Failed CEH v11 - Help Me Deconstruct/Analyze
Hi all,
I attempted and failed the CEH v11 after two long months of study and practice exams. Here's what my study material looks like below.
READING
CEH vll Study Guide (by Ric Messier), published
by Sybex.
PRACTICE EXAM
CyberVista CEH v11 (covering 350 questions)
During the exam (which was the proctored one you take at home) I got a guzillion questions about miscellaneous security tools for pentesting, vulnerability management, and other areas of security assessment. Tools, tools, and more tools. I did not even encounter any of the ones that were mentioned in the Sybex CEH v11 book. There were also questions about Nmap.
Anyway, I wanted the community to chime in on where I went wrong with the studying phase. I look forward to giving this another try. Which study material do you feel I can use now to familiarize myself with the many many tools mentioned, and is the issue that I took the home-proctored version instead of the PearsonVUE version at the test center.
I attempted and failed the CEH v11 after two long months of study and practice exams. Here's what my study material looks like below.
READING
CEH vll Study Guide (by Ric Messier), published
PRACTICE EXAM
CyberVista CEH v11 (covering 350 questions)
During the exam (which was the proctored one you take at home) I got a guzillion questions about miscellaneous security tools for pentesting, vulnerability management, and other areas of security assessment. Tools, tools, and more tools. I did not even encounter any of the ones that were mentioned in the Sybex CEH v11 book. There were also questions about Nmap.
Anyway, I wanted the community to chime in on where I went wrong with the studying phase. I look forward to giving this another try. Which study material do you feel I can use now to familiarize myself with the many many tools mentioned, and is the issue that I took the home-proctored version instead of the PearsonVUE version at the test center.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Comments
-
E Double U
Member Posts: 2,252 ■■■■■■■■■■
It has probably changed over the years, but here was my experience with the exam in 2016 https://community.infosecinstitute.com/discussion/123468/passed-c-eh-on-11-11-16#latest
One advantage I had going into the exam was I had completed GCIH one year prior and there was lots of overlap plus I was in an incident response team at the time so I was dealing with these topics daily.
My primary study materials were:
- Matt Walker AIO exam guide & practice exams (both 2nd ed)
- Boson practice exams (found a coupon code online)
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
JDMurray
Admin Posts: 13,124 Admin
It sounds like you didn't have enough knowledge and experience using the tools you saw on the exam. I did pass the CEHv8 exam on my first try, but my score was not good and I thought the tools items were where I performed the worst. Several years later, I took the PenTest+ R1 exam and did a much better job learning common pentesting tools as preparation. I barely passed that exam, and I thought my extra time spend studying tools helped me pass.If you think the ECC materials you have are insufficient, check out the CompTIA PenTest+ study materials. The Mile2 C)PEH and C)PTE certs are very similar to the CEH, but the study materials might be much more difficult to come by. -
SteveLavoie
Member Posts: 1,133 ■■■■■■■■■□
I didnt do the CEH exam, but I have done a plethora of other test. In the score report, do you have an evaluation by subject, most exam give you your bad domain.
Also, did you do a lot of practice test from different question bank. Often we think we are ready for an exam, but it is mostly because we have memorized the question bank we are using.
-
kaiju
Member Posts: 453 ■■■■■■■□□□
You can get experience with many of the tools on Tryhackme.com.
Work smarter NOT harder! Semper Gumby! -
SteveLavoie
Member Posts: 1,133 ■■■■■■■■■□
Very good suggestion too to get more hands-on experience. However, as CEH is a theorical exam, TryHackme can help or not at all. It all depend on the OP learning style and why did he failed.kaiju said:You can get experience with many of the tools on Tryhackme.com. -
JDMurray
Admin Posts: 13,124 Admin
I've been working my way through the hacking trials at the free site OverTheWire. It's useful for learning and practicing for pentesting and "hacking" exams.
-
spiderjericho
Registered Users, Member Posts: 899 ■■■■■□□□□□
I was similar to you. I probably took the CE and the old non CE Security+ exam. I then took a CISSP exam and passed that with just practice tests, methodologies, and a decent two-week boot camp.JDMurray said:It sounds like you didn't have enough knowledge and experience using the tools you saw on the exam. I did pass the CEHv8 exam on my first try, but my score was not good and I thought the tools items were where I performed the worst. Several years later, I took the PenTest+ R1 exam and did a much better job learning common pentesting tools as preparation. I barely passed that exam, and I thought my extra time spend studying tools helped me pass.If you think the ECC materials you have are insufficient, check out the CompTIA PenTest+ study materials. The Mile2 C)PEH and C)PTE certs are very similar to the CEH, but the study materials might be much more difficult to come by.
My job paid for a CEH bootcamp a few months later. I passed that barely. Passed the CASP exam beta that same year. I think there is some bleed between all of these cybersecurity exams. But obviously you and I have years of job experience.The Pentest+ is a good recommendation. As well as the GPEN but that’s pricey.
ejpt is another cheaper option that is excellent and can probably bridge the gap and lead to a CEH pass. -
SteveLavoie
Member Posts: 1,133 ■■■■■■■■■□
I did the eJPT... IMO, do the course with the Starter Pass on INE.com. Do only the exam if you really need a certificate.