Crappiest Exam I'm Going to Take CEHv9

So I am scheduled to take the exam this Thursday. Which is absurd but EC-Council's policy with my school's proctor.

So far EC-Council is terrible here is why:

Reading the book Matt Walker absolutely loathes the exam and lets the reader know. Loved the book but see why he hates the exam.

Watching the videos from CBT Nuggets was great. Keith Barker was amazing. All the tools are outdated and EC-Council really wants you to know Heartbleed and Shellshock. Hello 2014!

Doing the iLabs. DONT. DO. THESE. EC-Council cannot be pushed to install the software they want you to use in the labs. Most of your lab is logging into servers, installing software, to see some software you will not use in the real world!

Doing the practice exams where I get consistently a 50-70%. Hear me out. I guarantee you it isn't because I'm wrong. It's because I can't wrap my head around EC-Council world. I work in Information Security. I'm an Information Systems Security Administrator that does this every day. However, since I don't know what every command of hping3, nmap, or CEH Hacking Methodology. Boy is this it! I do the corrections but I always get questions that really make you wonder.

If this exam wasn't required for my degree (MSCSIA). I would be really hard press to take it on my own. I'd be hard press if my employer made me do it. This is a waste of time.

Boy is this exam a joke. If you have any questions please feel free to reply below!

Find more posts tagged with

Comments

TheFORCE

Why don't you complain to your school's MSCSIA degree about why they are including CEH in the track? Instead you complain about how the CEH sucks? Let it expire after you pass it.

TacoRocket

I have many times. I'm letting others now my pain in albeit a more rant way. Don't want to paint any roses for the CEH.

TheFORCE wrote: »

Why don't you complain to your school's MSCSIA degree about why they are including CEH in the track? Instead you complain about how the CEH sucks? Let it expire after you pass it.

TranceSoulBrother

I only got the CEH and CHFI because of WGU's largesse in that degree. To that, I thank them because it gives me a little credibility due to the 8570 requirements. Otherwise, if I get out of the military and don't join the contractor ranks, you won't see me maintain the certs

Moldygr33nb3an

Are you paying for the exam?

TacoRocket

Not directly. Its through tuition.

Moldygr33nb3an wrote: »

Are you paying for the exam?

636-555-3226

I can't wait to read the follow-up post Thursday night! I'm also going to take this exam as a resume booster but have no actual desire to do so.....

TacoRocket

Oh will do! Expect delays though. Its proctored through ProctorU and if I could get them to start the exam in less than 30 minutes I would be happy.

636-555-3226 wrote: »

I can't wait to read the follow-up post Thursday night! I'm also going to take this exam as a resume booster but have no actual desire to do so.....

LaSeeno

I'll be taking this within the next 4-6 weeks. Looking forward to see your review

chrisone

stop complaining about opportunity.

wayne_wonder

If it's a free exam why would anyone even complain when others work hard to even pay for this exam let alone others astounding

lucky0977

TacoRocket wrote: »

However, since I don't know what every command of hping3, nmap, or CEH Hacking Methodology.

Don't see anything wrong with the CEH hacking methodology. It's pretty much the same methodology as taught in CISSP or even the eJPT. If you're using Kali Linux, there is a (man) page for nmap and hping3.

TacoRocket

It's not really "free" when I have to pay tuition....

Still bought the books and pay for a CBT Nuggets subscription. I'm hoping for some redeeming quality through this process and this is why I'm annoyed.

wayne_wonder wrote: »

If it's a free exam why would anyone even complain when others work hard to even pay for this exam let alone others astounding

TacoRocket

Same as quoted above still pay for it with tuition.

chrisone wrote: »

stop complaining about opportunity.

TacoRocket

Same boat as you. Depending on how recruiters and resume. Don't know if I will keep this one.

TranceSoulBrother wrote: »

I only got the CEH and CHFI because of WGU's largesse in that degree. To that, I thank them because it gives me a little credibility due to the 8570 requirements. Otherwise, if I get out of the military and don't join the contractor ranks, you won't see me maintain the certs

TacoRocket

The issue more comes down to the exam being outdated when renewed, the massive amount of tools they want you to know (most you wouldn't use), and when the do pick as organization or standard its an odd one like OSSTMM. I've taken the eJPT, Security+, and GCIH. I'm also working on CISSP and GCIA for this year. I haven't had complaints with those so far.

