Crappiest Exam I'm Going to Take CEHv9

TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
So I am scheduled to take the exam this Thursday. Which is absurd but EC-Council's policy with my school's proctor.

So far EC-Council is terrible here is why:

Reading the book Matt Walker absolutely loathes the exam and lets the reader know. Loved the book but see why he hates the exam.

Watching the videos from CBT Nuggets was great. Keith Barker was amazing. All the tools are outdated and EC-Council really wants you to know Heartbleed and Shellshock. Hello 2014!

Doing the iLabs. DONT. DO. THESE. EC-Council cannot be pushed to install the software they want you to use in the labs. Most of your lab is logging into servers, installing software, to see some software you will not use in the real world!

Doing the practice exams where I get consistently a 50-70%. Hear me out. I guarantee you it isn't because I'm wrong. It's because I can't wrap my head around EC-Council world. I work in Information Security. I'm an Information Systems Security Administrator that does this every day. However, since I don't know what every command of hping3, nmap, or CEH Hacking Methodology. Boy is this it! I do the corrections but I always get questions that really make you wonder.

If this exam wasn't required for my degree (MSCSIA). I would be really hard press to take it on my own. I'd be hard press if my employer made me do it. This is a waste of time.

Boy is this exam a joke. If you have any questions please feel free to reply below!
These articles and posts are my own opinion and do not reflect the view of my employer.

Website gave me error for signature, check out what I've done here: https://pwningroot.com/
«1

Comments

  • TheFORCETheFORCE Senior Member Member Posts: 2,298 ■■■■■■■■□□
    Why don't you complain to your school's MSCSIA degree about why they are including CEH in the track? Instead you complain about how the CEH sucks? Let it expire after you pass it.
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    I have many times. I'm letting others now my pain in albeit a more rant way. Don't want to paint any roses for the CEH.
    TheFORCE wrote: »
    Why don't you complain to your school's MSCSIA degree about why they are including CEH in the track? Instead you complain about how the CEH sucks? Let it expire after you pass it.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • TranceSoulBrotherTranceSoulBrother Member Posts: 215
    I only got the CEH and CHFI because of WGU's largesse in that degree. To that, I thank them because it gives me a little credibility due to the 8570 requirements. Otherwise, if I get out of the military and don't join the contractor ranks, you won't see me maintain the certs
  • Moldygr33nb3anMoldygr33nb3an Member Posts: 241
    Are you paying for the exam?
    Current: OSCP

    Next: CCNP (R&S and Sec)

    Follow my OSCP Thread!
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Not directly. Its through tuition.
    Are you paying for the exam?
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • 636-555-3226636-555-3226 Member Posts: 976 ■■■■■□□□□□
    I can't wait to read the follow-up post Thursday night! I'm also going to take this exam as a resume booster but have no actual desire to do so.....
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Oh will do! Expect delays though. Its proctored through ProctorU and if I could get them to start the exam in less than 30 minutes I would be happy.
    I can't wait to read the follow-up post Thursday night! I'm also going to take this exam as a resume booster but have no actual desire to do so.....
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • LaSeenoLaSeeno Member Posts: 64 ■■□□□□□□□□
    I'll be taking this within the next 4-6 weeks. Looking forward to see your review :)
  • chrisonechrisone Senior Member Member Posts: 2,126 ■■■■■■■■■□
    stop complaining about opportunity.
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), IHRP (completed), THPv2 (completed), PTXv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCTHPv2 (report: awaiting results), eLearnSecurity: eCPTXv2 (Late-Nov)
  • wayne_wonderwayne_wonder Member Posts: 215 ■■■□□□□□□□
    If it's a free exam why would anyone even complain when others work hard to even pay for this exam let alone others astounding
  • lucky0977lucky0977 Senior Member Member Posts: 218 ■■■■□□□□□□
    TacoRocket wrote: »
    However, since I don't know what every command of hping3, nmap, or CEH Hacking Methodology.
    Don't see anything wrong with the CEH hacking methodology. It's pretty much the same methodology as taught in CISSP or even the eJPT. If you're using Kali Linux, there is a (man) page for nmap and hping3.
    Bachelor of Science: Computer Science | Hawaii Pacific University
    CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    It's not really "free" when I have to pay tuition....

    Still bought the books and pay for a CBT Nuggets subscription. I'm hoping for some redeeming quality through this process and this is why I'm annoyed.

    If it's a free exam why would anyone even complain when others work hard to even pay for this exam let alone others astounding
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Same as quoted above still pay for it with tuition.
    chrisone wrote: »
    stop complaining about opportunity.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Same boat as you. Depending on how recruiters and resume. Don't know if I will keep this one.
    I only got the CEH and CHFI because of WGU's largesse in that degree. To that, I thank them because it gives me a little credibility due to the 8570 requirements. Otherwise, if I get out of the military and don't join the contractor ranks, you won't see me maintain the certs
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    The issue more comes down to the exam being outdated when renewed, the massive amount of tools they want you to know (most you wouldn't use), and when the do pick as organization or standard its an odd one like OSSTMM. I've taken the eJPT, Security+, and GCIH. I'm also working on CISSP and GCIA for this year. I haven't had complaints with those so far.

