Passed C|EH v6 3/18/2011

Took the exam this morning after a year of on and off review and a bootcamp this week (due to not having the 2 years). I also got to complete the CPT qualifier and am now working on the CPT Practical.

I'd like to thank the great people of this forum for their contributions and undying dedication to the IT community. This place has put me on a path to greatness and I am eternally grateful that I found this place when I did.

CCNA Security is next then CISSP for the associate designation.

Find more posts tagged with

Comments

dynamik

That's awesome dude, congratulations. Keep me posted on what you think of the CPT. That one's on my radar as well.

N2IT

rogue2shadow wrote: »

Took the exam this morning after a year of on and off review and a bootcamp this week (due to not having the 2 years). I also got to complete the CPT qualifier and am now working on the CPT Practical.

I'd like to thank the great people of this forum for their contributions and undying dedication to the IT community. This place has put me on a path to greatness and I am eternally grateful that I found this place when I did.

CCNA Security is next then CISSP for the associate designation.

Awesome job brother!

I am so excited for you.

I have a friend who is considering taking this exam, any advice? Requirements?
Does prometric or pearson providing testing for this exam?
Recommended training material?
Book camp you went with?

za3bour

Congratulations, great job.

coty24

N2IT wrote: »

Awesome job brother!

I am so excited for you.

I have a friend who is considering taking this exam, any advice? Requirements?
Does prometric or pearson providing testing for this exam?
Recommended training material?
Book camp you went with?

Big props to you man!!!! I would like to know too, I just went to the boot camp in Atlanta, what study materials did you use? I got the v7 materials also.

JDMurray

Hey, congratz on passing the CEH!

rogue2shadow

Thanks guys

dynamik wrote: »

That's awesome dude, congratulations. Keep me posted on what you think of the CPT. That one's on my radar as well.

Definitely will. The qualifier was not bad at all. With your experience it should be a piece of cake. I'm going to start the practical probably next week.

N2IT wrote: »

Awesome job brother!

I am so excited for you.

I have a friend who is considering taking this exam, any advice? Requirements?
Does prometric or pearson providing testing for this exam?
Recommended training material?
Book camp you went with?

Appreciate it homie!

1. If he has the two years of experience and wants to self-study, he's going to need to fill out the eligibility form at the EC-Council website and then use that confirmation code (provided by support) to register. Without both I heard you cannot take the exam.

If he does not have the two years of experience, I believe the only way to take the test is to do it by taking an "EC-Council Official Course" (aka bootcamp) via one of 175 private institutions all over the world.

2. Pearson Vue.

3. Back when I was stuyding for the CCNA et al, I popped in some reading on C|EH every now and then even though I really didn't understand it. I feel like overtime, the info got rooted and after getting serious for a good 3 months before the exam, it all seemed to come back.

Heres a list of the material I read before taking the class (NOT 100% required!):

Amazon.com: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (9780979958717): Gordon Fyodor Lyon: Books
Amazon.com: The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking (9780470135921): Ronald L. Krutz, Russell Dean Vines: Books
Amazon.com: Hacking: The Art of Exploitation, 2nd Edition (9781593271442): Jon Erickson: Books
Amazon.com: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (9780470170779): Dafydd Stuttard, Marcus Pinto: Books
PrepLogic CEH Review Guide

Supplemental (To understand the mentality better):
Amazon.com: The Art of Deception: Controlling the Human Element of Security (9780764542800): Kevin D. Mitnick, William L. Simon, Steve Wozniak: Books
Amazon.com: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (9780471782667): Kevin D. Mitnick, William L. Simon: Books

4. InfoSec Institute. I was extremely impressed with my instructor's professionalism and expansive knowledge of pentesting and security as a whole. There wasn't any question he never had an answer to. Reading about the tools and then having to physically use them definitely drove the points home as I learn best by physically doing a task. The best thing of all was CTF; if you've messed with OSCP material and you're familiar with the terms "Try Harder" you'll know the feeling I was getting during those events. There were sometimes where I wanted to give up but subconsciously I kept hearing that same phrase over and over in my head

. In all the course was 60-70% labs/CTF and 25% review for each exam; the constant labbing and reviewing cleared up any confusion I had between tools because I could actually make output associations with names. I will definitely use them again in the future if I need to and I highly recommend them.

dynamik

Which InfoSec Institute course did you take? Did you take it in the classroom or online?

rogue2shadow

dynamik wrote: »

Which InfoSec Institute course did you take? Did you take it in the classroom or online?

In the classroom. The course was just called Ethical Hacking.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html

They give you the choice of them paying for the hotel expenses (room and food for the week) or some extra pentest software license. Naturally I opted for the hotel lol.

Chris:/*

Congrats!

powerfool

Congrats!

N2IT

rogue2shadow wrote: »

Thanks guys

Definitely will. The qualifier was not bad at all. With your experience it should be a piece of cake. I'm going to start the practical probably next week.

Appreciate it homie!

1. If he has the two years of experience and wants to self-study, he's going to need to fill out the eligibility form at the EC-Council website and then use that confirmation code (provided by support) to register. Without both I heard you cannot take the exam.

If he does not have the two years of experience, I believe the only way to take the test is to do it by taking an "EC-Council Official Course" (aka bootcamp) via one of 175 private institutions all over the world.

2. Pearson Vue.

3. Back when I was stuyding for the CCNA et al, I popped in some reading on C|EH every now and then even though I really didn't understand it. I feel like overtime, the info got rooted and after getting serious for a good 3 months before the exam, it all seemed to come back.

Heres a list of the material I read before taking the class (NOT 100% required!):

Amazon.com: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (9780979958717): Gordon Fyodor Lyon: Books
Amazon.com: The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking (9780470135921): Ronald L. Krutz, Russell Dean Vines: Books
Amazon.com: Hacking: The Art of Exploitation, 2nd Edition (9781593271442): Jon Erickson: Books
Amazon.com: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (9780470170779): Dafydd Stuttard, Marcus Pinto: Books
PrepLogic CEH Review Guide

Supplemental (To understand the mentality better):
Amazon.com: The Art of Deception: Controlling the Human Element of Security (9780764542800): Kevin D. Mitnick, William L. Simon, Steve Wozniak: Books
Amazon.com: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (9780471782667): Kevin D. Mitnick, William L. Simon: Books

4. InfoSec Institute. I was extremely impressed with my instructor's professionalism and expansive knowledge of pentesting and security as a whole. There wasn't any question he never had an answer to. Reading about the tools and then having to physically use them definitely drove the points home as I learn best by physically doing a task. The best thing of all was CTF; if you've messed with OSCP material and you're familiar with the terms "Try Harder" you'll know the feeling I was getting during those events. There were sometimes where I wanted to give up but subconsciously I kept hearing that same phrase over and over in my head . In all the course was 60-70% labs/CTF and 25% review for each exam; the constant labbing and reviewing cleared up any confusion I had between tools because I could actually make output associations with names. I will definitely use them again in the future if I need to and I highly recommend them.

REP! +1

Thanks for taking time out of your busy schedule for the write up.

My friend works for DISA in a networking role. He has the 2 years along with security +. I think this would be a perfect fit for him.

Thanks again!

DoesNotCompute

Congrats rouge2shadow!

Maybe I am missing the obvious but what did you mean by "CTF" when you said; "In all the course was 60-70% labs/CTF and 25% review"?

I took the class back in November and I am now trying to get back into full study mode so I can sit for the test in the next few weeks.

Thanks.

rogue2shadow

DoesNotCompute wrote: »

Congrats rouge2shadow!

Maybe I am missing the obvious but what did you mean by "CTF" when you said; "In all the course was 60-70% labs/CTF and 25% review"?

I took the class back in November and I am now trying to get back into full study mode so I can sit for the test in the next few weeks.

Thanks.

Thanks man!

Yea I fail at math

It should be 75% Labs and CTF and 25% review.

CTF (Capture the flag) involved the room being split into two teams to complete objectives given to us at the end of each day's lesson. I won't get into detail because I don't want to ruin it for anyone but think of it as two Reds teams (in my case) going against each other instead of one defense team and one attack team.

Its definitely rough getting back into the flow of things. Good luck in the coming weeks!

DoesNotCompute

ah, that sounds awesome. Competition is always a good learning motivator.

My game plan is to review the class training slides several times, redo all LABS at least 2-3 times each, sybex practice tests (although I read these aren't very helpful) speed read the nMap book which I just ordered and then rundown the official course topics and insure that I at least know what each topic references in a definiton sense of it.

I have read the Krutz study guide (which was outdated) and the Sybex book by Graves. I also read the Art of Intrusion by Mitnick which was very enjoyable and proved to be a good companion to the "technical" books in order to gain some insight into the blackhat mindset.

What would you say was the best study material out of the books you have listed?

I really wish Transcender had a CEH option . . .

rogue2shadow

DoesNotCompute wrote: »

ah, that sounds awesome. Competition is always a good learning motivator.

My game plan is to review the class training slides several times, redo all LABS at least 2-3 times each, sybex practice tests (although I read these aren't very helpful) speed read the nMap book which I just ordered and then rundown the official course topics and insure that I at least know what each topic references in a definiton sense of it.

I have read the Krutz study guide (which was outdated) and the Sybex book by Graves. I also read the Art of Intrusion by Mitnick which was very enjoyable and proved to be a good companion to the "technical" books in order to gain some insight into the blackhat mindset.

What would you say was the best study material out of the books you have listed?

I really wish Transcender had a CEH option . . .

Good plan!

I think its a tie between the CEH Prep guide and Web App Hacker's handbook. The CEH Prep Guide was great as a general overview and helped in terms of getting an idea of the terms involved with this certification. Its organized extremely well so it'll be a bit easier to dig down in any weak areas you may have. The problem with a lot of the guides for this exam is they only touch the surface so I wouldn't suggest reading this book alone.

If you're weak in web apps and web app attacks, the App Hacker's handbook is definitely a winner in my op.

DoesNotCompute

Good to know, I will check out the Web App book on amazon.

Thanks!

tpatt100

Congrats to the pass

I got my voucher yesterday from WGU so I am looking at my calendar to find a day that will work out for me to schedule the test. Wrote out a rough draft for my study outline I am going to use.

I used your post and some others I saw here for some study tips.