CEH Study Plan

DivergenceDivergence Member Posts: 6 ■□□□□□□□□□
Hi everyone! So I'll be studying for my CEH exam scheduled in the last week of September. I've been weighing on different study materials and would love to hear your thoughts about it. So far I'm planning on studying using:

1. Matt Walker's AIO v8 (Since the book for version 9 is not out yet, do you guys recommend this?)
2. Sybex Oriyano CEH v9 Study guide
3. Skillset
4. CEHv9 Courseware Slides


Thanks in advance you guys icon_surprised.gif

Comments

  • nandykarnandykar Registered Users Posts: 1 ■□□□□□□□□□
    That is a good list. MAtt Walker's book is better than the Sybex book. Though the chapter on cloud computing is only present in the Sybex.

    My suggestion - read all these but more importantly - create a virtual lab and practice the lab sessions with the tools.
  • DivergenceDivergence Member Posts: 6 ■□□□□□□□□□
    nandykar wrote: »
    That is a good list. MAtt Walker's book is better than the Sybex book. Though the chapter on cloud computing is only present in the Sybex.

    My suggestion - read all these but more importantly - create a virtual lab and practice the lab sessions with the tools.

    Thanks! added cybrary.it to help with my labs :)
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Divergence wrote: »
    Thanks! added cybrary.it to help with my labs :)

    FWIW: I would also recommend the Boson ExamSim. It's a touch on the pricey side (sometime you can get it on sale for about 75-80.00) but I think its very much worth it. It helps you find weak areas, and also gives really good explanation with source references. Personally, I think this is better than the Sybex book and Skillset combined . . .
  • DivergenceDivergence Member Posts: 6 ■□□□□□□□□□
    BuzzSaw wrote: »
    FWIW: I would also recommend the Boson ExamSim. It's a touch on the pricey side (sometime you can get it on sale for about 75-80.00) but I think its very much worth it. It helps you find weak areas, and also gives really good explanation with source references. Personally, I think this is better than the Sybex book and Skillset combined . . .

    Thanks for your feedback buzzsaw, found the link 312-50 CEH Practice Exam | Boson. The only reason i'm on hold is because its costs 90$ for only 500 questions, is it worth the money?
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Divergence wrote: »
    Thanks for your feedback buzzsaw, found the link 312-50 CEH Practice Exam | Boson. The only reason i'm on hold is because its costs 90$ for only 500 questions, is it worth the money?

    You might be able to find a coupon code somewhere with a little google searching. I had a coupon code, but it has since expired.

    "worth the money" is a relative term, but for me, and my study methods, I totally think it was worth it. Lots of questions, lots of answers, and good explanations. These helped me with the compliance portion of the test big time. You certainly couldn't pass the test with ONLY this, but I think this is a good tool to use as your final prep. You can check out my "passed 7/11" post for my take on it.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    I think Matt Walkers guide was enough. Read that and be familiar with Nmap and you'll pass for sure.
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    markulous wrote: »
    I think Matt Walkers guide was enough. Read that and be familiar with Nmap and you'll pass for sure.

    So, not to say your "Wrong" but my experience was a bit different. I had at least 7-8 questions about compliance related topics (HIPAA as an example) while having maybe 5 NMAP specific questions. Strictly speaking, the AIO book, nor nmap would cover a decent subset of questions. I think other materials are needed for the newer revisions.
  • tmurphy3100tmurphy3100 Member Posts: 154 ■■■□□□□□□□
    markulous wrote: »
    I think Matt Walkers guide was enough. Read that and be familiar with Nmap and you'll pass for sure.

    Is the second edition the newest one? I am confused because Amazon has 2 "Second Editions" with totally different pricing.
    2020 Goals: CCNA R&S, Cysa+, AZ103, Linux+, Pentest+
  • DivergenceDivergence Member Posts: 6 ■□□□□□□□□□
    BuzzSaw wrote: »
    So, not to say your "Wrong" but my experience was a bit different. I had at least 7-8 questions about compliance related topics (HIPAA as an example) while having maybe 5 NMAP specific questions. Strictly speaking, the AIO book, nor nmap would cover a decent subset of questions. I think other materials are needed for the newer revisions.

    May I ask what are the compliance questions about? HIPAA SOX DMCA? or are there any questions about risk assessment, business continuity disaster recovery? Thanks!~
  • shoeyshoey Member Posts: 111 ■■■□□□□□□□
    Divergence wrote: »
    May I ask what are the compliance questions about? HIPAA SOX DMCA? or are there any questions about risk assessment, business continuity disaster recovery? Thanks!~

    You don't need to get very detailed with the compliance/legal questions; a general understanding and the field that they relate to is probably more than enough. I would definitely understand risk assessment, BCP, DRP, change/patch management, pentest phases, and most importantly... NMAP, NMAP, NMAP.

    I purchased Matt Walkers AIO v8 and the Sybex v9. and both would be sufficient to pass this exam. Even though I'm a fan of Sybex - I found Matt Walkers AIO to be the better choice. Also, I would suggest downloading Kali Linux and actually using the tools. Best of luck!
    "I have missed more than 9,000 shots in my career. I have lost almost 300 games. 26 times, I've been trusted to take the game winning shot and missed. I've failed over and over and over again in my life. And that is why I succeed." - Michael Jordan
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Divergence wrote: »
    May I ask what are the compliance questions about? HIPAA SOX DMCA? or are there any questions about risk assessment, business continuity disaster recovery? Thanks!~

    It seemed like a little bit of everything, but generally just having an overall knowledge should be good enough. Like one things I did was list all of the major compliance \ regulatory actions and bill, and just get a general understanding of them. In one section of my notes I wrote a quick summary of the following:

    18 USC 1029
    18 USC 1030
    CAN-SPAM
    DMCA
    SOX
    GLBA
    HIPAA
    FERPA
    FISMA
    FITARA
    NDAA
    Computer misuse act of 1990
    NIST 800's
    PCI DSS and its 11 requirements
    OSSTMM

    Also, for what it's worth, I remember having a few questions about XOR operations which (I cant remember) if that is covered in AIO or not.
  • whoknewwhoknew Member Posts: 49 ■■■□□□□□□□
    Best of luck on the exam. I passed CEHv9 this afternoon. Here's what I used:

    1. Sybex CEHv9 Study Guide (lots of questions/practice exams on-line)
    2. Sybex CEHv9 Practice Tests Book (even MORE questions/practice exams on-line)
    3. Skillset Pro (took 5 or 6 of their 150 question practice tests)
    4. 12 week Penetration Testing course w/ labs at local community college
    5. Watched a ton of Mr. Robot....especially the exploits

    Also, look at BuzzSaw's comments above.....very sound advice in study topics. This exam is a no holds barred, everything is fair game & on the table, the rules are there are no rules kinda test.
    "I got a BAD feeling about this..."

    What's Next: CISM, CompTIA CySA+ & PenTest+, OSCP, CCNP Security, GSEC, GPEN
Sign In or Register to comment.