groupstudy

nanga

hey anyone interested in group study for CEH..can post questions /quiz/doubts and share materials in this thread.

dynamik

Sure. I'll be slow for six weeks or so, but then I'm going to hit it hard once I get this class out of the way.

I'm using this as my primary resource: http://www.amazon.com/CEH-Prep-Guide-Comprehensive-Certified/dp/0470135921/ref=pd_bbs_sr_2?ie=UTF8&s=books&qid=1227219452&sr=8-2

I heard this wasn't really worth it. I have it, and its pretty thin. It's just a review guide, and I only got it because I found it really cheap used: http://www.amazon.com/CEH-Official-Certified-Ethical-Hacker/dp/0782144373/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1227219452&sr=8-1

I'll probably end up getting the practice exam from PrepLogic since they're the only one that offers one (that I know of).

May or may not watch the CBT Nuggets. Their CEH package is really expensive, and I might just buy a streaming subscription if I decide to go with it.

darkerosxx

FYI, this is one of the books I got in the Global Knowledge CEH class. The teacher said it represented the exam well and the CD exams included represented the exam very well.

http://www.amazon.com/Certified-Ethical-Hacker-Exam-Publishing/dp/0789735318/ref=pd_bxgy_b_img_c

shednik

I'm in Dynamik you have a busy spring ahead of you man

shednik

darkerosxx wrote:

FYI, this is one of the books I got in the Global Knowledge CEH class. The teacher said it represented the exam well and the CD exams included represented the exam very well.

http://www.amazon.com/Certified-Ethical-Hacker-Exam-Publishing/dp/0789735318/ref=pd_bxgy_b_img_c

So did they give any hints on if this material will be useful at all for v6?

darkerosxx

shednik wrote:

darkerosxx wrote:

FYI, this is one of the books I got in the Global Knowledge CEH class. The teacher said it represented the exam well and the CD exams included represented the exam very well.

http://www.amazon.com/Certified-Ethical-Hacker-Exam-Publishing/dp/0789735318/ref=pd_bxgy_b_img_c

So did they give any hints on if this material will be useful at all for v6?

Yeah, it won't. Well, it's useful in that it is included in the v6 exam, but the v6 exam covers an enormous amount of topics, so this won't be the only source you need like it is for v5.

nanga

thats great for start. I have the same resources Exam cram and the The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking as primary resoruces.

I plan to take a chapter complete that on weekends....and through the week just go throught the main points or notes and jiggle around in google. I dont find much of time on weekdays...Also I am not expert at using the tools.

I shall soon try to put up some material together as a review for you guys we well..

dynamik

Shednik wanted to start a wiki, so here you go:

http://andrewcjohnson.com/ceh/

Start adding content!

You'll need to create an account and confirm your email address before you can create or edit pages. I won't share your email address with anyone, but I will send you advertisements for the male enhancement pills I sell. You do want to satisfy her every time, right?

ULWiz

This is definately a cert i want. The requirements for this exam is that you need two years of infosec experience or you have to take a boot camp from what i understand to even be allowed to take this exam.

This is the info i got from the site. So unless you do one of the two i dont think your allowed to take this exam.

I could be wrong can anyone else who have taken this test verify this.

dynamik

http://www.eccouncil.org/takeexam.htm

Scroll down to "Eligibility Requirements".

It's typically two years of experience or the course, but I've heard they occasionally allow people based on education or other circumstances. Give them a call and/or fill out the application, and see where you end up.

nanga

send in ur form resume and your cover letter explaining your experience in networking/security/. Also let them know what is ur education background and also what all other certifications u have along with your drivers liscence copy.

They take each case and evaluate it independently. I faxed them all my docs and was waiting for almost a month before I email them reminding them abt my case.


Finally got a clearence from them and they sent me a exam code.

shednik

nanga so you feel if you have over 1 1/2 years of work with security being an important part that they would grant you the right to take the exam? anyone know how long we have exactly until v5 is retired?

Also, ULWiz even if you aren't able to take the exam study with us and learn what you can.

ULWiz

Completely agree there.

nanga

shednik wrote:

nanga so you feel if you have over 1 1/2 years of work with security being an important part that they would grant you the right to take the exam? anyone know how long we have exactly until v5 is retired?

Also, ULWiz even if you aren't able to take the exam study with us and learn what you can.

Yup...that should suffice. Try submititng your convincing documents with them for their review. I submiited my ccna cert, security+ and SSCP ( associate) certificates , my score sheets from university resume and cover letter.


yes we all are studying for that ,,,as far as i am concerned...i am totally lost dont know where to start and what to start with. If I cant give ver 5 in the time frame I shall study ahead and appear for ver6.

Anyone any suggestions or plan how to study.

dynamik

Have you looked at the wiki I setup yet?

If we all do about 10 items a day, we'll have everything filled in in about 45 days (there's about 1400 items )

Just pick an area and dig in. Start with the Wiley book and go from there. I also got the PrepLogic exam, and the Sybex review guide has some exams and flash cards as well. PrepLogic dropped it down to $57, I assume since it's nearing the end of its life.

darkerosxx

You don't need to know all that stuff for the exam!

nanga

dynamik wrote:

Have you looked at the wiki I setup yet?

If we all do about 10 items a day, we'll have everything filled in in about 45 days (there's about 1400 items )

Just pick an area and dig in. Start with the Wiley book and go from there. I also got the PrepLogic exam, and the Sybex review guide has some exams and flash cards as well. PrepLogic dropped it down to $57, I assume since it's nearing the end of its life.