    I'm okay with exams being bad if they experience isn't terrible. You get it done and move on. However, with this exam, there is nothing redeeming so far. It doesn't help that when scheduling the exam I had to wait 72 hours to schedule because nobody knows. Its just an EC-Council requirement.

    CompTIA, VMware, Microsoft, GIAC, and eLearnsecurity don't care when you schedule. Want to do it tonight? Sure. Tomorrow? Why not.
    lucky0977 wrote: »
    Don't see anything wrong with the CEH hacking methodology. It's pretty much the same methodology as taught in CISSP or even the eJPT. If you're using Kali Linux, there is a (man) page for nmap and hping3.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,909 Mod
    TacoRocket, As the Executive VP of the EC Council Bashing Corporation, I want to nominate you for Assistant VP. We will be honored to have you. LOL!!!
  • wayne_wonderwayne_wonder Member Posts: 215 ■■■□□□□□□□
    TacoRocket wrote: »
    It's not really "free" when I have to pay tuition....

    Still bought the books and pay for a CBT Nuggets subscription. I'm hoping for some redeeming quality through this process and this is why I'm annoyed.


    Ahh I see thought it was paid for it's an expensive exam for what it is but it works for some people you may be surprised not by the content of the exam but the doors it opens
  • chrisonechrisone Senior Member Member Posts: 2,126 ■■■■■■■■■□
    So you feel like you absolutely cannot learn anything off the CEH? I think you are just overwhelmed by your other studies. I took the test and it wasn't about which switch option for nmap conducts a syn scan or which switch option for hping 3 changes the packet size, etc. The test is a little more than that. In fact there is only 1 section off the blue print "IV Tools/Systems/Programs" which is only 32% of the exam. The rest of the exam is policies, risk assessment, methodology, ethics, cryptography. You'd be wise to try and absorb what you learn there as it overlaps (albeit, minor) with CISSP topics. Goodluck on your studies I know you are overwhelmed.

    https://www.eccouncil.org/wp-content/uploads/2016/02/CEH-Exam-Blueprint-v2.0.pdf
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), IHRP (completed), THPv2 (completed), PTXv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCTHPv2 (report: awaiting results), eLearnSecurity: eCPTXv2 (Late-Nov)
  • PC509PC509 CISSP, CEH, CCNA: Security/CyberOps, Sec+, CHFI, A+, Proj+, Server+, MCITP Win7, Vista, MCP Server 2 Oregon, USMember Posts: 801 ■■■■■■□□□□
    I found the exam underwhelming. I overstudied and found it easier than I expected. It feels outdated. I don't put too much faith into it.

    I know there are others that are the same way. Before I took it - I was hyped and ready for it. After I finished the exam, I thought "That's it?". CHFI was even easier.

    If it's required for a position, I'll take it. I earned it. I'm just not going to brag about it.

    Personal opinion, of course.
  • chrisonechrisone Senior Member Member Posts: 2,126 ■■■■■■■■■□
    I agree which is why I didn't even make a post on when I passed the exam or give vivid details on my study journey icon_lol.gif. I just think if one way or another you are presented and required to take a test albeit through your employer or School program, you should try to take away something positive from it. Just trying to help the fellow have a positive mindset since he sounded very angry he had to go through it.
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), IHRP (completed), THPv2 (completed), PTXv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCTHPv2 (report: awaiting results), eLearnSecurity: eCPTXv2 (Late-Nov)
  • PC509PC509 CISSP, CEH, CCNA: Security/CyberOps, Sec+, CHFI, A+, Proj+, Server+, MCITP Win7, Vista, MCP Server 2 Oregon, USMember Posts: 801 ■■■■■■□□□□
    Chrisone - I didn't want to sound arrogant or anything. But, from a positive outlook - I crushed it. Same with Security+. From experience and studying, I knew a lot of the material before I started studying for the exam. I was so awesome, I made the exam seem easy. :D

    Good experience, and there is always something new to learn.

    Just from a 'review' standpoint - I thought it was going to be more difficult. I held it in higher regard before I took it. Certified Ethical Hacker? Heck yea. Afterwards? Oh. CEH. Yea, I passed it. It was almost like passing the MCP for Vista. Yea, I passed. But, it wasn't difficult.

    I just keep thinking about the CISSP. It'll knock me down a few pegs, I'm sure. But, with how it's regarded, I'll be proud as a mofo when I pass it! I'll feel like I slayed a beast. The CEH feels more like I slaughtered a racoon. A little fight, but easily taken down.
  • securemotusecuremotu Member Posts: 5 ■□□□□□□□□□
  • chrisonechrisone Senior Member Member Posts: 2,126 ■■■■■■■■■□
    PC509 wrote: »
    I just keep thinking about the CISSP. It'll knock me down a few pegs, I'm sure. But, with how it's regarded, I'll be proud as a mofo when I pass it! I'll feel like I slayed a beast. The CEH feels more like I slaughtered a racoon. A little fight, but easily taken down.

