Taking the CEH in 5 days

finalhour216 · April 2008

I will be taking the CEH in 5 days. I've been in IT SEC professionally for about 3 years doing FW/IDS configuration and log analysis. Been on the offensive side for a while. Obtained the Security+ in spring 06. I bought the books at the beginning of the month. Cramming hard. Questions for the CEH certified pros here. Will I see alot of technical questions or will I see more theory based questions like the questions on the Security+? Hopes this make sense. thanks

seuss_ssues · April 2008

from what ive heard there are alot of questions concerning using the tools and their available options.

Which i guess would make it more technical than theory. But often times it requires a combination of theory and technical knowledge to answer a question.

dynamik · April 2008

keatron wrote:

Just a little tip to everyone wanting to take this exam. Make sure you not only know the tools, but make sure you can also look at logs and decipher what happened. Again, version 5 of the exam was a VERY significant change.

http://techexams.net/forums/viewtopic.php?p=189082#189082

JDMurray · April 2008

Your log analysis skills will help a lot on the CEH exam; I've heard that experience with tools such as nmap, netcat, and tcpdump is very necessary for the exam too. Check how many tools you know how to use on this list.

famosbrown · April 2008

Yep...you will get tested on analyzing logs for intrusions, virus attempts, etc. You will get tested on tools via understanding the output, which tool to use for what situation, etc. More technical than theory when I took CEH v5.

dynamik · April 2008

JDMurray wrote:

Your log analysis skills will help a lot on the CEH exam; I've heard that experience with tools such as nmap, netcat, and tcpdump is very necessary for the exam too. Check how many tools you know how to use on this list.

JD, do you have a list of security bookmarks you'd like to share? You toss out a lot of really useful links, and most of the time, they're new to me

JDMurray · April 2008

dynamik wrote:

JD, do you have a list of security bookmarks you'd like to share? You toss out a lot of really useful links, and most of the time, they're new to me

Hmmm...that's a good topic for a blog article.

Until then, here are a few bones:

USENET comp.security.misc
A Day in the Life of an Information Security Investigator
BroadbandReports.com Security Forums
BroadbandReports.com Security FAQ

cashew · April 2008

JDMurray wrote:

Your log analysis skills will help a lot on the CEH exam; I've heard that experience with tools such as nmap, netcat, and tcpdump is very necessary for the exam too. Check how many tools you know how to use on this list.

Sweet site, thanks.

finalhour216 · April 2008

Passed. 780. I have to say I am not impressed. It is my opinion that this test was written by someone whos second language is English. I had a question that asked me what is an ethical hack. The easiest question on the test and I think I got it wrong because of the way that all of the phrases were worded. I am not an English major but there were major grammatical errors and typos. Not to mention that some of the material was outdated so "best practice" when the test was written is no longer best practices. But there were alot of good technical questions. Had my adrenaline up there.

Back to CCNA. After that I haven't decided if I want to Remote-Exploit OffSec 101 or CISSP first. OffSec is 40 continuing education credits towards the CISSP. maybe the CISSP first.

JDMurray · April 2008

finalhour216 wrote:

It is my opinion that this test was written by someone whos second language is English. I had a question that asked me what is an ethical hack. The easiest question on the test and I think I got it wrong because of the way that all of the phrases were worded.

Sometimes I wonder if this sort of thing is done on purpose with the idea of introducing more difficulty into the questions.

finalhour216 wrote:

I am not an English major but there were major grammatical errors and typos.

I've seen odd grammar on cert exams, but never blatant typos.

finalhour216 wrote:

Not to mention that some of the material was outdated so "best practice" when the test was written is no longer best practices.

This is really surprising, considering that the CEHv5 exam is only 18 months old.

Have you considered the CPTS cert at all?

Taking the CEH in 5 days

Comments