Passed CEHV9 4/12 with 90%

splash24splash24 Member Posts: 30 ■■□□□□□□□□
Background : Have been on a cert spree which started in June last year.Cleared CISSP in August and CISM in December and also have boat load of certs in Networking.Have solid background on Encryption , Networking , Risk management , Info security etc.,
What I did not have was experience with tools , Kali linux and pen testing.

I agree with CEH passed post from KIRLAB about the exam format , you might see some variation with respect to number of questions from each domain / topic but it’s pretty much the same

I also like this post from t@tt003dg33k.I also honestly don’t understand all the ranting on the cert or ECC.If you have studied sincerely there is no way you can fail this exam with Matt Walker or any other material.The exam is pure vanilla and barring 20 questions you can be absolutely sure about ONE answer for 105 questions.This is the easiest exam I cleared in my career.Key is to prepare sincerely and be very strong with concepts rather just answers to questions , You should be in a position to explain the correct answer to a 3rd party.I am not going to be a pen tester or a hacker by clearing this cert but this cert pretty much helped me understand the hacking world.It barely introduced which I agree but I would not be a noob now to manage a tiger team or a blue team or need to use google when they speak which is my primary motivation for me to clear this cert.I now understand your world a little bit icon_cheers.gif

My Study Approach :

1.Official Aspen course & Labs
2.Matt Walker AIO ( Listened with Ez pdf reader )
3.Sybex Guide ( Listened with Ez pdf reader )
4.Boson Practice Tests
5.Transcendar practice tests
6.Skillset ( All 5000 icon_study.gif)

Like majority I also started with Aspen material which is pretty good minus the tool crap.I had made useless notes about lots and lots of tools.This is the only thing I regret NOT because the knowledge is waste but I spent 2 months on it which barely helped with the exam.I wish I had spent more lab time.

I knew the risk, standards topics overlapped and coming fresh from CISSP,CISM I did not even need a refresh so I was focusing on learning Kali linux , attack types etc.,Aspen labs are excellent.Took lot of time during the first pass but once I had overall idea the subsequent passes were quick.There was a time I was multitasking with watching movies , cricket and doing labs simultaneously.I did install Kali , Win2k8 on my mac using vmware but was not fun compared to ready labs given by Aspen.Will certainly use ocne my Aspen account expires in 6 months.

I go on foot to office ( 2 hours ) a day so I had lots of time to listen to Matt Walker & Sybex material.

Practice tests are god send.There are a lot of concepts out there which you are confident in but sometimes questions get very tricky.Like you are able to deduce 2 answers but unable to choose 1.This is where practice tests help because it prepares you for that decision making.I took every question seriously and researched on all wrong answers.So Boson had 500 questions , I made it a 2000 affair by researching all options on all questions.I always followed this approach and this has not failed me ever.
I also did all skillset questions once and do not recommend at all.I had time so did it but did not help with the exam because there is LOT of unwanted material there.

Exam Experience: I was not confident even on the exam day , fearing tools.The exam was a sweet surprise , More on concepts and understanding than the tool names or whether they are supported in Unix/Linux platform

My advice for exam readiness: 70% on Boson / Transender is good enough.I was scoring 70-75% on all first attempts and it’s a pretty good indicator.Do follow this CEH passed post from KIRLAB , did an amazing job of splitting the model.I cannot do a better job than that so not going into specifics but open to answer questions as this forum has been helping me with my journey and onto CISA now icon_cool.gif

Please feel free to ask me any questions you may have.Will be glad to help.

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Congrats on the pass!
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Congrats! And yes, the exam is straight-forward and if you know your stuff you will pass.
    I am a Jack of all trades, Master of None
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    Congrats
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • ratbuddyratbuddy Member Posts: 665
    Late to the party, but congratulations, and I'd like to ask if you feel it is important to memorize all possible command line switches for the covered utilities, or rather is it enough to know on a conceptual level what those utilities can potentially be used for?
  • IronmanXIronmanX Member Posts: 323 ■■■□□□□□□□
  • IronmanXIronmanX Member Posts: 323 ■■■□□□□□□□
    ratbuddy wrote: »
    Late to the party, but congratulations, and I'd like to ask if you feel it is important to memorize all possible command line switches for the covered utilities, or rather is it enough to know on a conceptual level what those utilities can potentially be used for?

    Your going to want to memorize the Nmap switches.

    I wrote this before:
    "OK so know the TCP hand shake.

    nmap -sN. Know what a null scan is and how it works. what the responses are to open and closed ports.
    nmap -sF. Know what a FIN scan is and how it works. what the responses are to open and closed ports.
    nmap -sX. Know what a XMAS scan is and how it works. what the responses are to open and closed ports.
    etc...
    Here is the list of switches i studied: -sA -sF -sI -sL -sN -sO -sP -sR -sS -sT -sW -pI -PO -PS -PT -oN -oX
    Know your -T0-5 switches.

    ^^^Also know how they work on/against different operating systems. Windows does not follow RFC 793.

    Know your
    ICMP Types and Codes"
  • ratbuddyratbuddy Member Posts: 665
    Super, thanks for the info :)
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    So WGU gives us the Aspen eBook and labs, also looks like they have some EC Council iLearn videos too. They also provide the Boson exam. With those and a Kali VM, do you think that's enough to pass it or do you think I need to get that sybex book or something else?
  • splash24splash24 Member Posts: 30 ■■□□□□□□□□
    @=markulous

    Sybex is an easy read.You will be fine without it but DO read Matt Walker once, Aspen book has lot of junk you are fine if you are good with filtering otherwise please read Matt Walker.If you ahev doubt just go through the "Summary" after every chapter and do the questions.I found the questions to be the easiest.

    @=ratbuddy

    I am afraid there are handful of questions on command line utilities and especially outputs of those commands or wireshark analysis etc.,Every exam experience could be different but what helped me was to learn the basics and try to build on it.Dont go too deep but I agree with what Ironmax is saying.There is a table in Matt Walkers book for Nmap switches.Learn the most prominent ones same with Google , Wireshark , nslookup , netcat.Rest you should be able to identify.Example : Identify which line of wireshark is asking to resolve a host name , Based on the below output do you agree the above netcat command was successful ? Did the hacker achieve success with a zone transfer ? etc., I never touched Kali , nmap , netcat before the exam and did alright with the Aspen labs.I am sure you will push through as well, Good luck.
  • jasonperry10jasonperry10 Member Posts: 60 ■■■□□□□□□□
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Does Matt Walker have a v9 of that? Only one I'm seeing is by Sean-Philip Oriyano
  • gncsmithgncsmith Member Posts: 459 ■■■□□□□□□□
Sign In or Register to comment.