Passed CEH

Gennosuke HIGAKI · December 2007

It is my pleasure to inform you of my success in achieving CEH today. Being not affordable to go and learn their costly curriculum in the U.S., I did this by sef-study. Luckily, I gained 85% against 150 questions in 3 hours. This is my 3rd security title following Comptia Security+ and CIW Security Professional. Taking advantage of the CIW preferential track subject to an achievement among other various intermediate certificates, in which CEH ranks, I can apply "Security Analyst" to CIW. CEH is tougher but worthwhile trying I say.

liven · December 2007

GOOD JOB!!!!

What study materials did you use?

sprkymrk · December 2007

It is my pleasure to congratulate you on a job well done.

Megadeth4168 · December 2007

Congrats!

Schluep · December 2007

Congratulations. What materials did you use for your self study?

JDMurray · December 2007

Yes, congrats! Can you give us your opinion of the new CEH exam without including any significant details?

keatron · December 2007

Congrats! Good work, it's a relatively tough exam.

Sie · December 2007

Congratulation!

Gennosuke HIGAKI · December 2007

Dear all,

Thank you for your homage For your reference, let me write my approach

Toward CEH, basic knowledge and experiences on Computer Security are essential. Comptia Security+ is a good step to begin with. For self-starter like me you need a recommendation to certify minimum 2-year experiences in security field by your direct supervisor when applying to the EC-Council. Payment $250 is to be accepted with cash card only by the EC-Council headquarters.

Main CEH resources:

Official Certified Ethical Hacker Review Guide: Sybex
Exam Prep Certified Ethical Hacker: Michael Gregg
Certified Ethical Hacker Mega Guide: PrepLogic
The CEH Prep Guide: Wiley

The last one is quite newly published, this October. I waited this for a making-up. This presents a wider perspective, in other words, a normative frame like CISSP to pratical CEH.

Hard-cover references:

Hacking Exposed Fourth Edition: Osbone
Active Defense Network Security: Sybex
Snort Cookbook: O'reilly
Network Security Tools: ditto
Intrusion Signatures and Analysis: Pearson Education Japan
Know Your Enemy - Security Warrior: O'reilly
Network Security Assessment: ditto
Incident Response - Investigating Computer Crime: Kevin Mandia
Hacking - the art of exploitation: Oreilly
Wi-Foo: Addison Wesley

Note: Assembler based reverse engineering is out of scope in CEH.

Main Internet references:

http://www.sans.org/
http://www.itl.nist.gov/
http://packetstormsecurity.org/
http://www.freepracticetests.org/home.php
http://ftp2.de.freebsd.org/pub/misc/www.rootshell.com/
http://www.cs.princeton.edu/sip/pub/index.php3

Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.

Real questions vary in style and meaning, sometimes quite tricky for non-Engish-candidate. For instance. Which is ....NOT, or LEAST LIKELY or NOT INACCURATE or ... NOT ... THAT negative meaning. Or a scenario style, a longer introduction and a shortest core.

Most effective method is an actual simulation. Once I had enjoyed "evil attempts" extensively in my small home LAN composed of Linux, Windoz, and an attacker Giant Mini, 486 based tiny Linux laptop, armed with scanners, sniffers, DOS/DDOS, password carckers, and more.

I wish this to be of your little service.

With very best regards and thank you all

sprkymrk · December 2007

Very impressive and helpful listing, thank you.

So what is next for you? Or will you take a break from studies? Also, I loved this part of your post:

Once I had enjoyed "evil attempts" extensively in my small home LAN composed of Linux, Windoz, and an attacker Giant Mini, 486 based tiny Linux laptop, armed with scanners, sniffers, DOS/DDOS, password carckers, and more.

Thanks again.

JDMurray · December 2007

Gennosuke HIGAKI wrote:

Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.

I hate to ask this, but what was the brand name or company name on these "practice tests" that you found?

Gennosuke HIGAKI · December 2007

Good news, the Exam Prep book I have is for 312-50, it says so right on the cover. Inside it says "Third Printing: May 2007". ISBN is 0789735318.

