So cruel, 2nd attempt missed by 1 point...

Just got back from my second attempt, and missed it by 1 point this time. I'm pretty floored by this and don't understand where the disconnect is. I've been studying the new Matt Walker CEH AIO, and have read it over twice since my previous attempt, along with other studying. Without going into too much detail and getting in trouble, I'm wondering where the in depth coverage of Metasploit, PCI DSS standards, and some other things come from. Does EC Council put research questions on the exam like ISC2? Even with getting quite a few questions leaving me wondering where that was covered, I still felt good about where I was at, until the exam ended.

In my life I have taken health and life insurance tests, Florida real estate license, Net+, Sec+, CISSP, ITIL F, all passed with no problem on the first go. Not to mention graduating from UF with my BSBA, which has some extremely difficult quant classes. So what the hell is it about this stupid CEH test? As much as I'm struggling right now with feeling like it's some kind of mark against me and somehow defines me, I know how to study and prepare well for tough subjects and exams.

So what now? I do feel more than ever that maybe technical security is not for me. I should probably stick to the GRC/management side of security. It just comes to me so naturally. I know 100% I'm not paying out of pocket for this test to continue on with the WGU MSISA so I need to get with my mentor to see what the implications of that are. I think it's time to start studying for the GMAT, and go back to UF for my MBA like I was planning on doing after the MSISA. As well, I'm about to crack open the ISACA CISM manual and get started on that.

Find more posts tagged with

Comments

Khaos1911

That sucks, bro. Sorry to hear that. I bought the official self study materials for the CEHv8 and it was overkill. I know CEH gets bashed around these parts, but the study material provided by EC-Council was incredible, but it was overkill for the exam. I feel your pain on this cert stuff though...I'm now finishing up my GSEC studies, but making it through this freaking SANS Windows Security (Book 4) is killing me. God it's boring and I just want to finish this stuff so I can sit this dang exam. I'm just burnt out from certs and after this year I'm going to dial back considerably from the cert world.

emerald_octane

If you have access to CEH iClass then you shouldn't need any other sources. In the past (when the iLabs sucked) supplementation was necessary but they're greatly improved this time around. The iClass is very geared towards the exam requirements.

colemic

Dang JoJo, sorry to hear that... definitely talk to your mentor, I believe they only provide 2 vouchers. You might also want to look into appealing, don't know if that's possible or not? In my totally biased opinion (see right below my screenname and add all the sarcasm you can muster) you'd have an argument based on the poor grammar/wording of the some of the questions, but that's just me... I just love a good argument.

edit to add:

Don't feel like this one exam defines your technical abilities. It doesn't, no different than any other certification exam does. If you are like me, and need the cert solely for WGU, that is even moreso the case.

jamesleecoleman

My first mentor told me that WGU students get discounts when they have to take the exam over.

Just because you don't pass the CEH, doesn't mean that technical security isn't for you. Maybe you can pass the OSCP or eCPPT. You can do this, it just might just take some time.

Do you have a breakdown of each section? I was taking some general notes with screenshots for the CEH but it's not done yet. Maybe I can send them to you.

daviddws

NOT cool. Sorry to hear about that.

cyberguypr

Ouch! That has got to hurt. Don't let it make you lose focus.

@colemic, aren't you in the board of directors at EC-Council? Help the man out!

colemic

Heh. If I were king for a day...

JoJoCal19

Khaos1911 wrote: »

I'm just burnt out from certs and after this year I'm going to dial back considerably from the cert world.

I'm kind of burnt out too. I went straight out of my BSBA to the CISSP to the ITIL F to the CEH and have been working on the CEH over the past several months. I am pushing to knock out my CISM in September and the CISA in December and be done with major certs.

emerald_octane wrote: »

If you have access to CEH iClass then you shouldn't need any other sources. In the past (when the iLabs sucked) supplementation was necessary but they're greatly improved this time around. The iClass is very geared towards the exam requirements.

IF there is a third attempt (about a snowballs chance in hell at this point) I may just use the iClass videos exclusively.

colemic wrote: »

Don't feel like this one exam defines your technical abilities. It doesn't, no different than any other certification exam does. If you are like me, and need the cert solely for WGU, that is even moreso the case.