Aye Aye Sir...already jumped on it !...that is a nice idea. Lets create a wiki so we all can share notes.I am on it !

dynamik

darkerosxx wrote:

You don't need to know all that stuff for the exam!

Yea, we know. I just think it'd be fun to review everything. I'm sure a lot of those are old/obsolete, but it would be interesting to learn about them for some historical perspective.

shednik

So has anyone set a timeline for when they plan to take the exam?

darkerosxx

I'm planning to take it mid-January. Are you looking at taking it?

shednik

I'm shooting in may i think before v5 expires...

darkerosxx

So have you taken the course or are you gonna apply to get in on experience?

dynamik

Experience. I'll be shooting for sometime in Q1 2009. I need to wrap up my VCP and CCNA first.

Darker, are you just using the course and the Exam Cram book? I can't remember, did you post about your experience at the course?

shednik

I have about 18 months of experience in different aspects of security, so I figure with my application, my master program I'm enrolled in, recommendation from my manager, and a cover letter explaining why I want to take the exam. I'm hoping that will be enough to take the exam...did they really say what specifically they want for experience?

darkerosxx

dynamik wrote:

Experience. I'll be shooting for sometime in Q1 2009. I need to wrap up my VCP and CCNA first.

Darker, are you just using the course and the Exam Cram book? I can't remember, did you post about your experience at the course?

Mmm, a sentence or two, not much: http://techexams.net/forums/viewtopic.php?t=38315

darkerosxx

shednik wrote:

I have about 18 months of experience in different aspects of security, so I figure with my application, my master program I'm enrolled in, recommendation from my manager, and a cover letter explaining why I want to take the exam. I'm hoping that will be enough to take the exam...did they really say what specifically they want for experience?

Not sure, honestly. Here's the page with the application, though, if you haven't seen it: http://www.eccouncil.org/takeexam.htm

nanga

Ok Everyone.

Its been a long time I have been trying to study for the CEH, eve though its not regular but on and off.

I tried to study various ways but figured out that may be wiki started by Dynamik would be a neat idea to study...and btw it is a neat idea. But as I went ahead to populate the wiki I started getting into loops where there were all tools. I checked out the CEH course of Eccouncil and it does mentions different tools.

I mean there are millions of tools doing the same thing or are having extra feature to do it the better way. I was wondering what does is the CEH Exam exactly all about. I have studied for CISSP very hard but when they increased the nos of years of exp I took up SSCP and got done with it. In that way I do have ac certain knowledge level of Info security.

Now I am at a crossroads where in I do have a internship exp in security but now am working in a network performance team ( a different role all together) for an ISP. This way I dont get to use the tools regularly, even though I believe that I can understand to a certain extent what the tool is doing or what its end result would be.

I am dead confused and frustrated as to how to study CEH. Its been long time I have been toying with this. Its not the case that I want to only study for the exam, but its also true I want to make some progress with it.

I guess once I am done with CEH I might end up having a job in info security and that would motivate me more to gather knowledge of security.

ANY HELP OUT THERE......

and last thing ....Merry Christmas and Enjoy your vacations with your prized ones.

darkerosxx

I'm hoping I can answer your question with a few thoughts about the CEH certification, even though I haven't taken the exam, yet:

It can be used in several ways, but the most popular ways are to train in performing vulnerability assessments or to train in information security architecture. To expand on that:

Performing vulnerability assessments take the knowledge of security tools widely available to hackers and use them on a business to determine security holes that should be plugged, create a report, and deliver the results to the business for $. Knowing the tools available to hackers, how the tools work, and how to stop them helps in performing the assessment and creating a report for the business.

Security Architecture is important for anyone implementing systems utilizing information technology and/or designing systems utilizing information technology. Knowing what tools are available to hackers, how they work, and how to stop them will help you with security in all stages of the system development lifecycle.

You don't need to know all the tools in and out, but you do need to know what the different types(groups) of tools do, what vulnerabilities they take advantage of, how to fix the vulnerabilities, and enough about each tool to know what type of tool it is.

From what I've heard, they may ask you what a specific tool does and you don't really need to know specifics about that tool, just what type of tool it is and how the type of tool works.

nanga

well i guess that helps to know that all the tools are not required to be known in and out. My idea abt CEH would be to understand the penetration testing of the architecture and knowing the loops in systems. Just to understand the logic of a vulnerability and how a tool exploits it.

the_Grinch

Just saw this and figured I would post. I am using the ExamPrep Guide, CEH Offical Review, and Career Academy videos. I had the CBT Nuggets, but it was for version 4 (my friend has the version 4 cert). The Career Academy videos are pretty decent, but once I got into the third video I noticed that they didn't cover all the information that they had quiz questions for. So the plan is to read the ExamPrep Guide, watch all the Career Academy videos, and then read the review guide. I am hoping to take this in mid-January if not sooner.

I'm looking at this cert as along the lines of Security+ on steroids. I found that the material provides a good base for working on pen testing. I think if you have Network+ (or CCENT) and Security+ you'll have the basics to begin studying. Like someone else said it doesn't seem that you have to know every aspect of every program, just the basics. Though I believe Nmap will be heavily tested on. I am enjoying studying for this exam more then the others I have taken as it is pretty enjoyable. You can look at my post about getting a waiver for educational experience (I'm on chapter 3 of the ExamPrep Guide and thus far most of the information has been a refresher on knowledge I had somewhere in my head).

Good luck!

darkerosxx

Hey while you're studying, you're welcome to fill in topics on the CEH Wiki Dynamik started for TechExams: http://www.andrewcjohnson.com/ceh/