Passed CEH
Gennosuke HIGAKI
Member Posts: 68 ■■□□□□□□□□
in CEH
It is my pleasure to inform you of my success in achieving CEH today. Being not affordable to go and learn their costly curriculum in the U.S., I did this by sef-study. Luckily, I gained 85% against 150 questions in 3 hours. This is my 3rd security title following Comptia Security+ and CIW Security Professional. Taking advantage of the CIW preferential track subject to an achievement among other various intermediate certificates, in which CEH ranks, I can apply "Security Analyst" to CIW. CEH is tougher but worthwhile trying I say.
Comments
-
liven Member Posts: 918GOOD JOB!!!!
What study materials did you use?encrypt the encryption, never mind my brain hurts. -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□It is my pleasure to congratulate you on a job well done.All things are possible, only believe.
-
JDMurray Admin Posts: 13,090 AdminYes, congrats! Can you give us your opinion of the new CEH exam without including any significant details?
-
Sie Member Posts: 1,195Congratulation!Foolproof systems don't take into account the ingenuity of fools
-
Gennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□Dear all,
Thank you for your homage For your reference, let me write my approach
Toward CEH, basic knowledge and experiences on Computer Security are essential. Comptia Security+ is a good step to begin with. For self-starter like me you need a recommendation to certify minimum 2-year experiences in security field by your direct supervisor when applying to the EC-Council. Payment $250 is to be accepted with cash card only by the EC-Council headquarters.
Main CEH resources:
Official Certified Ethical Hacker Review Guide: Sybex
Exam Prep Certified Ethical Hacker: Michael Gregg
Certified Ethical Hacker Mega Guide: PrepLogic
The CEH Prep Guide: Wiley
The last one is quite newly published, this October. I waited this for a making-up. This presents a wider perspective, in other words, a normative frame like CISSP to pratical CEH.
Hard-cover references:
Hacking Exposed Fourth Edition: Osbone
Active Defense Network Security: Sybex
Snort Cookbook: O'reilly
Network Security Tools: ditto
Intrusion Signatures and Analysis: Pearson Education Japan
Know Your Enemy - Security Warrior: O'reilly
Network Security Assessment: ditto
Incident Response - Investigating Computer Crime: Kevin Mandia
Hacking - the art of exploitation: Oreilly
Wi-Foo: Addison Wesley
Note: Assembler based reverse engineering is out of scope in CEH.
Main Internet references:
http://www.sans.org/
http://www.itl.nist.gov/
http://packetstormsecurity.org/
http://www.freepracticetests.org/home.php
http://ftp2.de.freebsd.org/pub/misc/www.rootshell.com/
http://www.cs.princeton.edu/sip/pub/index.php3
Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.
Real questions vary in style and meaning, sometimes quite tricky for non-Engish-candidate. For instance. Which is ....NOT, or LEAST LIKELY or NOT INACCURATE or ... NOT ... THAT negative meaning. Or a scenario style, a longer introduction and a shortest core.
Most effective method is an actual simulation. Once I had enjoyed "evil attempts" extensively in my small home LAN composed of Linux, Windoz, and an attacker Giant Mini, 486 based tiny Linux laptop, armed with scanners, sniffers, DOS/DDOS, password carckers, and more.
I wish this to be of your little service.
With very best regards and thank you all -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□Very impressive and helpful listing, thank you.
So what is next for you? Or will you take a break from studies? Also, I loved this part of your post:Once I had enjoyed "evil attempts" extensively in my small home LAN composed of Linux, Windoz, and an attacker Giant Mini, 486 based tiny Linux laptop, armed with scanners, sniffers, DOS/DDOS, password carckers, and more.
Thanks again.All things are possible, only believe. -
JDMurray Admin Posts: 13,090 AdminGennosuke HIGAKI wrote:Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.
-
Gennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□Good news, the Exam Prep book I have is for 312-50, it says so right on the cover. Inside it says "Third Printing: May 2007". ISBN is 0789735318.