I'm okay with exams being bad if they experience isn't terrible. You get it done and move on. However, with this exam, there is nothing redeeming so far. It doesn't help that when scheduling the exam I had to wait 72 hours to schedule because nobody knows. Its just an EC-Council requirement.

CompTIA, VMware, Microsoft, GIAC, and eLearnsecurity don't care when you schedule. Want to do it tonight? Sure. Tomorrow? Why not.

lucky0977 wrote: »

Don't see anything wrong with the CEH hacking methodology. It's pretty much the same methodology as taught in CISSP or even the eJPT. If you're using Kali Linux, there is a (man) page for nmap and hping3.

cyberguypr

TacoRocket, As the Executive VP of the EC Council Bashing Corporation, I want to nominate you for Assistant VP. We will be honored to have you. LOL!!!

wayne_wonder

TacoRocket wrote: »

It's not really "free" when I have to pay tuition....

Still bought the books and pay for a CBT Nuggets subscription. I'm hoping for some redeeming quality through this process and this is why I'm annoyed.

Ahh I see thought it was paid for it's an expensive exam for what it is but it works for some people you may be surprised not by the content of the exam but the doors it opens

chrisone

So you feel like you absolutely cannot learn anything off the CEH? I think you are just overwhelmed by your other studies. I took the test and it wasn't about which switch option for nmap conducts a syn scan or which switch option for hping 3 changes the packet size, etc. The test is a little more than that. In fact there is only 1 section off the blue print "IV Tools/Systems/Programs" which is only 32% of the exam. The rest of the exam is policies, risk assessment, methodology, ethics, cryptography. You'd be wise to try and absorb what you learn there as it overlaps (albeit, minor) with CISSP topics. Goodluck on your studies I know you are overwhelmed.

https://www.eccouncil.org/wp-content/uploads/2016/02/CEH-Exam-Blueprint-v2.0.pdf

PC509

I found the exam underwhelming. I overstudied and found it easier than I expected. It feels outdated. I don't put too much faith into it.

I know there are others that are the same way. Before I took it - I was hyped and ready for it. After I finished the exam, I thought "That's it?". CHFI was even easier.

If it's required for a position, I'll take it. I earned it. I'm just not going to brag about it.

Personal opinion, of course.

chrisone

I agree which is why I didn't even make a post on when I passed the exam or give vivid details on my study journey

. I just think if one way or another you are presented and required to take a test albeit through your employer or School program, you should try to take away something positive from it. Just trying to help the fellow have a positive mindset since he sounded very angry he had to go through it.

PC509

Chrisone - I didn't want to sound arrogant or anything. But, from a positive outlook - I crushed it. Same with Security+. From experience and studying, I knew a lot of the material before I started studying for the exam. I was so awesome, I made the exam seem easy.

Good experience, and there is always something new to learn.

Just from a 'review' standpoint - I thought it was going to be more difficult. I held it in higher regard before I took it. Certified Ethical Hacker? Heck yea. Afterwards? Oh. CEH. Yea, I passed it. It was almost like passing the MCP for Vista. Yea, I passed. But, it wasn't difficult.

I just keep thinking about the CISSP. It'll knock me down a few pegs, I'm sure. But, with how it's regarded, I'll be proud as a mofo when I pass it! I'll feel like I slayed a beast. The CEH feels more like I slaughtered a racoon. A little fight, but easily taken down.

securemotu

best of luck

chrisone

PC509 wrote: »

I just keep thinking about the CISSP. It'll knock me down a few pegs, I'm sure. But, with how it's regarded, I'll be proud as a mofo when I pass it! I'll feel like I slayed a beast. The CEH feels more like I slaughtered a racoon. A little fight, but easily taken down.

Yeah you are comparing a raisin to a truck load of oranges lol CISSP is a beast! Took me a years time of study and 3 attempts, but the feeling of finally passing! oh man!

