Chfi

Hi Everyone,

For those of you who have taken this exam, what study materials would you suggest? What really works for me are the videos but it doesn't seem that there are many on this topic. Went to see if CBT nuggets had anything but unfortunately it looks like they don't

. I want to get material that is quality and to the point. I looked at the "official" study guide (the red book) on Amazon but I don't like what i'm seeing on some of the reviews. I do have access to uCertify and will use it but im neutral (they are hit and miss to me).

Find more posts tagged with

Comments

JDMurray

Start by searching this forum for "chfi" and read the previous posts on the subject.

Agent47

I understand that I can do that (and I definitely have) but most posts on this subject are either kinda old or reference the v3 exam. I'm just asking for opinions from people who have taken the v4 test what they have used since like another poster said, there's barely any updated material. If v3 items are different from v4 I don't want to look at v3 stuff that's all.

ajd86

I don't have a direct answer to your question, but be aware that CHFIv8 was released a month or two ago. I can't tell you how much difference there is, but the huge jump in version numbers might be indicative of a big difference. I've yet to find anyone who says there is a wealth of information out there for this cert.

Agent47

ajd86 wrote: »

I don't have a direct answer to your question, but be aware that CHFIv8 was released a month or two ago. I can't tell you how much difference there is, but the huge jump in version numbers might be indicative of a big difference. I've yet to find anyone who says there is a wealth of information out there for this cert.

Thanks for your reply, greatly appreciated. According to EC-Council they say "The CHFIv4 exam will officially retire on August 30th, 2012." I find it pretty amazing that they advertise this v8 on their website yet the right study material is challenging to find as their courseware page for v8 is blank so im not sure if they are pushing that exam yet. Ah well, will have to make do. Interesting to say the least.

tpatt100

I took and passed CHFI v4 this Saturday. Thought it was fairly easy but I took the CEH a while back so I am probably comparing it to that. It is very general. It is more about work processes than specifics, even though you get tested on specific things occasionaly but if you have a good understanding from a high level perspective you can easily study the specifics.

I used the books WGU provided which are the official EC-Council books, you can find them on Amazon. With V8 out soon or now, study materials might be hard to come by unless you go the EC Council route.

From what I remember it was mostly general type questions but all over the place. I am not a fan of EC-Council exams because the books throw every tool under the sun at you and hardly have any test questions on specifics. So I think EC-Council should reevaluate this cert and think it through. If your going to have a million tools in the books, maybe you should focus more on the legal/technical process and just have a handful of specific tools. The process will change slightly the tools will change greatly over time.

I want to do Wireshark cert (maybe) sometime this summer not sure though. Kind of want to read a more current forensic book and look at it from an incident response skill rather than the legal part of it. The legal is important but I kind of want to work on boosting my incident response capabilities rather than the police type stuff.

JDMurray

tpatt100 wrote: »

The legal is important but I kind of want to work on boosting my incident response capabilities rather than the police type stuff.

If you don't understand "the police type stuff" you may possibly corrupt or destroy evidence important to a legal investigation. Think of it as the stuff your organization's legal department would want you to know to keep from accidentally hindering an investigation.

tpatt100

JDMurray wrote: »

If you don't understand "the police type stuff" you may possibly corrupt or destroy evidence important to a legal investigation. Think of it as the stuff your organization's legal department would want you to know to keep from accidentally hindering an investigation.

Yeah I agree but I think I just want to become better of finding out how something happened rather than keeping evidence from getting mucked with. Every job I have worked it seems incident response is pretty much "a binder of papers that rarely gets updated or looked at". Having a hard time pushing companies to actually commit to proper incident response.

Agent47

Thanks tpatt100! I am also doing this through WGU. I just got through the CEH last week and I do agree that while I studied many tools their coverage was miniscule. I was expecting alot of tool syntax etc that I had studied from Matt Walkers book and well, heh, what you said. Guess I am just over thinking it a bit but I suppose its because im crushed for time. I totally agree with you though in regards to the testing material. Now, I have heard some conflicting stories on the amount of questions, did you have 50 or 150? Did you also use the uCertify stuff WGU gives you?

tpatt100

Agent47 wrote: »

Thanks tpatt100! I am also doing this through WGU. I just got through the CEH last week and I do agree that while I studied many tools their coverage was miniscule. I was expecting alot of tool syntax etc that I had studied from Matt Walkers book and well, heh, what you said. Guess I am just over thinking it a bit but I suppose its because im crushed for time. I totally agree with you though in regards to the testing material. Now, I have heard some conflicting stories on the amount of questions, did you have 50 or 150? Did you also use the uCertify stuff WGU gives you?

I had 150 questions. Study materials I downloaded some online flash cards from a flash card app I got for Android that connected to some flash card online site. Need to double check which app it was . "Flashcard Machine" is the name. I downloaded some CEH flash cards and a Network+ one and focused on:

1. Ports
2. OSI Model (layers-what devices does what)
3. Types of Firewalls

Then I focused on legal stuff some specifics but mostly got a top view understanding. I did the uCertify practice tests a few times but found that was actually harder than the actual test, not that they were hard but the questions were more detailed.

I swear probably 15-20 percent of the test relied on the same answer or general answer because that was how basic the questions were. Like email incident response related stuff? Study email headers and that covered a number of questions alone.

the_hutch

I lucked out due to a mistake on the part of EC-Council, and got the official CHFI material for free. When I purchased my subscription for the CEH iLearn course, somehow they enrolled me in both. I never mentioned it to them, lol

YuckTheFankees

the_hutch,

Thats awesome lol

instant000

After reading this post, I'm not intimidated about this test. I'll request the voucher from my mentor coming up. This semester's up at the end of next month, and this is the only thing left. I should be finalizing LKT2 within the next couple days, and then it'll be full bore on this one... this degree program is a journey, LOL

the_hutch

instant000 wrote: »

After reading this post, I'm not intimidated about this test. I'll request the voucher from my mentor coming up. This semester's up at the end of next month, and this is the only thing left. I should be finalizing LKT2 within the next couple days, and then it'll be full bore on this one... this degree program is a journey, LOL

Given your credentials...test should be a breeze.