You might check legal & administrative aspects. I also read "Exam Cram 2: CISSP Practice Questions" written by Michael Gregg, same author of the above book. This is a booklet with rich contents even a CD attached. Also good preparatory step for CISSP. http://www.amazon.com/CISSP-Practice-Questions-Exam-Cram/dp/0789733056Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.
For sprkymrk - You say, so what's next? Uh... not decided yet. It may be further Security or CISCO group. You see, I was, am not a cert hunter. Simply, I do what I should have done earlier.
Below is on my Saturday Special.
Panasonic: Pronote Jet Mini CF-11, prototype of Panasonic Let's Note model
CPU: Intel 486 DX2 66MHZ stepping 05
OS: MS DOS 6.3J 300MB in /dev/hda1 and Linux 6.3J 1.2GB in /dev/hda2
RAM: 16MB
VIDEO: 512KB barely run X windows.
NIC: 3Com 3c589 family card
WEIGHT: 1.3kg
See not my but Mini fun's page: http://homepage3.nifty.com/tozachan/pc/mini/jetmini.htm
Start-up Menu, selectable via a DOS CONFIG/AUTOEXEC branch
PC DOS J6.3J/V Startup Menu
1. Red Hat Linux 6.2J
2. Nwclient - Netware
3. MS Lanman - Windows/NT
4. PCNFS/NCSA - Unix host
5. IBM Webboy - Internet
6. Wterm - BBS Connection
7. PC Anywahre - Office
8. WordPerfect DOS 5.1J
9. Simpe DOS 6.3 English
Note: Besides Linux, Kernel 2.2.14-50 on i486, basically a PC DOS macine, with a couple of DOS interfaces to, Netware, Windoz, Unix LANs, Internet CUI access, BBS, Dial-up connection to office LAN, and WordProcessor. Once honored to detect, analyze and execute "Ghost-Bustering" through tcpdump packet monitoring, that was, abnormal modem call at midnight. Still active.
I look forward to your success.
With best regards -
famosbrown Member Posts: 637Looks to be a **** for the practice exam according to:
http://www.certguard.com/search.asp?Site=**** (listed backwards by user above)B.S.B.A. (Management Information Systems)
M.B.A. (Technology Management) -
snadam Member Posts: 2,234 ■■■■□□□□□□famosbrown wrote:Looks to be a **** for the practice exam according to:
http://www.certguard.com/search.asp?Site=amazon (listed backwards by user above)
+1. If you used this resource, then I wouldn't consider your pass legitimate...Ill hold my other comments if he has some sort of explanation.**** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine
:study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security -
JDMurray Admin Posts: 13,090 AdminMany people studying for certifications come across **** that are labeled as practice exams. Not know what a **** is, they use them believing they are legitimate study material. In my opinion, cheating, like lying, is a deliberate act. The unintentional use of a **** is simply a mistake to be learned from and never repeated.
In this case, it is likely that a **** for version 4 of the CEH exam was used to study for version 5 of the CEH exam. Even if the **** contained correct questions and answers (and most do not) for the CEHv4 exam, it is likely that it provided no real advantage for passing the CEHv5 exam. -
snadam Member Posts: 2,234 ■■■■□□□□□□JDMurray wrote:Many people studying for certifications come across **** that are labeled as practice exams. Not know what a **** is, they use them believing they are legitimate study material. In my opinion, cheating, like lying, is a deliberate act. The unintentional use of a **** is simply a mistake to be learned from and never repeated.
In this case, it is likely that a **** for version 4 of the CEH exam was used to study for version 5 of the CEH exam. Even if the **** contained correct questions and answers (and most do not) for the CEHv4 exam, it is likely that it provided no real advantage for passing the CEHv5 exam.
