Passed CEH

Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
It is my pleasure to inform you of my success in achieving CEH today. Being not affordable to go and learn their costly curriculum in the U.S., I did this by sef-study. Luckily, I gained 85% against 150 questions in 3 hours. This is my 3rd security title following Comptia Security+ and CIW Security Professional. Taking advantage of the CIW preferential track subject to an achievement among other various intermediate certificates, in which CEH ranks, I can apply "Security Analyst" to CIW. CEH is tougher but worthwhile trying I say.

Comments

  • livenliven Member Posts: 918
    GOOD JOB!!!!

    What study materials did you use?
    encrypt the encryption, never mind my brain hurts.
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    It is my pleasure to congratulate you on a job well done. :)
    All things are possible, only believe.
  • SchluepSchluep Member Posts: 346
    Congratulations. What materials did you use for your self study?
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    Yes, congrats! Can you give us your opinion of the new CEH exam without including any significant details?
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    Congrats! Good work, it's a relatively tough exam.
  • SieSie Member Posts: 1,195
    Congratulation! :D
    Foolproof systems don't take into account the ingenuity of fools
  • Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
    Dear all,

    Thank you for your homage For your reference, let me write my approach

    Toward CEH, basic knowledge and experiences on Computer Security are essential. Comptia Security+ is a good step to begin with. For self-starter like me you need a recommendation to certify minimum 2-year experiences in security field by your direct supervisor when applying to the EC-Council. Payment $250 is to be accepted with cash card only by the EC-Council headquarters.

    Main CEH resources:

    Official Certified Ethical Hacker Review Guide: Sybex
    Exam Prep Certified Ethical Hacker: Michael Gregg
    Certified Ethical Hacker Mega Guide: PrepLogic
    The CEH Prep Guide: Wiley

    The last one is quite newly published, this October. I waited this for a making-up. This presents a wider perspective, in other words, a normative frame like CISSP to pratical CEH.

    Hard-cover references:

    Hacking Exposed Fourth Edition: Osbone
    Active Defense Network Security: Sybex
    Snort Cookbook: O'reilly
    Network Security Tools: ditto
    Intrusion Signatures and Analysis: Pearson Education Japan
    Know Your Enemy - Security Warrior: O'reilly
    Network Security Assessment: ditto
    Incident Response - Investigating Computer Crime: Kevin Mandia
    Hacking - the art of exploitation: Oreilly
    Wi-Foo: Addison Wesley

    Note: Assembler based reverse engineering is out of scope in CEH.

    Main Internet references:

    http://www.sans.org/
    http://www.itl.nist.gov/
    http://packetstormsecurity.org/
    http://www.freepracticetests.org/home.php
    http://ftp2.de.freebsd.org/pub/misc/www.rootshell.com/
    http://www.cs.princeton.edu/sip/pub/index.php3


    Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.

    Real questions vary in style and meaning, sometimes quite tricky for non-Engish-candidate. For instance. Which is ....NOT, or LEAST LIKELY or NOT INACCURATE or ... NOT ... THAT negative meaning. Or a scenario style, a longer introduction and a shortest core.

    Most effective method is an actual simulation. Once I had enjoyed "evil attempts" extensively in my small home LAN composed of Linux, Windoz, and an attacker Giant Mini, 486 based tiny Linux laptop, armed with scanners, sniffers, DOS/DDOS, password carckers, and more.

    I wish this to be of your little service.

    With very best regards and thank you all
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Very impressive and helpful listing, thank you. :)

    So what is next for you? Or will you take a break from studies? Also, I loved this part of your post:
    Once I had enjoyed "evil attempts" extensively in my small home LAN composed of Linux, Windoz, and an attacker Giant Mini, 486 based tiny Linux laptop, armed with scanners, sniffers, DOS/DDOS, password carckers, and more.

    Thanks again. icon_cool.gif
    All things are possible, only believe.
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.
    I hate to ask this, but what was the brand name or company name on these "practice tests" that you found?
  • Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
    Good news, the Exam Prep book I have is for 312-50, it says so right on the cover. Inside it says "Third Printing: May 2007". ISBN is 0789735318.
    For another thread on CEH Resources - Mine is as of March 2006, first edition. This is a good book. At a final moment before the test, I scanned this again sipping my favorite Columbia in a nearby coffee shop.