For another thread on CEH Resources - Mine is as of March 2006, first edition. This is a good book. At a final moment before the test, I scanned this again sipping my favorite Columbia in a nearby coffee shop.

You might check legal & administrative aspects. I also read "Exam Cram 2: CISSP Practice Questions" written by Michael Gregg, same author of the above book. This is a booklet with rich contents even a CD attached. Also good preparatory step for CISSP. http://www.amazon.com/CISSP-Practice-Questions-Exam-Cram/dp/0789733056

Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.

For JDMurray - I tried to put the vendor name but is sanitized as "amazon.com" in this form. So I make it reverse "DEETNARAUG-SSAP", okay? Mine has 426 questions.

For sprkymrk - You say, so what's next? Uh... not decided yet. It may be further Security or CISCO group. You see, I was, am not a cert hunter. Simply, I do what I should have done earlier.

Below is on my Saturday Special.

Panasonic: Pronote Jet Mini CF-11, prototype of Panasonic Let's Note model

CPU: Intel 486 DX2 66MHZ stepping 05
OS: MS DOS 6.3J 300MB in /dev/hda1 and Linux 6.3J 1.2GB in /dev/hda2
RAM: 16MB
VIDEO: 512KB barely run X windows.
NIC: 3Com 3c589 family card
WEIGHT: 1.3kg

See not my but Mini fun's page: http://homepage3.nifty.com/tozachan/pc/mini/jetmini.htm

Start-up Menu, selectable via a DOS CONFIG/AUTOEXEC branch

PC DOS J6.3J/V Startup Menu

1. Red Hat Linux 6.2J
2. Nwclient - Netware
3. MS Lanman - Windows/NT
4. PCNFS/NCSA - Unix host
5. IBM Webboy - Internet
6. Wterm - BBS Connection
7. PC Anywahre - Office
8. WordPerfect DOS 5.1J
9. Simpe DOS 6.3 English

Note: Besides Linux, Kernel 2.2.14-50 on i486, basically a PC DOS macine, with a couple of DOS interfaces to, Netware, Windoz, Unix LANs, Internet CUI access, BBS, Dial-up connection to office LAN, and WordProcessor. Once honored to detect, analyze and execute "Ghost-Bustering" through tcpdump packet monitoring, that was, abnormal modem call at midnight. Still active.

I look forward to your success.
With best regards

shakthiis · December 2007

Thanks for the info.

famosbrown · December 2007

Looks to be a **** for the practice exam according to:

http://www.certguard.com/search.asp?Site=**** (listed backwards by user above)

snadam · December 2007

famosbrown wrote:

Looks to be a **** for the practice exam according to:

http://www.certguard.com/search.asp?Site=amazon (listed backwards by user above)

+1. If you used this resource, then I wouldn't consider your pass legitimate...Ill hold my other comments if he has some sort of explanation.

JDMurray · December 2007

Many people studying for certifications come across **** that are labeled as practice exams. Not know what a **** is, they use them believing they are legitimate study material. In my opinion, cheating, like lying, is a deliberate act. The unintentional use of a **** is simply a mistake to be learned from and never repeated.

In this case, it is likely that a **** for version 4 of the CEH exam was used to study for version 5 of the CEH exam. Even if the **** contained correct questions and answers (and most do not) for the CEHv4 exam, it is likely that it provided no real advantage for passing the CEHv5 exam.

BigTone · December 2007

i can't believe they allow that to be sold on amazon.

snadam · December 2007

JDMurray wrote:

Many people studying for certifications come across **** that are labeled as practice exams. Not know what a **** is, they use them believing they are legitimate study material. In my opinion, cheating, like lying, is a deliberate act. The unintentional use of a **** is simply a mistake to be learned from and never repeated.

In this case, it is likely that a **** for version 4 of the CEH exam was used to study for version 5 of the CEH exam. Even if the **** contained correct questions and answers (and most do not) for the CEHv4 exam, it is likely that it provided no real advantage for passing the CEHv5 exam.