I know I have only a small amount of technical experience, but I have the desire to do more technical things in the security arena. But I feel like if I can't even pass what is regarded as an "easy" test by most everyone, that covers a large breadth of the basic technical security threats, how am I going to succeed in an actual role dealing with more in depth technical threats and duties?

jamesleecoleman wrote: »

My first mentor told me that WGU students get discounts when they have to take the exam over.

Just because you don't pass the CEH, doesn't mean that technical security isn't for you. Maybe you can pass the OSCP or eCPPT. You can do this, it just might just take some time.

Do you have a breakdown of each section? I was taking some general notes with screenshots for the CEH but it's not done yet. Maybe I can send them to you.

I'll have to see what kind of discount. $200 is absolutely the max I'd even entertain paying for a retake. As to the OSCP and eCPPT, I've long thought I'd like to do them. I snagged the eLearnSecurity student course when they did the $100 sale back in May. I honestly think I would be able to do well in the OSCP/eCPPT as they are practical. The classes I did the worst in (relatively speaking) in school were the ones where we were told to read 8 chapters of random information and were tested on what we could remember, ala CEH cert.

Chivalry1

Sorry JoJo. Maybe "easy" is a relative term here, but I found the CEH to be very challenging and interesting. In my opinion I learned more from this certification than many of the others I earned. I studied for a month then took the official course....and I must say it was an awesome experience. The cert is truly hands on technical; which is the reason I think I enjoyed it so much it challenged my technical security knowledge. Maybe I over-studied but I enjoyed every aspects of each of the modules and labs and don't consider it a waste of time.

Now this will not be a popular opinion, but the CEH offers better "technical" experience than what the CISSP can offer. Because there are some CISSP that can't tell you how to interpret a TCPDUMP. My opinion you should continue to pursue this certification. Because it will sit in the back of your mind as a certification you didn't complete.

Good Luck!!!

emerald_octane

Chivalry1 wrote: »

Now this will not be a popular opinion, but the CEH offers better "technical" experience than what the CISSP can offer. Because there are some CISSP that can tell you how to interpret a TCPDUMP. My opinion you should continue to pursue this certification. Because it will sit in the back of your mind as a certification you didn't complete.

I agree 1000%. I think it's just cool to hate on the CEH , even if you hold it. I enjoy this slightly controversial cert.

JoJoCal19

Chivalry1 wrote: »

My opinion you should continue to pursue this certification. Because it will sit in the back of your mind as a certification you didn't complete.

Good Luck!!!

We think alike. The only reason I even have an iota of a thought to attempt it again is because I feel like it beat me, and I want to win. Unfortunately I just dont think time will allow for that, and I'll be damned if im giving EC Council $500 for it.

Chivalry1

JoJoCal19 wrote: »

We think alike. The only reason I even have an iota of a thought to attempt it again is because I feel like it beat me, and I want to win. Unfortunately I just dont think time will allow for that, and I'll be damned if im giving EC Council $500 for it.

Understood. Just sharing my experience. After I failed the CISSP, it literally "haunted" me day and night until I passed. I did some certifications in between, but it was still constantly on my mind.

Also, problem with the CISSP was that I was approaching it from a technical standpoint leveraging my technical/operational IT security experience; bad ideal. But I could use that technical experience for the CEH and passed easily on the 1st try. So all in all...maybe your approach should be different than from that of CISSP.

But I am also of the opinion, if you can pass the CISSP you can pass anything!

diggitle

I'm sorry to hear about your second failure. I haven't attempted it again as I want to be 100% sure. My question is what is your study approach? Are you approaching from the standpoint of performing mock penetration test where you have a lab and are hacking and understanding the ins and outs of what you're doing, or are you studying by way of reading the book and wanting to go on memory? I know everybody is different but with this certification having that penetration testing experience be it actual pen testing job, or a lab at home might help with the Metasploit depth questions. My point is (with respect) you probably are a master at understanding the terminology of security (CISSP level style) but what about the practical application? Setting up a lab would probably fill in the technical application gaps if applicable.

