Taking CEH Course Next Week, Any Advice?

darkerosxx

I'm taking the CEH course from global knowledge next week and want to be sure I get enough materials to pass the exam.

Has anyone else taken a CEH course? Do you get enough training to pass with just the course? Is outside studying/training required?

Any advice?

dynamik

I'm not sure if it was Global Knowledge, but Famosbrown took one: http://techexams.net/forums/viewtopic.php?p=202388#202388

Sexion also had an excellent post a couple of hours ago: http://techexams.net/forums/viewtopic.php?p=258707#258707

sexion8

darkerosxx wrote:

I'm taking the CEH course from global knowledge next week and want to be sure I get enough materials to pass the exam.

Has anyone else taken a CEH course? Do you get enough training to pass with just the course? Is outside studying/training required?

Any advice?

Which course are you talking about. From my experience looking at all the available courses, they all promise you super stardom in 60 seconds. None have listed enough time to go through all the modules - which should be no less than 10 days @ no less than 8 hours per day. And this is being realistic.

If you have experience in years, understand the tools, methods, concepts, core of security tools, usage, practice, etc., than the classes would be a waste of money. For me, most of the tools listed were created by people I know personally, or had dealt with at one point or another, one of the tools I made is listed on the exam as well (Daemonic.c)

If you don't have experience, at least 1 year, you're in for a lot of memorizing and trying to cram down a heck of lot. There is a lot of disconnect on what the exam is, what its about, and the level of people passing the exam. Many have associated it with a script kiddie exam, and to an extent I can see where they would get that notion from however, those crying wolf "script kiddie exam" have 1) no experience under their wing 2) never taken the exam. To me, it was a bit of a disappointment and I was more excited at taking the OSCP exam which is actually a difficult exam. Think of it as being similar to the CCIE lab portion because that IS THE exam.

My advice to you, understand the core of it all period. Understand what tools do what, why, when, for which system, which are specific to what system, which use specific syntaxes on what system, and the differentiation between concepts. E.g., what is a vulnerability, what is an exploit, what is a risk... Its better to truly know them since in the end, you would look pretty lame having something saying your certified and when put on the spot you're looking like a deer staring at head lights. Not you per-se, but think about it, if the purpose is to pass an exam to show experience, understand it as best as you can from the ground up, even if you have to read RFC's. Understand the core and to be honest, the exam won't even matter.

Prior to having ANY cert, I was making 80k back in 2000 with the experience I had then. This however came from spending 16+ hours a day online, reading, tinkering, and offering to help various departments so I could learn things across the board. I was fortunate enough to shift in and out of systems administration, network administration, network design, security administration, before "hacking" became a mainstream term. I say this going back to days of Mark Abene, and LoD if you understand "the scene".

Advice, make sure you understand the modules enough to be secure with yourself. If you have to think twice about the difference between say Wireshark and Ettercap, I say postpone the test and learn the differences between the two in concept and practice. Take a couple of index cards on popular topics in each module and make realistic questions to test yourself. Good luck

securityguy

darkerosxx wrote:

I'm taking the CEH course from global knowledge next week and want to be sure I get enough materials to pass the exam.

Has anyone else taken a CEH course? Do you get enough training to pass with just the course? Is outside studying/training required?

Any advice?

I took mine with Security University and they were excellent. I got plenty of training to pass on the first time. My instructor was amazing...

darkerosxx

Cool. Thanks guys. I've had a class on corporate computer and network security and it looks like a lot of the modules correspond with the topics we went over(thanks for telling me about the modules, sexion!). Hopefully, this won't be too rough and I'll learn some new things along the way!

Thanks again.

darkerosxx

Forgot to post after I took the class. I finished the class a week ago and really enjoyed it. The instructor was very well-prepared and knowledgeable. For me, having the prior security classes, I mostly learned about programs used to hack...some of it surprising, some of it not so much. I did learn how to do a few things in a short time that I didn't know you could do at all.

I'd say the course is definitely worth taking if you're working in IT anywhere.

I'll probably take the exam after I finish this semester.

darkerosxx

Taking the exam Thursday. I'm getting the feeling I won't do to well on this due to the sheer amount of information about applications I'm not incredibly familiar with. While taking the course I did get to use a few apps from each group of overall apps covered on the exam, so I don't feel totally lost...it's just so much information! I've had a security class in college, the course for CEH, and I've been studying the book/CBTNuggets for a month or so now.

We'll see how it goes. It's a free voucher, so I'll try it. 70% here I come!

dynamik

darkerosxx wrote: »

70% here I come!

Way to aim high

It'll be interesting to hear about your experience; hopefully you pull out a pass

the_Grinch

I am really interested to see what the exam is like (I know you can't say exactly, but a general feel). I'm hoping to take it in about a week or two, but there is a ton of information on the exam. I really feel like it is just Security+ on steroids. Just about done the book, going to watch some cbt's (still debating using cbt nuggets), and then go over the official guide. Might spend some money on some questions as well...

darkerosxx

Ok, so I passed, but not by a wide margin. In total, it took me around 2 hours to finish.

On a whole, I was pleased with the way the exam questions were worded and found them interesting. Some questions are straight "What is X?" questions, while others give you a background story and a question for you to pick certain things based on the story. I thought the exam was challenging, but covered what an entry-level amount of security knowledge should be. To me, it's just enough knowledge to work in a security position and not require training to get your job done testing vulnerabilities, writing reports, and implementing defense in depth.

As to training materials/courses, the course definitely helped because I could visualize certain questions based on the labs we did in the course. I don't think the CBT Nuggets helped at all, but again, that could be because I took the course, so if you didn't take the course and have the extra time/money, I'd consider them a worthy investment. The Exam Prep CEH book on v5 was what really prepared me for the exam. The author goes into depth about topics you need to know, with some extra to help you along in your career. I think taking the course and reading the book prepared me to pass the exam. However, my suggestion to anyone looking to take the exam is to take 5-10 hours and spend that time googling the main topics and scanning for tidbits you may not have picked up anywhere else. Also, there are some topics in the book that the author didn't cover very well, such as warchalking, that stood out to me as areas I'd need to see a picture of to understand. Those kinds of things I'd suggest googling for as well.

I guess I'll get a welcome kit in 4-8 weeks so I'll come back and share anything interesting that may be included.

The thing that sucks is I found out EC-Council requires continuing education to keep the certifications valid!! It looks pretty easy, but it was weird finding that out after I'd already taken the exam.

Good luck to anybody else going for the CEH and feel free to ask questions!

dynamik

Congratulations!

darkerosxx wrote: »

The thing that sucks is I found out EC-Council requires continuing education to keep the certifications valid!! It looks pretty easy, but it was weird finding that out after I'd already taken the exam.

Yep, the same is true for the (ISC)2 certifications.

shednik

So dynamik you done with the exam prep book yet??? Since Dark recommends it?

the_Grinch

Congrats!! Glad to hear that the Exam Prep book is good (I've heard it from a couple of people) and I am just about finished it (last two chapters). Were a large portion of the questions geared towards the tools? I've heard yes so I was considering reading through the Anti-Hacker Toolkit since a lot of the tools in that are what appeared in Exam Prep. I've also heard that the EC-Council does take the entire 8 weeks to send their stuff, but maybe that has changed. Again congrats and thanks for posting all the info!

darkerosxx

In the book, the author would point out certain programs that were extremely important to know for the exam and would also point out some programs where it's important to know the command-line options. If you know the command-line options for all of those, you'll do well.

If you know the categories tools fit into and any major differences they may have from other tools in the same category, you'll be well-prepared there also.l