Passed CEHv7

What better way to introduce myself than with a review of my CEH experience...

First, a little about me: I have an Electrical Engineering background (BSEE), and completed a Masters in IT/IA last year. I work as a systems engineer (dealing with electrical/computer/mechanical technologies, as well as some IT and IA duties). As of late, I've been trying to get into the information security realm, so I decided to start by taking the CEH exam.

Before the Course:
I wanted to be sure that I was prepared for the 5-day CEH crash course. So, I decided to pick up a book. The leading candidate was the seemingly popular Certified Ethical Hacker All In One guide by Matt Walker. I read the book cover to cover, doing nearly all exercises in between. I found the content to be well thought out and fairly informative. Having a very strong and diverse technical background definitely helped me breeze through the book, but I'd say that most people with solid Windows and Linux experience would find this guide easy to follow.

The Course:
If it were coming out of pocket, I can promise I would have gone the self-study route. However, I decided an employer-funded course was hard to turn down. I enrolled in the 5-day bootcamp at the Academy of Computer Education (ACE) here in the DC metro area. ACE has a strong reputation as one of the best ATCs for CEH training in the world, so I expected nothing but top notch instruction. The course didn't let me down. The instructor was very knowledgeable and conveyed his knowledge effectively. We didn't use the EC-Council textbook very much (at all), but the instructor compiled a set of condensed slides based off the EC-Council slide deck. All in all, the course was put together very well. My recommendation: If you have a limited technical background or very little hands-on experience with some of the major tools (Wireshark, nmap, netcat), the course will give you a good deal of exposure. If you don't fall into this category, save your money and self-study.

Course Materials:
In short, the course materials are lacking. The textbook is nothing more than thousands of colorful slides. I understand this was EC Council's idea of revamped courseware, but the AIO book would serve as a much better text IMO. The lab guide, however was pretty darn good. There are lots of step-by-step exercises that give you a good start for using several common tools. Also included was a DVD full of tools. I haven't even opened the DVD, so I can't speak to it. Honestly, at the CEH level (maybe at any level), hundreds or thousands of tools is overkill.

The Result:
I took the exam at the end of the 5-day course. In just over 1 hour, I completed the 150 question exam and felt good enough to click submit. The result was a passing score of 94%. I definitely think my experience and study before the course helped me get more from the course itself. I'd recommend anyone considering this course to learn as much as possible before setting foot in the classroom.

What's Next:
Now that CEH is out of the way, I'm going back to my CISCO studies. I plan to go the 2-test route to get my CCNA in the next couple months. After that, I'll be pursuing the SANS GPEN cert.

Sorry for the long post. I've been watching the forums for a while now, and I decided now would be a good time to get involved. Any questions or comments are welcome. I'm looking forward to becoming a regular contributor.

Find more posts tagged with

Comments

YuckTheFankees

Nice job and thanks for the review!.

JDMurray

Welcome to TE!

impelse

Congrats, nice review.

SephStorm

great review, the only real questions I have are:

How much did the class focus on exam prep vs. labs?

Did you guys/instructor use the iLabs/Frankenstein and how was that experience?

ajd86

SephStorm wrote: »

great review, the only real questions I have are:

How much did the class focus on exam prep vs. labs?

Did you guys/instructor use the iLabs/Frankenstein and how was that experience?

Good question. The class was about 75% hands-on, so not a whole lot of teaching to the exam. The instructor did, however mention things that would be good to know for the exam (little clues such as: "Be comfortable with the commands for this tool"). The other 25% was spent going through a shortened version of the EC-Council slide deck. Knowing the information present in those slides combined with the right amount of hands-on was a great recipe for success.

We didn't use iLabs/Frankenstein, but were made aware of their existence. Our toolset was limited to maybe 40 of the more common tools, and all experiments took place using VMs.

Thanks for the comments, guys! Feel free to ask any other questions.

coty24

ajd86 wrote: »

Good question. The class was about 75% hands-on, so not a whole lot of teaching to the exam. The instructor did, however mention things that would be good to know for the exam (little clues such as: "Be comfortable with the commands for this tool"). The other 25% was spent going through a shortened version of the EC-Council slide deck. Knowing the information present in those slides combined with the right amount of hands-on was a great recipe for success.

We didn't use iLabs/Frankenstein, but were made aware of their existence. Our toolset was limited to maybe 40 of the more common tools, and all experiments took place using VMs.

Thanks for the comments, guys! Feel free to ask any other questions.

First of all congrats bro! Man, i'm jealous. My CEH class had hardly 15% hands on.

ajd86

coty24 wrote: »

First of all congrats bro! Man, i'm jealous. My CEH class had hardly 15% hands on.

Thanks man! I've heard a few people say their experiences were more "death by powerpoint", so I guess I was lucky with my class.