Passed CEH v9 Exam - Some Guidance for my fellow test takers

djcbhatiadjcbhatia ■□□□□□□□□□ Posts: 1Registered Users ■□□□□□□□□□
Took the CEH 9 Exam the last day allowed in Dec 2016 and passed the exam
Want to share my experience, so you can appropriately prepare and pass the exam

Level of difficulty
At least a 7 on a scale of 10

Prep Time:
3 months. Your should allocate more time if you have not taken any exams before.
My past experience: ISC2 CISSP & ISC2 CCSP

Study materials:
1. Clement Dupuis CCCURE freepracticetests.org - very good and relevant resource
2. Sybex press CEH v9 Book and Exam prep questions - by Raymond Blockmon
3. Skillset study material, labs and videos are good, however the study material appears to be overly detailed, and time consuming.
4. Official CEH Study guide is good from a high level perspective.

What will it cost you (Budget):
Eligibility & Exam: $700
Books: $100
Exam prep Portals: $300 (3 months)
Have your employer send you for training if possible. (I did self study)

Must Have:
You must setup LOCAL labs to practice, to understand syntax of the tools.
Use VMWare workstation if possible to setup multiple VMs - W10 and Kali Linux.
Do not practice on the Internet - you will get shut down or arrested.

Concepts
Do google searches on various topics and read and understand. You will be amazed at how much great info is out there.

How to Prepare
You may know the concepts, but unfortunately its not enough to pass the exam. Taking and passing the exam is a different animal. Hence the more exposure you have to a wide array of questions, the better are your chances. So don't skip the practice tests

Notes
To me it is all about connecting the dots. You are a SIEM taking feeds from every where - you have to run your co relation engine to make sense of it all. There are thousands of bits of information scattered all over. You have to co-relate it - and I prefer mind maps.

What is on the test:
Laws
Nmap - note you can answer the qustions only if you have practiced the syntax in a lab.
Google search syntax
XSRF vs XSS vs Injection and how to mitigate
Wireshark - know the difference between capture and analysis
Ports - know your ports and subnetting
KNOW YOUR TOOLS - what tool is for what
Risk, Vulnerability, Threat
SLE, ALE, ARO - know how to calculate
Know IPSEC inside out - some twisted questions
Know your cryptos - what is used where
ECCouncil loves Heartbleed/Poodle. Know what these are all about and how to miitigate
Email security best practices, social engineering
Webserver compromise methodologies
And snort - you have to know at least snort rules
pcap tools - what are they besides wireshark
DNS
New to v9:
Cloud computing SSO
Blue tooth attacks
Difference in IOS, Android, rooting, jail breaking

You are unique
Remember no one size fits all. You are unique and your learning style is your own. How do you learn best, is it by writing things down, is it by practising, is it by listening. So come up with your own unique study style and signature, everything any one says is just a guideline.
You have to put in the time and effort. The days leading to the exam are the most important. You need quiet and consolidated time before you take the exam.

Goodspeed

Comments

Sign In or Register to comment.