Well I hope thats the reason why. I'm also leaning towards the fact that it was indeed unintentional. Either way, passing an exam in a foreign language is pretty good.

Gennosuke HIGAKI · December 2007

Oh, it looks something backfiring. I am not suspicious by nature. Is the vendor doing illegal business?

Gennosuke HIGAKI · December 2007

Nobody has replied to my quite naive question. I murmur;

Who advocates, sets, and sells dammned global standards?
Who takes advantage of?
Who earns and laughs loud?
Who climbs on the bandwagon?

Again "Are braindumpers doing illegal business?" Go-getting Bill Gates will say "Definitely yes" Reverend Richard Stallmann will say "Absolutely no"

Anyway, I read and understood the logic http://www.certguard.com/braindumps.asp in my poor English. I thank famousbrown, snadam, and JDMurry for your cautions.

I introduce another resource among my available means. I had bought a copy of SAFE Preplogic Audio coupling license. http://www.preplogic.com/vendors/ec-council.aspx Did this work for me?

Read: http://www.ethicalhacker.net/content/view/54/24/ I would say "I agree with him, too meticulous while sometimes too vague, but it helped to a certain extent."

I look forward to your challenge and success.

Have nice X-mas holidays

dynamik · December 2007

Actually, I think everyone agrees that **** are illegal. They are questions and answers taken directly from the tests and serve no purpose other than to allow others to ****.

However, I would wager that few, if any, think that you do not deserve that certification. You seem to have genuinely come across that **** on accident. Plus, that reading list is probably longer than what I've used for all my certs combined. I've bookmarked this thread to come back to your resource list when I attempt the CEH later in 2008.

Congratulations on the pass and happy holidays to you as well.

snadam · December 2007

dynamik wrote:

Actually, I think everyone agrees that **** are illegal. They are questions and answers taken directly from the tests and serve no purpose other than to allow others to ****.

However, I would wager that few, if any, think that you do not deserve that certification. You seem to have genuinely come across that **** on accident. Plus, that reading list is probably longer than what I've used for all my certs combined. I've bookmarked this thread to come back to your resource list when I attempt the CEH later in 2008.

Congratulations on the pass and happy holidays to you as well.

In short, I fully agree with above statement. It does sound like a genuine honest mistake, which is fine in my book. Its the peolpe that knowingly use **** that upset me. In this case, it doesnt seem that way.

Congratulations on your pass and happiest of holidays

TURTLEGIRL · December 2007

CONGRATULATIONS.

keatron · December 2007

As a person that helped create v5 of the exam, and have taken all versions of the exam, I can tell you that 95% of all the questions in the v4 pool were zapped, even the ones that remained were completely re-worded and re-worked. The v5 questions are pretty much all new. JD has a valid point. With the hundreds of **** that are out there and the hundreds of legitimate sites out there, it can be tough to seperate the two. But it's always a good idea to come somewhere like here and ask is the material legit before using it. I concur with JD, a mistake made, no harm no foul. Just research the sources a little better the next time.

Keatron.

Gennosuke HIGAKI · December 2007

Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up

Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.

Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.

Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.

Good night

keatron · December 2007

Gennosuke HIGAKI wrote:

Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up

Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.

Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.

Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.

Good night

Well, i can tell everyone this much about v5 exam over previous versions. You'd had better know how to do some log analysis. In other words, be able to look at REAL logs of REAL attacks and decipher exactly what happened and what was going on. There is room for interpretation, but if you know what tool is used for what, and what techniques are used for what purpose, your interpretation will be dead on accurate.

Keatron.

snadam · December 2007

Gennosuke HIGAKI wrote:

Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up

Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.

Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.

Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.

Good night

right on my man. And I do apologize for being a tad harsh; but the number of honest people like yourself are rare when it comes to using ****. It was a Honest mistake as Ive stated before. I hope this doesnt steer you away from this site, because it is truly a wonderful place of information and good people in the IT industry.

Again my congrats!

Passed CEH

Comments