Passed CEHv9 yesterday

TreySong

I sat for and passed the CEHv9 examination last night. I paid for and made use of the EC Council iLabs. It cost me about £1,500. I also had access to their online Video tutorials. I also read the two main books on CEH . I had wanted to start studying since last November after I paid for access to the lab. But I did not start studying until February. The exam itself was a bit difficult from my perspective as it was the first exam I took and I did not know for certain if I was going to pass until I saw the results. My take is that it is due to the width and breadth of the questions I encountered. I have more than ten years experience in Technology Risk and Cyber Security. I have all of the ISACA qualifications and I also have the CISSP from ISC2 and yet this was a bit difficult. My take is that you really need to spend some significant amount of time understanding each of the tools and what they do. You also need to understand the different malware and how they propagate. Most importantly, pay attention to how some of the key tools are used and the syntax for the related command shells.
The books I read were:
1. CEH ALL in One by Matt Walker. I started dreading the book early November but gave up after a few days as I felt the guy was being cavalier and unserious. So I went and read the Sybex CEHv9 Study Guide by Sean - Philip Oriyano. Sean-Philip is dry and doe snot provide context. It was a hard reading. But after I completed reading it, I went back to Matt Walker and really did enjoy reading his book once I forgot the cavalier attitude. In hindsight, I should have read him completely the first time. But his book is superb. On the day of the exam I went through two of the Practise Tests in the Sybex published "CEHv9 Practice tests" by Raymond Blackmon. Don't underestimate the importance of that book as it highlighted areas I needed to pay attention to. very useful.
Don't rely solely on the books. Do you own research and make sure you understand each tool what it does and how it does it. As to the ILab and online Videos, I think they are overrated.

p@r0tuXus

Thanks for this write-up and assessment. Congratulations! Sorry it cost so much to find out their course was nearly worthless.

scoobydoes

Thanks for the write up and congratulations!

I am getting ready to take the exam in the next week or so. I have been doing web app testing for a few years and need to get this for a contract job. I have a few questions on it if you or someone else can help answer:

How is the web pen testing portion of the exam?
What tools in general were looked at?
How is the systems/networking areas?
What tools in general were looked at?

Thanks so much for your time!

McxRisley

The test for me was pretty simple but I also have experience in a different side of things than the OP, plus I took the exam a week before my OSCP exam. As far as content of the exam you can expect to see questions over the following:

Viruses/worms
IDS/IPS implemetations
Wireless attacks
Basic networking
Physical security
Common sense (No seriously, when you take the exam you will understand)
Know the difference between the various network and wep app attacks(This is where the OSCP had its greatest benefit for me, I could read 5-6 words and know the answer for pretty much all of these)
Nmap
Linux

scoobydoes

Thanks McxRisley, looking forward to knocking this out and moving on to the OSCP!

TreySong

Apologies for my delayed response. I concur with everything McxRisley said. Also make out time to go back to the questions you are not very sure of. I found that I was able to effectively answer close to ten questions just from reviewing and comparing answers to other questions I knew already and was sure of.
Best of luck!

bamahonky

Congrats.

greg9891

Congrats!

canito487

Congrats!

scoobydoes

No worries Treysong Thanks for the review tip. I will be scheduling this week to take it. Thanks again!

TreySong

Thanks to you all! I was relieved to see that I passed.