Passed CEHv9 yesterday
I sat for and passed the CEHv9 examination last night. I paid for and made use of the EC Council iLabs. It cost me about £1,500. I also had access to their online Video tutorials. I also read the two main books on CEH . I had wanted to start studying since last November after I paid for access to the lab. But I did not start studying until February. The exam itself was a bit difficult from my perspective as it was the first exam I took and I did not know for certain if I was going to pass until I saw the results. My take is that it is due to the width and breadth of the questions I encountered. I have more than ten years experience in Technology Risk and Cyber Security. I have all of the ISACA qualifications and I also have the CISSP from ISC2 and yet this was a bit difficult. My take is that you really need to spend some significant amount of time understanding each of the tools and what they do. You also need to understand the different malware and how they propagate. Most importantly, pay attention to how some of the key tools are used and the syntax for the related command shells.
The books I read were:
1. CEH ALL in One by Matt Walker. I started dreading the book early November but gave up after a few days as I felt the guy was being cavalier and unserious. So I went and read the Sybex CEHv9 Study Guide by Sean - Philip Oriyano. Sean-Philip is dry and doe snot provide context. It was a hard reading. But after I completed reading it, I went back to Matt Walker and really did enjoy reading his book once I forgot the cavalier attitude. In hindsight, I should have read him completely the first time. But his book is superb. On the day of the exam I went through two of the Practise Tests in the Sybex published "CEHv9 Practice tests" by Raymond Blackmon. Don't underestimate the importance of that book as it highlighted areas I needed to pay attention to. very useful.
Don't rely solely on the books. Do you own research and make sure you understand each tool what it does and how it does it. As to the ILab and online Videos, I think they are overrated.
The books I read were:
1. CEH ALL in One by Matt Walker. I started dreading the book early November but gave up after a few days as I felt the guy was being cavalier and unserious. So I went and read the Sybex CEHv9 Study Guide by Sean - Philip Oriyano. Sean-Philip is dry and doe snot provide context. It was a hard reading. But after I completed reading it, I went back to Matt Walker and really did enjoy reading his book once I forgot the cavalier attitude. In hindsight, I should have read him completely the first time. But his book is superb. On the day of the exam I went through two of the Practise Tests in the Sybex published "CEHv9 Practice tests" by Raymond Blackmon. Don't underestimate the importance of that book as it highlighted areas I needed to pay attention to. very useful.
Don't rely solely on the books. Do you own research and make sure you understand each tool what it does and how it does it. As to the ILab and online Videos, I think they are overrated.
Comments
-
p@r0tuXus Member Posts: 532 ■■■■□□□□□□Thanks for this write-up and assessment. Congratulations! Sorry it cost so much to find out their course was nearly worthless.Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE -
scoobydoes Member Posts: 25 ■□□□□□□□□□Thanks for the write up and congratulations!
I am getting ready to take the exam in the next week or so. I have been doing web app testing for a few years and need to get this for a contract job. I have a few questions on it if you or someone else can help answer:
How is the web pen testing portion of the exam?
What tools in general were looked at?
How is the systems/networking areas?
What tools in general were looked at?
Thanks so much for your time! -
McxRisley Member Posts: 494 ■■■■■□□□□□The test for me was pretty simple but I also have experience in a different side of things than the OP, plus I took the exam a week before my OSCP exam. As far as content of the exam you can expect to see questions over the following:
Viruses/worms
IDS/IPS implemetations
Wireless attacks
Basic networking
Physical security
Common sense (No seriously, when you take the exam you will understand)
Know the difference between the various network and wep app attacks(This is where the OSCP had its greatest benefit for me, I could read 5-6 words and know the answer for pretty much all of these)
Nmap
LinuxI'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect. -
scoobydoes Member Posts: 25 ■□□□□□□□□□Thanks McxRisley, looking forward to knocking this out and moving on to the OSCP!
-
TreySong Member Posts: 65 ■■■□□□□□□□Apologies for my delayed response. I concur with everything McxRisley said. Also make out time to go back to the questions you are not very sure of. I found that I was able to effectively answer close to ten questions just from reviewing and comparing answers to other questions I knew already and was sure of.
Best of luck! -
greg9891 Member Posts: 1,189 ■■■■■■■□□□Congrats!:
Upcoming Certs: VCA-DCV 7.0, VCP-DCV 7.0, Oracle Database 1Z0-071, PMP, Server +, CCNP
Proverbs 6:6-11Go to the ant, you sluggard! Consider her ways and be wise, Which, having no captain, Overseer or ruler, Provides her supplies in the summer, And gathers her food in the harvest. How long will you slumber, O sluggard?
When will you rise from your sleep? A little sleep, a little slumber, A little folding of the hands to sleep, So shall your poverty come on you like a prowler And your need like an armed man. -
scoobydoes Member Posts: 25 ■□□□□□□□□□No worries Treysong Thanks for the review tip. I will be scheduling this week to take it. Thanks again!