JoJoCal19

diggitle wrote: »

I'm sorry to hear about your second failure. I haven't attempted it again as I want to be 100% sure. My question is what is your study approach? Are you approaching from the standpoint of performing mock penetration test where you have a lab and are hacking and understanding the ins and outs of what you're doing, or are you studying by way of reading the book and wanting to go on memory? I know everybody is different but with this certification having that penetration testing experience be it actual pen testing job, or a lab at home might help with the Metasploit depth questions. My point is (with respect) you probably are a master at understanding the terminology of security (CISSP level style) but what about the practical application? Setting up a lab would probably fill in the technical application gaps if applicable.

I do have a nice lab setup, however I didn't utilize it as much other than to get a feel for some of the tools like NMAP, TCPdump and Hping. On this last exam attempt, I don't recall seeing many questions had tool output or a question on syntax. Obviously being able to get just 1 or 2 more right would have changed the result. I guess my bigger issue is, even if I passed with a 70, that's still a huge amount that I'm missing, and obviously some kind of disconnect. Whether it's with me and the material or me and this particular exam, I don't know because the POS organization EC Council can't be bothered to give you any kind of feedback on how you did other than the score. So I have no idea where in the roughly 20 modules of info that I need to refocus my efforts. And hence why I don't care to give them a dime of my own money to take their exam.

JoJoCal19

Also, if anyone has any tips on the CHFI please feel free to share them. I've got to get started on that now. I plan on also keeping up with CEH items so I can retain the knowledge in case I give it another go.

colemic

JoJoCal19 wrote: »

I know I have only a small amount of technical experience, but I have the desire to do more technical things in the security arena. But I feel like if I can't even pass what is regarded as an "easy" test by most everyone, that covers a large breadth of the basic technical security threats, how am I going to succeed in an actual role dealing with more in depth technical threats and duties?

While the CEH is more of a 'practical' exam, that does not mean it is necessarily relevant. Many see the CEH as testing knowledge on outdated tools, attacks, and techniques.

And yes, I am CEH hater, and it's not a bandwagon thing for me. I feel this cert has given me the least amount of practical knowledge, and isn't an accurate description or gauge of someone doing any kind of pen test/security work - some pass this exam and still literally have no idea WHY an attack is successful, or how to defend against it - or if they do, their response is what they learned - to use an outdate tool. And I realize that while that disconnect is true to some degree for every cert, in my opinion it is magnified with the CEH and CHFI, especially with the excessive cost, application fee, and unprofessional grammar/English comprehension on the exam. JMO.

I hear ya on being driven to pass it though and I definitely understand and respect that.

@chivalry1 The CISSP isn't meant to measure technical skills, more managerial/strategic level thinking.

StevenP2013

I watched all of the iclass training videos provided by EC-Council/WGU for the CEH and CHFI. The CEH I passed on the first try, the CHFI I missed the first time by two or three questions. I watched a few of the videos over, studied some of the instructor slides more closely and passed the second time by a couple. The ilabs are nice to use if you have time. For the CHFI, the videos had tons of tools, i skipped over them and it didnt have any impact on the outcome of the exam.

Chivalry1

colemic wrote: »

While the CEH is more of a 'practical' exam, that does not mean it is necessarily relevant. Many see the CEH as testing knowledge on outdated tools, attacks, and techniques.

And yes, I am CEH hater, and it's not a bandwagon thing for me. I feel this cert has given me the least amount of practical knowledge, and isn't an accurate description or gauge of someone doing any kind of pen test/security work - some pass this exam and still literally have no idea WHY an attack is successful, or how to defend against it - or if they do, their response is what they learned - to use an outdate tool. And I realize that while that disconnect is true to some degree for every cert, in my opinion it is magnified with the CEH and CHFI, especially with the excessive cost, application fee, and unprofessional grammar/English comprehension on the exam. JMO.

I hear ya on being driven to pass it though and I definitely understand and respect that.

@chivalry1 The CISSP isn't meant to measure technical skills, more managerial/strategic level thinking.

Understood Colemic CISSP is absolutely a managerial/strategic certification. But in the information security field, and this is my personal opinion, I think more than often its better to have a good technical security foundation as well to compliment. When sitting around the table with a operational / security team, which in many cases you will be, its best to have some technical skills.

