
- Recent vulnerabilities (Heartbleed, Shellshock, POODLE, FREAK, etc).
- TCP/IP & OSI layers - know the protocols/services used by each layer
- Ports (of course), ACLs, subnetting, differences between IPv4/IPv6, Google search operators, IPsec, social engineering, N-tier architecture, physical security, virus types (know what each does), PKI, SOAP, DNS, 802.11, firewalking, IDS (types, evasion techniques), salts, collisions, ARP, DEP, footprinting, banner grabbing, rainbow tables, brute force/dictionary/hybrid, and much more.
- Tools - Nmap (so nice had to mention it twice), Wireshark, John The Ripper, Metasploit, Burp Suite, hping, Netcat, Kismet, and a few more. The study material mentions way too many tools to go out and learn each one. Look at each CEH methodology phase, pick a few of the most well known tools from each phase, and get familiar with those. I focused on tools I've seen on the job, during GCIH studies, and some of the top tools mentioned on SecTools.Org Top Network Security Tools.
- Attacks - SQL injection, buffer overflow, XSS, CSRF (understand the goal of each, how to recognize/mitigate them)
- Incident handling steps (the order is not as important as knowing what actions are performed at each step)
- Symmetric/asymmetric encryption types, advantages/disadvantages
There were no simple questions like what does this tool do or what is the definition of that term. A question would display an output and I had to either choose what was done to produce that output, which tool was used, or what was attempted/accomplished.
The Boson exams were extremely helpful in reinforcing the material. Good explanations for the correct and incorrect answers plus the references on where to study on that topic. I found a 15% off code at https://www.retailmenot.com/view/boson.com. I also subscribed to have Skillset email me a question a day which I found helpful.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
greg9891 Member Posts: 1,189 ■■■■■■■□□□congrats!:
Upcoming Certs: VCA-DCV 7.0, VCP-DCV 7.0, Oracle Database 1Z0-071, PMP, Server +, CCNP
Proverbs 6:6-11Go to the ant, you sluggard! Consider her ways and be wise, Which, having no captain, Overseer or ruler, Provides her supplies in the summer, And gathers her food in the harvest. How long will you slumber, O sluggard?
When will you rise from your sleep? A little sleep, a little slumber, A little folding of the hands to sleep, So shall your poverty come on you like a prowler And your need like an armed man. -
E Double U Member Posts: 2,238 ■■■■■■■■■■@ khaledit2015 - When do you plan on taking the exam?Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
bamahonky Member Posts: 52 ■■□□□□□□□□Congrats. I had similar issues when communicating with EC-Council. No response from emails then get multiple responses from different people.
-
E Double U Member Posts: 2,238 ■■■■■■■■■■No response from emails then get multiple responses from different people.
Please don't get me started lol.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
TreySong Member Posts: 65 ■■■□□□□□□□E Double U wrote: »Primary study materials:
- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)
Secondary
- any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)
Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.
My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.
Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.
Update: My score is 83.
Congrats! It seems the EC Council makes the process difficult for candidates who do not take up training with them or their approved training centres before the exams. -
E Double U Member Posts: 2,238 ■■■■■■■■■■@TreySong - I don't like to jump to conclusions, but that is possible.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
E Double U Member Posts: 2,238 ■■■■■■■■■■@ materwelon - No prob! Hoping that the info helps other C|EH hopefuls.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Grats on the pass! Did you find the GCIH similar to the CEH? Seems like there would be some overlap.
-
IaHawk Member Posts: 188 ■■■□□□□□□□Congrats on the pass. I lost interest in CEH when I asked their "customer support" a few questions before attempting to apply for the exam. I may still give it a shot after I take GCIH early next year.
-
[Deleted User] Senior Member Posts: 0 ■■□□□□□□□□Congrats! Now you are one of us!! Whats next?! Happy holidays!
-
FillAwful Member Posts: 119 ■■■□□□□□□□Congrats! CEH does make a good keyword search for HR! GCIA is by far the most fun and rewarding Cert I have ever received. It's like the being able to see the matrix (Blonde..redhead...brunette..) have fun with it!
-
E Double U Member Posts: 2,238 ■■■■■■■■■■Thanks guys! Good luck to anyone else planning on tackling this and I hope you have a better experience dealing with EC-Council than I did.
@ IaHawk - there is plenty of overlap between GCIH and CEH. If money is not an issue, I think whoever gets one should knock out the other.
@ kMastaFlash - I have GCIA and CISM on the brain.
@ FillAwful - CEH gets way more results in my job searches than anything by GIAC so I just had to get it out of the way.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
Mike7 Member Posts: 1,112 ■■■■□□□□□□E Double U wrote: »Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.
It was a smooth experience for me last July. Looking through the mail records- Monday : created EC-Council store account to pay for eligibility application form. Submitted form
- Tuesday : my manager was contacted via email
- Wednesday : complete form faxed to EC-Council
- Thursday : Eligibility approved. Paid for exam voucher and received voucher code
-
E Double U Member Posts: 2,238 ■■■■■■■■■■@ greenoen & nokouri - Good luck guys!
@ Mike7 - Maybe I just had bad luck lol.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
E Double U Member Posts: 2,238 ■■■■■■■■■■@ Arrmanas - no more EC-Council for me in the foreseeable future lol. I'm interested in more GIAC or getting into ISACA.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
canito487 Member Posts: 16 ■■■□□□□□□□E Double U
Do you feel that Matt Walker's AIO 2nd edition is good enough for CEHv9?
Thanks in advance! -
E Double U Member Posts: 2,238 ■■■■■■■■■■@ canito487 - It was good enough for meAlphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
E Double U Member Posts: 2,238 ■■■■■■■■■■Passed the exam a month ago, received my welcome kit notification from Aspen on Friday, and today I receive an email from EC-Council saying my eligibility application was rejected.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS