Options
So you want to take the CCENT/CCNA...(read on)
Roguetadhg
Member Posts: 2,489 ■■■■■■■■□□
in CCNA & CCENT
I thought this was a great post. We've all heard "It's not the certifications, it's the experience." Most of the times we hear this from a friend, of uncles third relative whose boss's cousin... Anyways, You get the point. This is a thread coming from someone who does the hiring. Yes. I know this is a post on the C|EH [Ethical Hacker] forums. Look beyond that. It's a glimpse of someone who looks at resumes, interviews and also knows what he's looking for. It's invaluable information, I'm sure you can take a few moments from Lab, Book reading, videos for this thread 
_____________
So you want to be a C|EH... What to study, what to learn, how many questions, etc.. Aside fromwhat you may have heard about the exam, I will offer a perspective from someone who has been in the security industry for quite some time.
The C|EH is not necessarily an intro exam but certainly not at the expert level either. It is not on the same level with the OSCP (which I also posess) and has been frequently misunderstood. The C|EH exam is an beginner to mid level certification which deals with methodologies, tools and theory. The exam sadly uses many old tools in the industry however, many of these tools can sometimes be useful, but for the most part, are obsolete. All modules in the C|EH exam will be covered in the exam and however the questions come out, depend on your luck of the draw.
Let me ramble on and clarify certain key points... A certification is usually a means to get your foot in the door of a human resources department. Many HR personnel are usually non technical and will spout out any cert they've seen or heard of. When it comes to security, I've seen HR personnel look for CISM's, CISA's, CISSP's to do incidence response, C|EH's, GPEN's to do CISO style work. Do not depend on a certification that much - this means you the taker and any HR person reading this.
Outside of the common mismatch - seeking a C|EH to become a CSO, another method of measurement is who the certification is coming from. While EC-Council has worked hard at marketing itself, many serious HACKERS - and I mean white hats with hands on experience, look down on the exam. I really can't say I blame them since I was one who never cared much for certs before. Think about this cert really good before you decide to spend money. Ask yourself what are the pros and cons of spending money on this cert, will it add value, will I learn from it. How many companies are hiring C|EH's anyway?
As someone who has interviewed many individuals, certifications mean little to me. They may have meant something to my human resource department, but the second step in getting a good job is knowing your stuff period. So you made it through the top of the heap because you're xxx certified, question is, how well do you know your stuff? I'm liable to put someone on the spot and ask them questions relevant to what's on their resume. So if you stated you're a "security expert and have umteen years experience using Slackware" one of my favorite questions is: "You're being attacked from host 1.2.3.4 how do you stop it without using a firewall? The purpose of a question like this is to determine someone's underlying skill. You don't want to have dozens of certs and be clueless. I've dealt with many certified individuals up to the CCIE level and have corrected many, shook my head at many, and even asked which bubble gum machine they purchased their cert at. CCSP's, CCVP's, CCIE's, CISSP's, GCIH's you name it. On the flip side, I've met many certified individuals with enough clues to last a lifetime.
Research has proven that a monkey can be taught to use any tool and this is the problem with the C|EH, one too many tools, don't be a monkey, be someone who understands what their doing. Now I can understand the need to explore and use say a handful of tools per module but the C|EH took things a step too far in choosing to include any and every tool under the sun including one I wrote called Daemonic. Their selection includes tools that are outdated, will no longer work on current operating systems and are obsolete at this point.
So what do you know? Seriously, ask yourself. What do you think you know about security? In studying for any exam, you would want to understand and know the fundamentals of all the modules listed. Not solely for the exam, but for your own sake. Without some baseline to go on, all you are doing is memorizing data, data which you can and most likely will forget in a few weeks. So you took the time to attempt to memorize everything that EC-Council gave you in a half dozen or so books which are the size of a common city telephone book. What did you *truly* learn from these books? Given they are filled with pictures of tools and their syntaxes, what do you really know about the tools and what they do other than the basics?
Enough rambling, on to studies. My personal opinion to anyone taking this exam is going to come across straightforward and enlightening to some and others may be confused by it. My intention is to not only give you advice on preparing for the C|EH exam, but to give you advice on how to go about actually learning the trade. As previously stated, a monkey can be taught on the usage of a tool... With this said, this curriculum will introduce you to security from the ground up whether you choose to understand why or how. Its likely not going to be what you wanted to hear, but its what I feel is the proper method of learning and at the end of the road, I can guarantee you that you will learn more about the security industry from an all around perspective, regardless of the certification route you want to take, then you would solely focusing on the C|EH content.
Step One - Weeks One through Six
Go through understanding the OSI layer. Learn how protocols interconnect and communicate. Learn why and how things are the way they currently are. Although many shun the OSI layer, it is still highly referenced and straightfoward. You want to not only learn the names of the OSI layer, but you want to understand the communications part of it... How it all comes together. You should - repeat SHOULD understand every single part of the OSI layer. This comes in handy across all certifications in regards to tech. If someone asks you - "At what layer of the OSI does an SQL injection occur" you should know this answer. Remember, SQL operates on the Session Layer, but is an SQL Injection attack occuring at the Session Layer or at the Application Layer? Understand the core concepts beginning with the OSI model.
http://tinyurl.com/cehOSIlayer
OSI model - Wikipedia, the free encyclopedia
Step Two - Weeks Seven through 12
Immerse yourself in networking. Learn as much as you can on how networks interconnect. From the LAN level all the way on through. I cannot tell you how many individuals swear they understand the differences between a private LAN and a WAN. My suggestion would be to grab some of the Cisco books, my order or preference would be as follows with an explanation following...
Cisco Press:
Routing TCP/IP volume I and II
Network Security Architectures
Network Security Fundamentals
Designing for Cisco Internetwork Solutions (CCDA)
So why Cisco Press books, you're not studying for the Cisco exam... The listed books have a wealth of information with regards to common concepts, strategies in security. You will need to understand networking heavily in the security arena as computers are (drum roll) networked. Understanding routing, routing protocols will definitely help you in the long run whether you realize it or not. You will need to know how a path is taken to get to a targeted machine, you will want to understand portions of packet when doing sniffer/network analysis. You will need to understand why one protocol might be chosen over another. Overall without a network, there is little to be compromised. Even locally (LAN anyone?).
The CCDA book will also help you understand the concept in designing a network and while you may not care for it - you can learn plenty of information that you can use in the real world... My suggestion is to get the books, study them frequently and understand the core of it all. I suggest checking out a store I use on ebay called Best Bargain Books. I've purchased books for $1.00 (US) and paid about $3.50 on shipping. Category 1, Mature Audience items in Best Bargain Books store on eBay! Also check out the used section at Amazon.
Step Three - Weeks Twelve through 20
You've begun to understand networking, have an understanding of OSI, now its time to learn a thing or two about systems... Suggestion... Pick up any distro of Linux or BSD. Head over to distrowatch and select one you think would suit you. Remember, your goal is to understand an operating system... The best way is to do so hands on. My suggestion would be a variant of Redhat, either Fedora or CentOS. "But Debian so rox0rs!@" Distribution zealotry aside, the majority of corporations stick with primarily Redhat followed by SuSE on the Linux end, Free followed by Open on the BSD end, and mega corporations tend to go with a mixture of Solaris, HPUX, z/OS, Redhat, etc...
Since you want to do the C|EH narrow things down to Backtrack to speed things up. However, tinkering with different operating systems will give you experience on certain commands which will be asked on the test. You will want to learn some form of programming language at its basic in the future should you want to be an effective security professional. Don't focus on tools as you won't always be in an environment to run certain tools. Suggestion: Perl or Python period. I'll keep any programming zealotry out of this as well. Shell scripting comes in extremely handy as well so you will want to understand common shell scripts. Browse over the archives at Google Groups, see what others are doing in terms of systems administration. LSOF is your friend!
You now have Backtrack installed or perhaps are running it via a bootable CD or USB. Now what? Depending on which version you're using, BT has a decent structure for the tools directory. For example, enumeration, exploit, etc., every tool is in its respective folder. Begin tinkering with those tools on your own network/machine. Understand what they're doing, why they're doing it. You will need to know how to use specific tools on the C|EH exam. YOU WILL BE ASKED IMPLICITLY how to use X tool in X fashion, or "Based on this output, what syntax was used on tool X". Know your tools.
"But the C|EH lists umpteen thousand tools!"
Deductive reasoning can be used here. Discover which tools are most commonly used and focus on those tools. You can fool yourself into thinking you will memorize each and every tool but you will end up overloading your brain with information you won't be able to recall. Understand the concepts - remember this, I will say it over and over: There is a core concept to it all. Understand why you would want to use say decoys with a null scan. Why you wouldn't want to perform an xmas scan, what's the difference between a SYN, FIN and ACK scan? Which tool does it best? Why? DO NOT (repeat two times) waste money on any C|EH training book. The material for the exam is extremely scattered in logic. You don't want to waste study time looking at 500+ tools when perhaps 20 will be selected on the questions. Again, understand the core concepts... This is vital not only for the exam, but for yourself.
----
Now many will disagree on my method and suggestion for taking the exam but here is my logic: My writing is based on the notion that one is taking the exam for the sake of understanding and learning from a different perspective. The C|EH is not the CISSP, CISM, GPEN, OPST, OSCP and vice versa. Some may swear its a script kiddie exam, some may shun it, others may respect it, others may not. It is nothing more than a paper stating you understand a little bit more than the average person in the use of certain security tools. You can associate tools and methods for certain technologies. Remember the monkey analogy though - a monkey + tool
Personally I enjoy the pentesting area and moved on to the OSCP exam which was actually a difficult exam to pass. There are no questions involved... You're exam? Compromise preconfigured machines using an assortment of methods. Some may be buffer overflows, some may be escalation of privileges, etc., it is a difficult exam and anyone who has taken it will tell you the same. I slept about an hour an half throughout the entire exam which consists of getting root in a 24 hour period... Other than this bit of information, I cannot and will not disclose more... I value my OSCP more than my C|EH but it is based on a matter of preference. I wanted the CHFI (which I have) but I needed the C|EH in order to get the CHFI.
Anyhow, I hope all of my rambling didn't discourage you. I seriously hope that should you take the exam, you're actually taking it to learn something and not solely looking to whore another cert. Remember, those without a clue just and up devaluing the certification as a whole... Learn as much as you can about the core concepts of security - not just the tools. Doing so will help you with further studies, be it the CISM, CISSP, GPEN, GCIH, OPST, OPSA, NSA IAM...
Good luck
J. Oquendo | sil @{infiltrated.net || disgraced.org || tormenting.net}
OSCP, C|EH, CHFI, SGFA, SGFE
(edited to fix horrible typos)
________________________________
Source: http://www.techexams.net/forums/ec-council-ceh-chfi/35544-so-you-want-take-ceh-read.html
In respect to the author as well as keeping context intact, I've copied the entire post.
_____________
So you want to be a C|EH... What to study, what to learn, how many questions, etc.. Aside fromwhat you may have heard about the exam, I will offer a perspective from someone who has been in the security industry for quite some time.
The C|EH is not necessarily an intro exam but certainly not at the expert level either. It is not on the same level with the OSCP (which I also posess) and has been frequently misunderstood. The C|EH exam is an beginner to mid level certification which deals with methodologies, tools and theory. The exam sadly uses many old tools in the industry however, many of these tools can sometimes be useful, but for the most part, are obsolete. All modules in the C|EH exam will be covered in the exam and however the questions come out, depend on your luck of the draw.
Let me ramble on and clarify certain key points... A certification is usually a means to get your foot in the door of a human resources department. Many HR personnel are usually non technical and will spout out any cert they've seen or heard of. When it comes to security, I've seen HR personnel look for CISM's, CISA's, CISSP's to do incidence response, C|EH's, GPEN's to do CISO style work. Do not depend on a certification that much - this means you the taker and any HR person reading this.
Outside of the common mismatch - seeking a C|EH to become a CSO, another method of measurement is who the certification is coming from. While EC-Council has worked hard at marketing itself, many serious HACKERS - and I mean white hats with hands on experience, look down on the exam. I really can't say I blame them since I was one who never cared much for certs before. Think about this cert really good before you decide to spend money. Ask yourself what are the pros and cons of spending money on this cert, will it add value, will I learn from it. How many companies are hiring C|EH's anyway?
As someone who has interviewed many individuals, certifications mean little to me. They may have meant something to my human resource department, but the second step in getting a good job is knowing your stuff period. So you made it through the top of the heap because you're xxx certified, question is, how well do you know your stuff? I'm liable to put someone on the spot and ask them questions relevant to what's on their resume. So if you stated you're a "security expert and have umteen years experience using Slackware" one of my favorite questions is: "You're being attacked from host 1.2.3.4 how do you stop it without using a firewall? The purpose of a question like this is to determine someone's underlying skill. You don't want to have dozens of certs and be clueless. I've dealt with many certified individuals up to the CCIE level and have corrected many, shook my head at many, and even asked which bubble gum machine they purchased their cert at. CCSP's, CCVP's, CCIE's, CISSP's, GCIH's you name it. On the flip side, I've met many certified individuals with enough clues to last a lifetime.
Research has proven that a monkey can be taught to use any tool and this is the problem with the C|EH, one too many tools, don't be a monkey, be someone who understands what their doing. Now I can understand the need to explore and use say a handful of tools per module but the C|EH took things a step too far in choosing to include any and every tool under the sun including one I wrote called Daemonic. Their selection includes tools that are outdated, will no longer work on current operating systems and are obsolete at this point.
So what do you know? Seriously, ask yourself. What do you think you know about security? In studying for any exam, you would want to understand and know the fundamentals of all the modules listed. Not solely for the exam, but for your own sake. Without some baseline to go on, all you are doing is memorizing data, data which you can and most likely will forget in a few weeks. So you took the time to attempt to memorize everything that EC-Council gave you in a half dozen or so books which are the size of a common city telephone book. What did you *truly* learn from these books? Given they are filled with pictures of tools and their syntaxes, what do you really know about the tools and what they do other than the basics?
Enough rambling, on to studies. My personal opinion to anyone taking this exam is going to come across straightforward and enlightening to some and others may be confused by it. My intention is to not only give you advice on preparing for the C|EH exam, but to give you advice on how to go about actually learning the trade. As previously stated, a monkey can be taught on the usage of a tool... With this said, this curriculum will introduce you to security from the ground up whether you choose to understand why or how. Its likely not going to be what you wanted to hear, but its what I feel is the proper method of learning and at the end of the road, I can guarantee you that you will learn more about the security industry from an all around perspective, regardless of the certification route you want to take, then you would solely focusing on the C|EH content.
Step One - Weeks One through Six
Go through understanding the OSI layer. Learn how protocols interconnect and communicate. Learn why and how things are the way they currently are. Although many shun the OSI layer, it is still highly referenced and straightfoward. You want to not only learn the names of the OSI layer, but you want to understand the communications part of it... How it all comes together. You should - repeat SHOULD understand every single part of the OSI layer. This comes in handy across all certifications in regards to tech. If someone asks you - "At what layer of the OSI does an SQL injection occur" you should know this answer. Remember, SQL operates on the Session Layer, but is an SQL Injection attack occuring at the Session Layer or at the Application Layer? Understand the core concepts beginning with the OSI model.
http://tinyurl.com/cehOSIlayer
OSI model - Wikipedia, the free encyclopedia
Step Two - Weeks Seven through 12
Immerse yourself in networking. Learn as much as you can on how networks interconnect. From the LAN level all the way on through. I cannot tell you how many individuals swear they understand the differences between a private LAN and a WAN. My suggestion would be to grab some of the Cisco books, my order or preference would be as follows with an explanation following...
Cisco Press:
Routing TCP/IP volume I and II
Network Security Architectures
Network Security Fundamentals
Designing for Cisco Internetwork Solutions (CCDA)
So why Cisco Press books, you're not studying for the Cisco exam... The listed books have a wealth of information with regards to common concepts, strategies in security. You will need to understand networking heavily in the security arena as computers are (drum roll) networked. Understanding routing, routing protocols will definitely help you in the long run whether you realize it or not. You will need to know how a path is taken to get to a targeted machine, you will want to understand portions of packet when doing sniffer/network analysis. You will need to understand why one protocol might be chosen over another. Overall without a network, there is little to be compromised. Even locally (LAN anyone?).
The CCDA book will also help you understand the concept in designing a network and while you may not care for it - you can learn plenty of information that you can use in the real world... My suggestion is to get the books, study them frequently and understand the core of it all. I suggest checking out a store I use on ebay called Best Bargain Books. I've purchased books for $1.00 (US) and paid about $3.50 on shipping. Category 1, Mature Audience items in Best Bargain Books store on eBay! Also check out the used section at Amazon.
Step Three - Weeks Twelve through 20
You've begun to understand networking, have an understanding of OSI, now its time to learn a thing or two about systems... Suggestion... Pick up any distro of Linux or BSD. Head over to distrowatch and select one you think would suit you. Remember, your goal is to understand an operating system... The best way is to do so hands on. My suggestion would be a variant of Redhat, either Fedora or CentOS. "But Debian so rox0rs!@" Distribution zealotry aside, the majority of corporations stick with primarily Redhat followed by SuSE on the Linux end, Free followed by Open on the BSD end, and mega corporations tend to go with a mixture of Solaris, HPUX, z/OS, Redhat, etc...
Since you want to do the C|EH narrow things down to Backtrack to speed things up. However, tinkering with different operating systems will give you experience on certain commands which will be asked on the test. You will want to learn some form of programming language at its basic in the future should you want to be an effective security professional. Don't focus on tools as you won't always be in an environment to run certain tools. Suggestion: Perl or Python period. I'll keep any programming zealotry out of this as well. Shell scripting comes in extremely handy as well so you will want to understand common shell scripts. Browse over the archives at Google Groups, see what others are doing in terms of systems administration. LSOF is your friend!
You now have Backtrack installed or perhaps are running it via a bootable CD or USB. Now what? Depending on which version you're using, BT has a decent structure for the tools directory. For example, enumeration, exploit, etc., every tool is in its respective folder. Begin tinkering with those tools on your own network/machine. Understand what they're doing, why they're doing it. You will need to know how to use specific tools on the C|EH exam. YOU WILL BE ASKED IMPLICITLY how to use X tool in X fashion, or "Based on this output, what syntax was used on tool X". Know your tools.
"But the C|EH lists umpteen thousand tools!"
Deductive reasoning can be used here. Discover which tools are most commonly used and focus on those tools. You can fool yourself into thinking you will memorize each and every tool but you will end up overloading your brain with information you won't be able to recall. Understand the concepts - remember this, I will say it over and over: There is a core concept to it all. Understand why you would want to use say decoys with a null scan. Why you wouldn't want to perform an xmas scan, what's the difference between a SYN, FIN and ACK scan? Which tool does it best? Why? DO NOT (repeat two times) waste money on any C|EH training book. The material for the exam is extremely scattered in logic. You don't want to waste study time looking at 500+ tools when perhaps 20 will be selected on the questions. Again, understand the core concepts... This is vital not only for the exam, but for yourself.
----
Now many will disagree on my method and suggestion for taking the exam but here is my logic: My writing is based on the notion that one is taking the exam for the sake of understanding and learning from a different perspective. The C|EH is not the CISSP, CISM, GPEN, OPST, OSCP and vice versa. Some may swear its a script kiddie exam, some may shun it, others may respect it, others may not. It is nothing more than a paper stating you understand a little bit more than the average person in the use of certain security tools. You can associate tools and methods for certain technologies. Remember the monkey analogy though - a monkey + tool
Personally I enjoy the pentesting area and moved on to the OSCP exam which was actually a difficult exam to pass. There are no questions involved... You're exam? Compromise preconfigured machines using an assortment of methods. Some may be buffer overflows, some may be escalation of privileges, etc., it is a difficult exam and anyone who has taken it will tell you the same. I slept about an hour an half throughout the entire exam which consists of getting root in a 24 hour period... Other than this bit of information, I cannot and will not disclose more... I value my OSCP more than my C|EH but it is based on a matter of preference. I wanted the CHFI (which I have) but I needed the C|EH in order to get the CHFI.
Anyhow, I hope all of my rambling didn't discourage you. I seriously hope that should you take the exam, you're actually taking it to learn something and not solely looking to whore another cert. Remember, those without a clue just and up devaluing the certification as a whole... Learn as much as you can about the core concepts of security - not just the tools. Doing so will help you with further studies, be it the CISM, CISSP, GPEN, GCIH, OPST, OPSA, NSA IAM...
Good luck
J. Oquendo | sil @{infiltrated.net || disgraced.org || tormenting.net}
OSCP, C|EH, CHFI, SGFA, SGFE
(edited to fix horrible typos)
________________________________
Source: http://www.techexams.net/forums/ec-council-ceh-chfi/35544-so-you-want-take-ceh-read.html
In respect to the author as well as keeping context intact, I've copied the entire post.
In order to succeed, your desire for success should be greater than your fear of failure.
TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams
TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams