Passed C|EH on 11/11/16

E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
Primary study materials:

- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)

Secondary
- any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)

Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.

My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.

Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.

Update: My score is 83.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS

Comments

  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    Now I have a moment to give some more details about what I was hit with that others might (and some cases 100% sure will) see on the exam:

    - Make sure to have a thorough understanding of Nmap. Know the purpose, the different switches, the outputs, different scan responses to closed/open ports, the flags used by each scan, etc.

    - Recent vulnerabilities (Heartbleed, Shellshock, POODLE, FREAK, etc).

    - TCP/IP & OSI layers - know the protocols/services used by each layer

    - Ports (of course), ACLs, subnetting, differences between IPv4/IPv6, Google search operators, IPsec, social engineering, N-tier architecture, physical security, virus types (know what each does), PKI, SOAP, DNS, 802.11, firewalking, IDS (types, evasion techniques), salts, collisions, ARP, DEP, footprinting, banner grabbing, rainbow tables, brute force/dictionary/hybrid, and much more.

    - Tools - Nmap (so nice had to mention it twice), Wireshark, John The Ripper, Metasploit, Burp Suite, hping, Netcat, Kismet, and a few more. The study material mentions way too many tools to go out and learn each one. Look at each CEH methodology phase, pick a few of the most well known tools from each phase, and get familiar with those. I focused on tools I've seen on the job, during GCIH studies, and some of the top tools mentioned on SecTools.Org Top Network Security Tools.

    - Attacks - SQL injection, buffer overflow, XSS, CSRF (understand the goal of each, how to recognize/mitigate them)

    - Incident handling steps (the order is not as important as knowing what actions are performed at each step)

    - Symmetric/asymmetric encryption types, advantages/disadvantages

    There were no simple questions like what does this tool do or what is the definition of that term. A question would display an output and I had to either choose what was done to produce that output, which tool was used, or what was attempted/accomplished.

    The Boson exams were extremely helpful in reinforcing the material. Good explanations for the correct and incorrect answers plus the references on where to study on that topic. I found a 15% off code at https://www.retailmenot.com/view/boson.com. I also subscribed to have Skillset email me a question a day which I found helpful.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • horusthesunhorusthesun Member Posts: 289
  • greg9891greg9891 Member Posts: 1,189 ■■■■■■■□□□
    congrats!
    :
    Upcoming Certs: VCA-DCV 7.0, VCP-DCV 7.0, Oracle Database 1Z0-071, PMP, Server +, CCNP

    Proverbs 6:6-11Go to the ant, you sluggard! Consider her ways and be wise, Which, having no captain, Overseer or ruler, Provides her supplies in the summer, And gathers her food in the harvest. How long will you slumber, O sluggard?
    When will you rise from your sleep? A little sleep, a little slumber, A little folding of the hands to sleep, So shall your poverty come on you like a prowler And your need like an armed man.
  • khaledit2015khaledit2015 Member Posts: 42 ■■■□□□□□□□
    Good info thanks a lot
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    @ khaledit2015 - When do you plan on taking the exam?
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • bamahonkybamahonky Member Posts: 52 ■■□□□□□□□□
    Congrats. I had similar issues when communicating with EC-Council. No response from emails then get multiple responses from different people.
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    bamahonky wrote: »
    No response from emails then get multiple responses from different people.

    Please don't get me started lol.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • TreySongTreySong Member Posts: 65 ■■■□□□□□□□
    E Double U wrote: »
    Primary study materials:

    - Matt Walker AIO exam guide & practice exams (both 2nd ed)
    - Boson practice exams (found a coupon code online)

    Secondary
    - any free apps and websites with practice questions (Skillset, Pocket Prep, GoCertify)

    Took me about 3 months of solid study along with a few years of experience in the field. I feel like I got hit with a little bit of everything, but the exam wasn't too bad (finished in less than two hours). Some of it felt like a review of CISSP, GCIH, and Cisco material.

    My motivation to get this was to pad the CV with a HR filter that my employer would pay for - mission accomplished. GCIA is up next.

    Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.

    Update: My score is 83.

    Congrats! It seems the EC Council makes the process difficult for candidates who do not take up training with them or their approved training centres before the exams.
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    @TreySong - I don't like to jump to conclusions, but that is possible.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • materwelonmaterwelon Member Posts: 13 ■□□□□□□□□□
    congrats! thx for the detailed post. nice info
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    @ materwelon - No prob! Hoping that the info helps other C|EH hopefuls.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Grats on the pass! Did you find the GCIH similar to the CEH? Seems like there would be some overlap.
  • IaHawkIaHawk Member Posts: 188 ■■■□□□□□□□
    Congrats on the pass. I lost interest in CEH when I asked their "customer support" a few questions before attempting to apply for the exam. I may still give it a shot after I take GCIH early next year.
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Congrats! Now you are one of us!! Whats next?! Happy holidays!
  • FillAwfulFillAwful Member Posts: 119 ■■■□□□□□□□
    Congrats! CEH does make a good keyword search for HR! GCIA is by far the most fun and rewarding Cert I have ever received. It's like the being able to see the matrix (Blonde..redhead...brunette..) have fun with it!
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    Thanks guys! Good luck to anyone else planning on tackling this and I hope you have a better experience dealing with EC-Council than I did.

    @ IaHawk - there is plenty of overlap between GCIH and CEH. If money is not an issue, I think whoever gets one should knock out the other.

    @ kMastaFlash - I have GCIA and CISM on the brain.

    @ FillAwful - CEH gets way more results in my job searches than anything by GIAC so I just had to get it out of the way.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • nokourinokouri Member Posts: 8 ■□□□□□□□□□
    Way to go, congrats! Its on my to-do-list!
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    E Double U wrote: »
    Side note: Dealing with EC-Council during the application process was such a pain. Trying to communicate with them was more difficult than the C|EH material.

    It was a smooth experience for me last July. Looking through the mail records
    • Monday : created EC-Council store account to pay for eligibility application form. Submitted form
    • Tuesday : my manager was contacted via email
    • Wednesday : complete form faxed to EC-Council
    • Thursday : Eligibility approved. Paid for exam voucher and received voucher code
    Guess it was smooth as I am in Asia and EC-Council folks are probably based in Malaysia. Malaysia time zone is GMT+8 so that may explain the long email response delay for you folks in US and Europe. Try emailing them your US Monday to Thursday evening or night.
  • greeneongreeneon Member Posts: 40 ■■■□□□□□□□
    Thanks for the tips! I must remember them.
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    @ greenoen & nokouri - Good luck guys!

    @ Mike7 - Maybe I just had bad luck lol.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • ArrmanasArrmanas Member Posts: 9 ■□□□□□□□□□
    Congratulations on the Pass!!

    Next stop .... C|HFI? ECSA? icon_cheers.gif
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    @ Arrmanas - no more EC-Council for me in the foreseeable future lol. I'm interested in more GIAC or getting into ISACA.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • canito487canito487 Member Posts: 16 ■■■□□□□□□□
    E Double U

    Do you feel that Matt Walker's AIO 2nd edition is good enough for CEHv9?

    Thanks in advance!
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    @ canito487 - It was good enough for me
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    Passed the exam a month ago, received my welcome kit notification from Aspen on Friday, and today I receive an email from EC-Council saying my eligibility application was rejected. icon_lol.gif
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Sign In or Register to comment.