Well good luck on that CISSP, just be consistent even during any failed attempts, stay strong, stay consistent and motivated. I think there is another guy who just passed and it took him 3 attempts too. Just know passing after 2 to 3 attempts is normal.

TacoRocket

I agree with your mentality. I guess I'm just disappointed with how they are changing things compared to the "real" world. I'm all for the exam being more than tools but when it comes to the right way to do it, CEH isn't the standard. That's the problem. They talk like they're experts and if you follow their methodology you will be solid. The truth is, the world doesn't happen according to CEH.

eLearnSecurity doesn't push such an ideology. CompTIA does but when they have the Sec+ as the corner stone for security beginners they can take it. SANS does but its more real world.

That's all. It's appearances along with feeling outdated.

chrisone wrote: »

I agree which is why I didn't even make a post on when I passed the exam or give vivid details on my study journey . I just think if one way or another you are presented and required to take a test albeit through your employer or School program, you should try to take away something positive from it. Just trying to help the fellow have a positive mindset since he sounded very angry he had to go through it.

TacoRocket

I'll take Assistant VP. Does that mean we have a code of ethics that we enforce too? It would only be real if we did the same that EC-Council does. If not its not ethical!

Don't forget we recognize multiple "hats". This sounds like hacktivism. Because the world cares about your classification of hacker.

cyberguypr wrote: »

TacoRocket, As the Executive VP of the EC Council Bashing Corporation, I want to nominate you for Assistant VP. We will be honored to have you. LOL!!!

tmurphy3100

Please let me know how it goes and if you have any pointers. I will be taking this exam within 4 weeks for the same program. So far I am enjoying the content of Matt Walker's book.

TacoRocket

As I would promise, I took the exam tonight and here is my write up!

I finished the exam in 30 minutes. I would say the practice exams helped in a way.

Material I used:

CBT Nuggets
Matt Walker book
Boson Practice Exams
Transcender Practice Exams
CEH iLabs

What I mean by in a way is that they followed the idea around the CEH but ultimately were not close to the exam. The exam was easy. Know your nmap. Most of it is common sense. Like Security+ Advanced.

Granted I might be working in the field quite a bit which makes this easy. My biggest gripe with the exam is the process. They make it seem like it is lock and key for the exam. It shouldn't be.

I should be able to study and then take the exam. They should also come to terms with themselves. There is just some things we don't do in the real world.

However the exam seems to be more realistic than what the material makes it out to be. I didn't see anything to out landish for the exam.

Will I take it for the resume boost? Sure we will see. If it pays off I might keep it. If not no, there are better uses of my time.

The exam format is weird as well. Compared to other exams. Such as CompTIA when reviewing questions you can select to flag the questions and then at the end only review flagged questions. Its a nice flow.

CEH doesn't offer this luxury. When you flag you have to visit each question individually. Its insane. Its so bad, I decided to not even review my questions after the 10th question. I got tired of having to select and scroll. Instead of just next. I didn't care at that point.

Oh well its over. Thanks for entertaining my rant!

If you would like you can find my blog below, which also includes my linkedin. Feel free to add me and let me know you're from techexams! If you're doing WGU lets rant together and if you need any questions answered let me know!

TacoRocket

Just when it couldn't get any worse. I'm being audited! Love the process some more!

tmurphy3100

I don't know if you seen this announcement or not, but hope it helps:

01/04/2017 - If you receive an EC-Council Audit notice, please respond with the following:

I am a Western Governors University (WGU) student that has taken the official EC-Council certification course and exam.
The partnership between EC-Council and WGU excludes the Certificate of Attendance you are requesting in our overall program.

TacoRocket

Thank you! I didn't see that. Thought it was silly to go through with it though on their end

tmurphy3100 wrote: »

I don't know if you seen this announcement or not, but hope it helps:

01/04/2017 - If you receive an EC-Council Audit notice, please respond with the following:

I am a Western Governors University (WGU) student that has taken the official EC-Council certification course and exam.
The partnership between EC-Council and WGU excludes the Certificate of Attendance you are requesting in our overall program.