Taking the CEH in 5 days

I will be taking the CEH in 5 days. I've been in IT SEC professionally for about 3 years doing FW/IDS configuration and log analysis. Been on the offensive side for a while. Obtained the Security+ in spring 06. I bought the books at the beginning of the month. Cramming hard. Questions for the CEH certified pros here. Will I see alot of technical questions or will I see more theory based questions like the questions on the Security+? Hopes this make sense. thanks

Find more posts tagged with

Comments

seuss_ssues

from what ive heard there are alot of questions concerning using the tools and their available options.

Which i guess would make it more technical than theory. But often times it requires a combination of theory and technical knowledge to answer a question.

dynamik

keatron wrote:

Just a little tip to everyone wanting to take this exam. Make sure you not only know the tools, but make sure you can also look at logs and decipher what happened. Again, version 5 of the exam was a VERY significant change.

http://techexams.net/forums/viewtopic.php?p=189082#189082

JDMurray

Your log analysis skills will help a lot on the CEH exam; I've heard that experience with tools such as nmap, netcat, and tcpdump is very necessary for the exam too. Check how many tools you know how to use on this list.

famosbrown

Yep...you will get tested on analyzing logs for intrusions, virus attempts, etc. You will get tested on tools via understanding the output, which tool to use for what situation, etc. More technical than theory when I took CEH v5.

dynamik

JDMurray wrote:

Your log analysis skills will help a lot on the CEH exam; I've heard that experience with tools such as nmap, netcat, and tcpdump is very necessary for the exam too. Check how many tools you know how to use on this list.

JD, do you have a list of security bookmarks you'd like to share? You toss out a lot of really useful links, and most of the time, they're new to me

JDMurray

dynamik wrote:

JD, do you have a list of security bookmarks you'd like to share? You toss out a lot of really useful links, and most of the time, they're new to me

Hmmm...that's a good topic for a blog article.

Until then, here are a few bones:

USENET comp.security.misc
A Day in the Life of an Information Security Investigator
BroadbandReports.com Security Forums
BroadbandReports.com Security FAQ

cashew

JDMurray wrote:

Your log analysis skills will help a lot on the CEH exam; I've heard that experience with tools such as nmap, netcat, and tcpdump is very necessary for the exam too. Check how many tools you know how to use on this list.

Sweet site, thanks.

finalhour216

Passed. 780. I have to say I am not impressed. It is my opinion that this test was written by someone whos second language is English. I had a question that asked me what is an ethical hack. The easiest question on the test and I think I got it wrong because of the way that all of the phrases were worded. I am not an English major but there were major grammatical errors and typos. Not to mention that some of the material was outdated so "best practice" when the test was written is no longer best practices. But there were alot of good technical questions. Had my adrenaline up there.

Back to CCNA. After that I haven't decided if I want to Remote-Exploit OffSec 101 or CISSP first. OffSec is 40 continuing education credits towards the CISSP. maybe the CISSP first.

JDMurray

finalhour216 wrote:

It is my opinion that this test was written by someone whos second language is English. I had a question that asked me what is an ethical hack. The easiest question on the test and I think I got it wrong because of the way that all of the phrases were worded.

Sometimes I wonder if this sort of thing is done on purpose with the idea of introducing more difficulty into the questions.

finalhour216 wrote:

I am not an English major but there were major grammatical errors and typos.

I've seen odd grammar on cert exams, but never blatant typos.

finalhour216 wrote:

Not to mention that some of the material was outdated so "best practice" when the test was written is no longer best practices.

This is really surprising, considering that the CEHv5 exam is only 18 months old.

Have you considered the CPTS cert at all?