    Yeah you are comparing a raisin to a truck load of oranges lol CISSP is a beast! Took me a years time of study and 3 attempts, but the feeling of finally passing! oh man! :) Well good luck on that CISSP, just be consistent even during any failed attempts, stay strong, stay consistent and motivated. I think there is another guy who just passed and it took him 3 attempts too. Just know passing after 2 to 3 attempts is normal.
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), IHRP (completed), THPv2 (completed), PTXv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCTHPv2 (report: awaiting results), eLearnSecurity: eCPTXv2 (Late-Nov)
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    I agree with your mentality. I guess I'm just disappointed with how they are changing things compared to the "real" world. I'm all for the exam being more than tools but when it comes to the right way to do it, CEH isn't the standard. That's the problem. They talk like they're experts and if you follow their methodology you will be solid. The truth is, the world doesn't happen according to CEH.

    eLearnSecurity doesn't push such an ideology. CompTIA does but when they have the Sec+ as the corner stone for security beginners they can take it. SANS does but its more real world.

    That's all. It's appearances along with feeling outdated.
    chrisone wrote: »
    I agree which is why I didn't even make a post on when I passed the exam or give vivid details on my study journey icon_lol.gif. I just think if one way or another you are presented and required to take a test albeit through your employer or School program, you should try to take away something positive from it. Just trying to help the fellow have a positive mindset since he sounded very angry he had to go through it.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    I'll take Assistant VP. Does that mean we have a code of ethics that we enforce too? It would only be real if we did the same that EC-Council does. If not its not ethical!

    Don't forget we recognize multiple "hats". This sounds like hacktivism. Because the world cares about your classification of hacker.
    cyberguypr wrote: »
    TacoRocket, As the Executive VP of the EC Council Bashing Corporation, I want to nominate you for Assistant VP. We will be honored to have you. LOL!!!
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • tmurphy3100tmurphy3100 Member Posts: 154 ■■■□□□□□□□
    Please let me know how it goes and if you have any pointers. I will be taking this exam within 4 weeks for the same program. So far I am enjoying the content of Matt Walker's book.
    2020 Goals: CCNA R&S, Cysa+, AZ103, Linux+, Pentest+
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    As I would promise, I took the exam tonight and here is my write up!

    I finished the exam in 30 minutes. I would say the practice exams helped in a way.

    Material I used:

    CBT Nuggets
    Matt Walker book
    Boson Practice Exams
    Transcender Practice Exams
    CEH iLabs

    What I mean by in a way is that they followed the idea around the CEH but ultimately were not close to the exam. The exam was easy. Know your nmap. Most of it is common sense. Like Security+ Advanced.

    Granted I might be working in the field quite a bit which makes this easy. My biggest gripe with the exam is the process. They make it seem like it is lock and key for the exam. It shouldn't be.

    I should be able to study and then take the exam. They should also come to terms with themselves. There is just some things we don't do in the real world.

    However the exam seems to be more realistic than what the material makes it out to be. I didn't see anything to out landish for the exam.

    Will I take it for the resume boost? Sure we will see. If it pays off I might keep it. If not no, there are better uses of my time.

    The exam format is weird as well. Compared to other exams. Such as CompTIA when reviewing questions you can select to flag the questions and then at the end only review flagged questions. Its a nice flow.

    CEH doesn't offer this luxury. When you flag you have to visit each question individually. Its insane. Its so bad, I decided to not even review my questions after the 10th question. I got tired of having to select and scroll. Instead of just next. I didn't care at that point.

    Oh well its over. Thanks for entertaining my rant!

    If you would like you can find my blog below, which also includes my linkedin. Feel free to add me and let me know you're from techexams! If you're doing WGU lets rant together and if you need any questions answered let me know!
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Just when it couldn't get any worse. I'm being audited! Love the process some more!
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • tmurphy3100tmurphy3100 Member Posts: 154 ■■■□□□□□□□
    I don't know if you seen this announcement or not, but hope it helps:

    01/04/2017 - If you receive an EC-Council Audit notice, please respond with the following:

    I am a Western Governors University (WGU) student that has taken the official EC-Council certification course and exam.
    The partnership between EC-Council and WGU excludes the Certificate of Attendance you are requesting in our overall program.
    2020 Goals: CCNA R&S, Cysa+, AZ103, Linux+, Pentest+
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Thank you! I didn't see that. Thought it was silly to go through with it though on their end
    I don't know if you seen this announcement or not, but hope it helps:

    01/04/2017 - If you receive an EC-Council Audit notice, please respond with the following:

    I am a Western Governors University (WGU) student that has taken the official EC-Council certification course and exam.
    The partnership between EC-Council and WGU excludes the Certificate of Attendance you are requesting in our overall program.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
Sign In or Register to comment.