Well I hope thats the reason why. I'm also leaning towards the fact that it was indeed unintentional. Either way, passing an exam in a foreign language is pretty good.**** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine
:study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security -
Gennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□Oh, it looks something backfiring. I am not suspicious by nature. Is the vendor doing illegal business?
-
Gennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□Nobody has replied to my quite naive question. I murmur;
Who advocates, sets, and sells dammned global standards?
Who takes advantage of?
Who earns and laughs loud?
Who climbs on the bandwagon?
Again "Are braindumpers doing illegal business?" Go-getting Bill Gates will say "Definitely yes" Reverend Richard Stallmann will say "Absolutely no"
Anyway, I read and understood the logic http://www.certguard.com/braindumps.asp in my poor English. I thank famousbrown, snadam, and JDMurry for your cautions.
I introduce another resource among my available means. I had bought a copy of SAFE Preplogic Audio coupling license. http://www.preplogic.com/vendors/ec-council.aspx Did this work for me?
Read: http://www.ethicalhacker.net/content/view/54/24/ I would say "I agree with him, too meticulous while sometimes too vague, but it helped to a certain extent."
I look forward to your challenge and success.
Have nice X-mas holidays -
dynamik Banned Posts: 12,312 ■■■■■■■■■□Actually, I think everyone agrees that **** are illegal. They are questions and answers taken directly from the tests and serve no purpose other than to allow others to ****.
However, I would wager that few, if any, think that you do not deserve that certification. You seem to have genuinely come across that **** on accident. Plus, that reading list is probably longer than what I've used for all my certs combined. I've bookmarked this thread to come back to your resource list when I attempt the CEH later in 2008.
Congratulations on the pass and happy holidays to you as well. -
snadam Member Posts: 2,234 ■■■■□□□□□□dynamik wrote:Actually, I think everyone agrees that **** are illegal. They are questions and answers taken directly from the tests and serve no purpose other than to allow others to ****.
However, I would wager that few, if any, think that you do not deserve that certification. You seem to have genuinely come across that **** on accident. Plus, that reading list is probably longer than what I've used for all my certs combined. I've bookmarked this thread to come back to your resource list when I attempt the CEH later in 2008.
Congratulations on the pass and happy holidays to you as well.
In short, I fully agree with above statement. It does sound like a genuine honest mistake, which is fine in my book. Its the peolpe that knowingly use **** that upset me. In this case, it doesnt seem that way.
Congratulations on your pass and happiest of holidays**** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine
:study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security -
keatron Member Posts: 1,213 ■■■■■■□□□□As a person that helped create v5 of the exam, and have taken all versions of the exam, I can tell you that 95% of all the questions in the v4 pool were zapped, even the ones that remained were completely re-worded and re-worked. The v5 questions are pretty much all new. JD has a valid point. With the hundreds of **** that are out there and the hundreds of legitimate sites out there, it can be tough to seperate the two. But it's always a good idea to come somewhere like here and ask is the material legit before using it. I concur with JD, a mistake made, no harm no foul. Just research the sources a little better the next time.
Keatron. -
Gennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up
Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.
Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.
Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.
Good night -
keatron Member Posts: 1,213 ■■■■■■□□□□Gennosuke HIGAKI wrote:Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up
Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.
Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.
Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.
Good night
Well, i can tell everyone this much about v5 exam over previous versions. You'd had better know how to do some log analysis. In other words, be able to look at REAL logs of REAL attacks and decipher exactly what happened and what was going on. There is room for interpretation, but if you know what tool is used for what, and what techniques are used for what purpose, your interpretation will be dead on accurate.
Keatron. -
snadam Member Posts: 2,234 ■■■■□□□□□□Gennosuke HIGAKI wrote:Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up
Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.
Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.
Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.
Good night
right on my man. And I do apologize for being a tad harsh; but the number of honest people like yourself are rare when it comes to using ****. It was a Honest mistake as Ive stated before. I hope this doesnt steer you away from this site, because it is truly a wonderful place of information and good people in the IT industry.
Again my congrats!**** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine
:study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security