    You might check legal & administrative aspects. I also read "Exam Cram 2: CISSP Practice Questions" written by Michael Gregg, same author of the above book. This is a booklet with rich contents even a CD attached. Also good preparatory step for CISSP. http://www.amazon.com/CISSP-Practice-Questions-Exam-Cram/dp/0789733056

    Prep test: Practice Test Questions (312-50). You can find and download older versions free of charge in Internet.
    For JDMurray - I tried to put the vendor name but is sanitized as "amazon.com" in this form. So I make it reverse "DEETNARAUG-SSAP", okay? Mine has 426 questions.

    For sprkymrk - You say, so what's next? Uh... not decided yet. It may be further Security or CISCO group. You see, I was, am not a cert hunter. Simply, I do what I should have done earlier.

    Below is on my Saturday Special.

    Panasonic: Pronote Jet Mini CF-11, prototype of Panasonic Let's Note model

    CPU: Intel 486 DX2 66MHZ stepping 05
    OS: MS DOS 6.3J 300MB in /dev/hda1 and Linux 6.3J 1.2GB in /dev/hda2
    RAM: 16MB
    VIDEO: 512KB barely run X windows.
    NIC: 3Com 3c589 family card
    WEIGHT: 1.3kg

    See not my but Mini fun's page: http://homepage3.nifty.com/tozachan/pc/mini/jetmini.htm

    Start-up Menu, selectable via a DOS CONFIG/AUTOEXEC branch

    PC DOS J6.3J/V Startup Menu

    1. Red Hat Linux 6.2J
    2. Nwclient - Netware
    3. MS Lanman - Windows/NT
    4. PCNFS/NCSA - Unix host
    5. IBM Webboy - Internet
    6. Wterm - BBS Connection
    7. PC Anywahre - Office
    8. WordPerfect DOS 5.1J
    9. Simpe DOS 6.3 English

    Note: Besides Linux, Kernel 2.2.14-50 on i486, basically a PC DOS macine, with a couple of DOS interfaces to, Netware, Windoz, Unix LANs, Internet CUI access, BBS, Dial-up connection to office LAN, and WordProcessor. Once honored to detect, analyze and execute "Ghost-Bustering" through tcpdump packet monitoring, that was, abnormal modem call at midnight. Still active.

    I look forward to your success.
    With best regards
  • shakthiisshakthiis Member Posts: 2 ■□□□□□□□□□
    Thanks for the info.
    Shakthi
  • famosbrownfamosbrown Member Posts: 637
    Looks to be a **** for the practice exam according to:

    http://www.certguard.com/search.asp?Site=**** (listed backwards by user above)
    B.S.B.A. (Management Information Systems)
    M.B.A. (Technology Management)
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    famosbrown wrote:
    Looks to be a **** for the practice exam according to:

    http://www.certguard.com/search.asp?Site=amazon (listed backwards by user above)


    +1. If you used this resource, then I wouldn't consider your pass legitimate...Ill hold my other comments if he has some sort of explanation.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    Many people studying for certifications come across **** that are labeled as practice exams. Not know what a **** is, they use them believing they are legitimate study material. In my opinion, cheating, like lying, is a deliberate act. The unintentional use of a **** is simply a mistake to be learned from and never repeated.

    In this case, it is likely that a **** for version 4 of the CEH exam was used to study for version 5 of the CEH exam. Even if the **** contained correct questions and answers (and most do not) for the CEHv4 exam, it is likely that it provided no real advantage for passing the CEHv5 exam.
  • BigToneBigTone Member Posts: 283
    i can't believe they allow that to be sold on amazon.
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    JDMurray wrote:
    Many people studying for certifications come across **** that are labeled as practice exams. Not know what a **** is, they use them believing they are legitimate study material. In my opinion, cheating, like lying, is a deliberate act. The unintentional use of a **** is simply a mistake to be learned from and never repeated.

    In this case, it is likely that a **** for version 4 of the CEH exam was used to study for version 5 of the CEH exam. Even if the **** contained correct questions and answers (and most do not) for the CEHv4 exam, it is likely that it provided no real advantage for passing the CEHv5 exam.