As far as EC-Council, yes they have some work to do as an organization. I have found multiple grammar related errors within there official material. I just contributed that to the language/grammar barrier for those who are preparing the test and course material. Even to the multiple attacks to there website, i think they acted carelessly. Some of the tools are somewhat outdated but relevant. Be honest, I bet you there are some un-patched Windows 2000 loaded with IIS 5 or the like within your environment right now that are susceptible to these attack tools & techniques. I think EC-Council objectives are to give you the foundations.

SephStorm

colemic wrote: »

While the CEH is more of a 'practical' exam, that does not mean it is necessarily relevant. Many see the CEH as testing knowledge on outdated tools, attacks, and techniques.

And yes, I am CEH hater, and it's not a bandwagon thing for me. I feel this cert has given me the least amount of practical knowledge, and isn't an accurate description or gauge of someone doing any kind of pen test/security work - some pass this exam and still literally have no idea WHY an attack is successful, or how to defend against it - or if they do, their response is what they learned - to use an outdate tool. And I realize that while that disconnect is true to some degree for every cert, in my opinion it is magnified with the CEH and CHFI, especially with the excessive cost, application fee, and unprofessional grammar/English comprehension on the exam. JMO.

I hear ya on being driven to pass it though and I definitely understand and respect that.

@chivalry1 The CISSP isn't meant to measure technical skills, more managerial/strategic level thinking.

I don't recall seeing many questions had tool output or a question on syntax

I'm wondering where the in depth coverage of Metasploit, PCI DSS standards

See the disconnect? We have been for a while basing our opinions of the CEH on versions 3-7. This isn't the first time i've heard that 8 is a different beast. Maybe we should give ECC the benefit of the doubt that they can actually improve the exam.

Just talked to someone who took v8. They confirmed the presence of both types of questions mentioned before which I certainly didn't see on my exam. (v6)

As for the thought that the tools are outdated? I'm not so sure but i'll try to get more accurate information.

EDIT:

I just uncovered some information, I am shocked at the improvement in v8 vs previous versions. It is my opinion that passing this version requires knowledge of the attacks beyond just the names and even the output of tools. When it comes to tools, I do not believe it focuses on a wide range of tools. I believe the information tested is relevant to someone who should be expected to execute basic attacks. I've... SQL injection, scripts... thats all I will say on that.

I'm impressed.

JoJoCal19

SephStorm wrote: »

See the disconnect? We have been for a while basing our opinions of the CEH on versions 3-7. This isn't the first time i've heard that 8 is a different beast. Maybe we should give ECC the benefit of the doubt that they can actually improve the exam.

Just talked to someone who took v8. They confirmed the presence of both types of questions mentioned before which I certainly didn't see on my exam. (v6)

As for the thought that the tools are outdated? I'm not so sure but i'll try to get more accurate information.

EDIT:

I just uncovered some information, I am shocked at the improvement in v8 vs previous versions. It is my opinion that passing this version requires knowledge of the attacks beyond just the names and even the output of tools. When it comes to tools, I do not believe it focuses on a wide range of tools. I believe the information tested is relevant to someone who should be expected to execute basic attacks. I've... SQL injection, scripts... thats all I will say on that.

I'm impressed.

Yes, I'm starting to think there were more changes with v8 than initially thought. I know I've seen quite a few people here with the CEH talk about how easy it was, however now that you said that I'm curious how many of them took the v7 vs v8.

On another note, I spoke to my WGU mentor and she looked into it and it will cost $300 for a retake as you pay the rate the school pays for the voucher. From what I understand the school will get it for you and you are charged through the bursar's office as added tuition. For now I have to move onto the CHFI, but I will go back to the CEH around the end of July. I'll give it one more go. I'm miffed that I've got to bump the CISM to December now....

zxbane

Wow, Sucks to hear you have to push the CISM back.. But maybe if the CEHv8 is as difficult as some are saying then it might garner more respect from people on this board and in the industry in general. If all go wells you would still end the year with the CHFI, CEH and CISM and could do the CISA early next year.

colemic

I took v7. I haven't looked into the changes made w/ v8... JDMurray took it not too long ago, he might have some better insight. I rag on them probably more than I should. That said, there is no excuse whatsoever for not paying a couple of thousand bucks to a graduate English major - who has no idea what the test is about, or cares - to fix the awful grammar. ESPECIALLY with what they rake in. I see that, and to me, it sets the tone for the rest of the organization, that they don't care about anything except the dollar signs. JMO

emerald_octane

Hey, one other resource that I think is absolutely critical is the Boson exSim for CEH.

