Failed CEH v11 - Help Me Deconstruct/Analyze

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 500 ■■■■■□□□□□
Hi all,

I attempted and failed the CEH v11 after two long months of study and practice exams.  Here's what my study material looks like below.

READING
CEH vll Study Guide (by Ric Messier), published by Sybex.

PRACTICE EXAM
CyberVista CEH v11 (covering 350 questions)

During the exam (which was the proctored one you take at home) I got a guzillion questions about miscellaneous security tools for pentesting, vulnerability management, and other areas of security assessment. Tools, tools, and more tools.  I did not even encounter any of the ones that were mentioned in the Sybex CEH v11 book.  There were also questions about Nmap.

Anyway, I wanted the community to chime in on where I went wrong with the studying phase.  I look forward to giving this another try.  Which study material do you feel I can use now to familiarize myself with the many many tools mentioned, and is the issue that I took the home-proctored version instead of the PearsonVUE version at the test center.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Tagged:

Comments

  • E Double UE Double U Member Posts: 2,087 ■■■■■■■■■■
    edited March 16
    It has probably changed over the years, but here was my experience with the exam in 2016 https://community.infosecinstitute.com/discussion/123468/passed-c-eh-on-11-11-16#latest

    One advantage I had going into the exam was I had completed GCIH one year prior and there was lots of overlap plus I was in an incident response team at the time so I was dealing with these topics daily. 

    My primary study materials were:

    - Matt Walker AIO exam guide & practice exams (both 2nd ed)
    - Boson practice exams (found a coupon code online)

    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, etc.

    2022 goal(s): CRISC, maybe CGEIT or TOGAF

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,670 Admin
    edited March 16
    It sounds like you didn't have enough knowledge and experience using the tools you saw on the exam. I did pass the CEHv8 exam on my first try, but my score was not good and I thought the tools items were where I performed the worst. Several years later, I took the PenTest+ R1 exam and did a much better job learning common pentesting tools as preparation. I barely passed that exam, and I thought my extra time spend studying tools helped me pass.
    If you think the ECC materials you have are insufficient, check out the CompTIA PenTest+ study materials. The Mile2 C)PEH and C)PTE certs are very similar to the CEH, but the study materials might be much more difficult to come by.
  • SteveLavoieSteveLavoie Member Posts: 1,064 ■■■■■■■■■□
    I didnt do the CEH exam, but I have done a plethora of other test. In the score report, do you have an evaluation by subject, most exam give you your bad domain. 

    Also, did you do a lot of practice test from different question bank. Often we think we are ready for an exam, but it is mostly because we have memorized the question bank we are using. 

  • kaijukaiju Member Posts: 453 ■■■■■■■□□□
    You can get experience with many of the tools on Tryhackme.com.
    Work smarter NOT harder! Semper Gumby!
  • SteveLavoieSteveLavoie Member Posts: 1,064 ■■■■■■■■■□
    kaiju said:
    You can get experience with many of the tools on Tryhackme.com.
    Very good suggestion too to get more hands-on experience. However, as CEH is a theorical exam, TryHackme can help or not at all. It all depend on the OP learning style and why did he failed. 
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,670 Admin
    I've been working my way through the hacking trials at the free site OverTheWire. It's useful for learning and practicing for pentesting and "hacking" exams.
  • spiderjerichospiderjericho CCNA, CCNP Enterprise, CISSP, CASP, SEC+, Pentest+, CYSA+, CISA, CGEIT, CRISC, CISM, VCP 6.7 San DiegoRegistered Users, Member Posts: 874 ■■■■■□□□□□
    JDMurray said:
    It sounds like you didn't have enough knowledge and experience using the tools you saw on the exam. I did pass the CEHv8 exam on my first try, but my score was not good and I thought the tools items were where I performed the worst. Several years later, I took the PenTest+ R1 exam and did a much better job learning common pentesting tools as preparation. I barely passed that exam, and I thought my extra time spend studying tools helped me pass.
    If you think the ECC materials you have are insufficient, check out the CompTIA PenTest+ study materials. The Mile2 C)PEH and C)PTE certs are very similar to the CEH, but the study materials might be much more difficult to come by.
    I was similar to you. I probably took the CE and the old non CE Security+ exam. I then took a CISSP exam and passed that with just practice tests, methodologies, and a decent two-week boot camp.

    My job paid for a CEH bootcamp a few months later. I passed that barely. Passed the CASP exam beta that same year. I think there is some bleed between all of these cybersecurity exams. But obviously you and I have years of job experience. 

    The Pentest+ is a good recommendation. As well as the GPEN but that’s pricey.

    ejpt is another cheaper option that is excellent and can probably bridge the gap and lead to a CEH pass.
  • SteveLavoieSteveLavoie Member Posts: 1,064 ■■■■■■■■■□
    I did the eJPT... IMO, do the course with the Starter Pass on INE.com.  Do only the exam if you really need a certificate.

Sign In or Register to comment.