    Well I hope thats the reason why. I'm also leaning towards the fact that it was indeed unintentional. Either way, passing an exam in a foreign language is pretty good.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
    Oh, it looks something backfiring. I am not suspicious by nature. Is the vendor doing illegal business?
  • Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
    Nobody has replied to my quite naive question. I murmur;

    Who advocates, sets, and sells dammned global standards?
    Who takes advantage of?
    Who earns and laughs loud?
    Who climbs on the bandwagon?

    Again "Are braindumpers doing illegal business?" Go-getting Bill Gates will say "Definitely yes" Reverend Richard Stallmann will say "Absolutely no"

    Anyway, I read and understood the logic http://www.certguard.com/braindumps.asp in my poor English. I thank famousbrown, snadam, and JDMurry for your cautions.

    I introduce another resource among my available means. I had bought a copy of SAFE Preplogic Audio coupling license. http://www.preplogic.com/vendors/ec-council.aspx Did this work for me?

    Read: http://www.ethicalhacker.net/content/view/54/24/ I would say "I agree with him, too meticulous while sometimes too vague, but it helped to a certain extent."

    I look forward to your challenge and success.

    Have nice X-mas holidays
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Actually, I think everyone agrees that **** are illegal. They are questions and answers taken directly from the tests and serve no purpose other than to allow others to ****.

    However, I would wager that few, if any, think that you do not deserve that certification. You seem to have genuinely come across that **** on accident. Plus, that reading list is probably longer than what I've used for all my certs combined. I've bookmarked this thread to come back to your resource list when I attempt the CEH later in 2008.

    Congratulations on the pass and happy holidays to you as well.
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    dynamik wrote:
    Actually, I think everyone agrees that **** are illegal. They are questions and answers taken directly from the tests and serve no purpose other than to allow others to ****.

    However, I would wager that few, if any, think that you do not deserve that certification. You seem to have genuinely come across that **** on accident. Plus, that reading list is probably longer than what I've used for all my certs combined. I've bookmarked this thread to come back to your resource list when I attempt the CEH later in 2008.

    Congratulations on the pass and happy holidays to you as well.

    In short, I fully agree with above statement. It does sound like a genuine honest mistake, which is fine in my book. Its the peolpe that knowingly use **** that upset me. In this case, it doesnt seem that way.

    Congratulations on your pass and happiest of holidays
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • TURTLEGIRLTURTLEGIRL Member Posts: 361
    CONGRATULATIONS.
    If you don't know 24 then you don't know Jack!
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    As a person that helped create v5 of the exam, and have taken all versions of the exam, I can tell you that 95% of all the questions in the v4 pool were zapped, even the ones that remained were completely re-worded and re-worked. The v5 questions are pretty much all new. JD has a valid point. With the hundreds of **** that are out there and the hundreds of legitimate sites out there, it can be tough to seperate the two. But it's always a good idea to come somewhere like here and ask is the material legit before using it. I concur with JD, a mistake made, no harm no foul. Just research the sources a little better the next time.

    Keatron.
  • Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
    Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up

    Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.

    Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.

    Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.

    Good night
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up

    Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.

    Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.

    Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.

    Good night

    Well, i can tell everyone this much about v5 exam over previous versions. You'd had better know how to do some log analysis. In other words, be able to look at REAL logs of REAL attacks and decipher exactly what happened and what was going on. There is room for interpretation, but if you know what tool is used for what, and what techniques are used for what purpose, your interpretation will be dead on accurate.

    Keatron.
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    Thank keatron for your sincere advice I appreciate your considerations to this nasty issue. Let me wrap up

    Though I have worked in a bilingual office, English is not my mother tongue. My exam targets are hardly localized. I have bought original materials, mostly used books, via amazon. Also I try to find clues in Internet.

    Luckily or unluckily, I spotted ver 3 fossils left by ones and twos. I got one, checked, and found quite a few odd answers against my interpretation. Some are literally of "How I or THEY interpret a particular case." nature. I assert XXX attack. They do YYY attack.

    Others are purely technical. I checked them in my books, in Internet, and simulated some in my home LAN. I concluded "When pings fly." I should say **** are bait, phony, and poison for you, serious candidates. If you took them as panacea, you will be undoubtedly misled.

    Good night


    right on my man. And I do apologize for being a tad harsh; but the number of honest people like yourself are rare when it comes to using ****. It was a Honest mistake as Ive stated before. I hope this doesnt steer you away from this site, because it is truly a wonderful place of information and good people in the IT industry.

    Again my congrats!
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
Sign In or Register to comment.