CEH + iClass = Golden. The book is good too but you can pass with just those two.

JoJoCal19

emerald_octane wrote: »

Hey, one other resource that I think is absolutely critical is the Boson exSim for CEH.

CEH + iClass = Golden. The book is good too but you can pass with just those two.

You're right on that one. I opted not to purchase it but I definitely will for the next time. I'll be using iClass, Boson, and labbing until I know all of the main tool outputs like the back of my hand.

SephStorm

colemic wrote: »

I took v7. I haven't looked into the changes made w/ v8... JDMurray took it not too long ago, he might have some better insight. I rag on them probably more than I should. That said, there is no excuse whatsoever for not paying a couple of thousand bucks to a graduate English major - who has no idea what the test is about, or cares - to fix the awful grammar. ESPECIALLY with what they rake in. I see that, and to me, it sets the tone for the rest of the organization, that they don't care about anything except the dollar signs. JMO

Agreed, though based on what I saw that appears to no longer be much of an issue, if at all. They of course do still have advertising for their other products in there. "So and so is a CEH and CHFI..."

impelse

Something that help me to pass the CEH is to write in my blog the subjects I always failed or I did not understand well, when I was writing I was trying to explain to a person without too knowledge, mean I really needed to understand before writing, this helped me a lot.

ravencrazy

Sorry to hear about this.

I'm going to take this test soon, i put my registration in a few days ago. I dont have a date yet but when I do I may make it 3-4 weeks from this date, to make sure I understand every aspect of the test. I've been worried about this exam because of all the switches for each of these tools. After reading some of these posts about this test I purchased the Test King tests. Has anyone used this for C|EH V8 and passed. Was it similar to the real test, did it make a difference?

I've also read the AIO and the cert Guide. I have access to SkillSoft at work, I finished that but I can go back to it and review it before the exam.

JoJoCal19

ravencrazy wrote: »

Sorry to hear about this.

I'm going to take this test soon, i put my registration in a few days ago. I dont have a date yet but when I do I may make it 3-4 weeks from this date, to make sure I understand every aspect of the test. I've been worried about this exam because of all the switches for each of these tools. After reading some of these posts about this test I purchased the Test King tests. Has anyone used this for C|EH V8 and passed. Was it similar to the real test, did it make a difference?

I've also read the AIO and the cert Guide. I have access to SkillSoft at work, I finished that but I can go back to it and review it before the exam.

Awww man you wasted money. According to Certguard.com Test King is a braindump. No good man. You need to check out Boson's practice test. That's what I'll be using.

ravencrazy

Usually I use Transenders but they don't have this exam. I didnt realize that there were "bad practice exams". Oh Well. I still have time to correct this.

Lostpacket

Very surprised and sorry to hear about this. That has to be incredibly frustrating.

I used the 1st edition AIO v7 prep materials and found it adequate for the v8 exam but I know there is some 'luck of the draw' as to exactly what questions a person sees on the exam and there were definitely a few I had to just guess at.

One of my prep items was to print out the PCI DSS numbers in a vertical list and then try to fill in each one from memory. After 7 or 8 times I had them down pretty well. I did the same type of thing for the various command switches.

You've got your CISSP so you are certainly no stranger to tough exams. Do you feel the CEH had more off-the-wall questions than the CISSP?

It seems to be the cert everyone loves to hate. While I certainly don't feel passing the exam makes anyone a hacker in any real sense of the word, it does seem to be one of the widely known security certs and as such I think is worth having.

I would skip the iclass and just grab a Sybex book and the Boston practice exams. You were soooo close, you've invested too much time and energy to walk away.

You've got this.