CEH Pass 12/11/2016

dayglodayglo Member Posts: 30 ■■□□□□□□□□
The other threads here and on Reddit were spot-on concerning what to study for. Here are my additional thoughts:
- I'm the kind of person who overthinks, so I decided to decide on an answer and not go back and change it.
- One question on ALE, one on hping, one on netcat, one on shellshock, one on Heartbleed. Surprisingly none on the cloud.
- The practice tests on Gratis, skillset, etc were very useful in that I knew that I mastered knowledge of a subject when I knew the answer BEFORE reading the choices, or when I said to myself, "their answer is wrong"
- I paid for the ec-council training (my job reinbursed me). I listened to the iClass training to and from work, and during lunch (3 hours a day). The transcender tests were definitely helpful. Knowing that I had a free retest if I failed also was good to know.
- udemy had a nice "CEH boot camp" video which was on sale for $10. Very much worth it at that price, for the practice questions alone. Again, I listened every day to and from work. Modifying the playback speed enabled me to listen to it two or three times without my my wondering.
- of course, don't forget the cybrary CEH video. a bit outdated, but still extremely useful.

Good Luck!

Comments

  • xxxkaliboyxxxxxxkaliboyxxx Member Posts: 466
    Congrats, Did you do any reading material besides practice test?
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • [Deleted User][Deleted User] Posts: 0 ■■□□□□□□□□
    Congrats!!! What's next on your journey?
  • dayglodayglo Member Posts: 30 ■■□□□□□□□□
    I only used reading materials for the sample questions at the end of each chapter. I found that I work best by watching and listening to videos. But to each his own...
  • dayglodayglo Member Posts: 30 ■■□□□□□□□□
    Congrats!!! What's next on your journey?

    I'm over 50, and realized that I'm competing with kids who are right out of school with a variety of certifications and my years of experience no longer gets me in the door.

    So, I've been on a certification run for the last two years, picking up the AWS Certified Architect/Developer/Sysops "Trifecta" and CISM in addition to the CEH.

    The biggest difference for me was not listening to music or the sports station during my commute, or relaxing at lunch, but instead use cybrary, podcasts and Udemy each day. And by varying speeds, I was able to listen to each video several times without it sounding exactly the same :) That meant an extra three hours each day of study time for me in addition to whatever I could do after work. I just wish I did this sooner.

    I haven't decided yet if I should do the CISSP or the just-announced Amazon Security exam. Or hopefully both next year :) I have a 15 year-old at home, so I know I'm not going to retire anytime soon and need to stay relevant in the security field.
  • xxxkaliboyxxxxxxkaliboyxxx Member Posts: 466
    This is awesome, congrats once again! BTW in my small job hunt experience, I have noticed any good company would gladly take someone with experience over certification straight out of school.
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • dayglodayglo Member Posts: 30 ■■□□□□□□□□
    This is awesome, congrats once again! BTW in my small job hunt experience, I have noticed any good company would gladly take someone with experience over certification straight out of school.

    That's IF you make it past the HR filter....
  • xxxkaliboyxxxxxxkaliboyxxx Member Posts: 466
    dayglo wrote: »
    That's IF you make it past the HR filter....

    To put it in prospective, I have no degree or certs, just 8 years of "experience". I have interviewed F2F with Google and verzion at the engineer level. I made it pass the filters just fine. To make it clear, I got beaten out at the final interview by someone I can only assume is superhuman lol, jk. I also got accepted into two other government jobs with my same credentials GS9 level.
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • Mike7Mike7 Member Posts: 1,074 ■■■■□□□□□□
    dayglo wrote: »
    - One question on ALE, one on hping, one on netcat, one on shellshock, one on Heartbleed. Surprisingly none on the cloud.

    During my ECSA course, the cloud penetration testing lab requires us to check for and exploit Heartbleed.
  • jazz_01jazz_01 Member Posts: 65 ■■■□□□□□□□
    Congratulations!
  • E Double UE Double U Member Posts: 1,654 ■■■■■■■■□□
    dayglo wrote: »
    The biggest difference for me was not listening to music or the sports station during my commute, or relaxing at lunch,

    I made the same adjustment and it has paid off. Congratulations!
    Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, etc

    2020 goals: AZ-900, AZ-500, GDSA

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • xxxkaliboyxxxxxxkaliboyxxx Member Posts: 466
    update: I still haven't schedule my test, I'm slacking!!
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • ethical-hacker-73ethical-hacker-73 Member Posts: 6 ■□□□□□□□□□
    I am over 50 as well.

    I passed the CEH v9 today.

    My suggestions.

    Understand the following:

    firewalking
    nmap -A and -O commands
    when to use hping
    when a Microsoft O/S will not respond to ICMP
    LM vs NTLM
    password salting
    Rainbow attacks
    RC4, AES, PKI
    process to encrypt message
    use of hashes for integrity
    written auth for pen testing
    understanding impact of Heartbleed and ShellShock (Bashshells and O/S impacted)
    few questions on IPSec (know what layer of OSI)
    some interesting router protocol questions on OSPF
    of course a subnet mask question
    a IP4 vs IP6 question
    know when to use HIPAA
    some WireShark filter commands (4 or 5 of those)
    know TCP three-way hand shake
    a few IPS vs IDS and stateful firewall questions
    MAC flooding and CAM buffer overflow
    know asymmetric vs symmetric advantages
  • nithichrisnithichris Registered Users Posts: 4 ■□□□□□□□□□
    Could you please let me know the podcasts you have used for CEH preparation
  • xxxkaliboyxxxxxxkaliboyxxx Member Posts: 466
    nithichris wrote: »
    Could you please let me know the podcasts you have used for CEH preparation

    Check out "Paul's Security Weekly", that is what I used.
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • Louie1277Louie1277 Member Posts: 492 ■■■□□□□□□□
    Thank you for sharing this info. I know i'm up there on my age too but I'm looking to take this cert down the road in a couple months. Just need to find the right material, and really get into this. At the moment i'm working on getting my MCSA for work. once I'm done with that I will move toward this cert.

    I am over 50 as well.

    I passed the CEH v9 today.

    My suggestions.

    Understand the following:

    firewalking
    nmap -A and -O commands
    when to use hping
    when a Microsoft O/S will not respond to ICMP
    LM vs NTLM
    password salting
    Rainbow attacks
    RC4, AES, PKI
    process to encrypt message
    use of hashes for integrity
    written auth for pen testing
    understanding impact of Heartbleed and ShellShock (Bashshells and O/S impacted)
    few questions on IPSec (know what layer of OSI)
    some interesting router protocol questions on OSPF
    of course a subnet mask question
    a IP4 vs IP6 question
    know when to use HIPAA
    some WireShark filter commands (4 or 5 of those)
    know TCP three-way hand shake
    a few IPS vs IDS and stateful firewall questions
    MAC flooding and CAM buffer overflow
    know asymmetric vs symmetric advantages
    2018 Goals: 70-410 [X], 70-411 [],70-412 [] :bow: 410- Passed!!!!!!

    My Goal for the Future
    2018 - *MCSA* / 2019 - *Security+*
    2019 - *CEH* / 2020 - * Pen Tester*
Sign In or Register to comment.