Taking CEH on Saturday. Any words of wisdom?

Hey guys. I've been completely stressing out about the CEH exam as I'm taking it in 2 days. I was wondering if there were any words of wisdom from those who have gone before me?

Currently, I've read Matt Walker's AIO book cover to cover a few times, I've done a ton of training through groups like cybrary and making my own home lab. I actually worked as a linux admin during heartbleed, shell shock, and poodle so I had to figure them out and fix them, and right now I'm consisitently scoring 80-90% on skillset, the ECC practice, and any other practice exams I've done.

Should I be worried about anything in my last 48 hour cram? Particular places to focus? Weirdness in the exam itself? Quirks, etc?

Like I said, I'm just kind of stressed having seen so many people crash on this thing. I want this, not because I know the questions, but because I know the material. I've worked my ass off for a long time and this can get me further in the door to where I want to be.

Hope all is well with you, and I'll let you all know how I do!

Find more posts tagged with

Comments

danny069

I postponed my exam until January, but I've heard you also want to read up on the hard drive failure rates, risk management ideology, nmap, etc. It's great that you had experience with heartbleed, shellshock, and poodle too. Good luck to you and looking forward to reading about your pass!

tomatotux

Thanks Danny! I'm hoping to be posting a pass rather than a massive string of expletives, lol

E Double U

I would wish you luck, but a massive string of expletives would be more entertaining than a passed post.

tomatotux

Tell you what, I'll post the string of expletives either way. That way everyone is happy and entertained. I'm like a Tarantino film on a timer!

DAVIS NGUYEN

Best of luck!

Uniquewarlock

I failed recently and I saw a pretty big focus on Cookie/Poisoning/Harvesting, XSS, Firewall states and SQL Injection in general. When you do pass if you could confirm anything and throw some notes to us fallen few, that'd be amazing

ITforyears

I passed two days ago and know your NMAP switches and policy as well. Some questions are common sense and you can easily deduct some wrong answers. I finished in 90 minutes, so take your time; stand up and walk around. At times, you think you are not doing so hot on the test and may be surprised by the result if you do pass. Good luck.

ITforyears

I was totally lost on that ALO/SE computation question. I guessed that one.

tomatotux

Thanks everyone. I'm reading a book on the nmap functions and switches right now, and will read up on SQL injection and cookie based attacks. I'll review the firewalls, but right now I'm a firewall engineer, so I'm not super worried about it. I'll let everyone know which way it went tomorrow! Ill keep checking back if anyone thinks of anything else!

E Double U

tomatotux wrote: »

I'm reading a book on the nmap functions and switches right now

Skip the reading. Just download Nmap.

tomatotux

I've been working with nmap for a long time to keep an eye on hosts on my network. I'm more concerned about know the weird and obscure commands and knowing the hows of what it does.

CBMiller18

tomatotux wrote: »

Thanks everyone. I'm reading a book on the nmap functions and switches right now, and will read up on SQL injection and cookie based attacks. I'll review the firewalls, but right now I'm a firewall engineer, so I'm not super worried about it. I'll let everyone know which way it went tomorrow! Ill keep checking back if anyone thinks of anything else!

How did it go?

tomatotux

Sorry for the delay in responding, it's been an incredibly busy weekend and a crazy busy morning here. As per my promise (Mods don't kick me....)

I beasted that motherf*****r!!!!!!!!! I fought the D*** law and I won!!!!! I am now a Certified Ethical Hacker b******s! EdoubleU, will that be enough expletives, hahaha!?

Anyway, the exam was nowhere near as deep as I was expecting, but it was a much broader scope than I anticipated. I couldn't take anything in, including my watch. They had to check my glasses!

The exam only took me an hour and I was out, but they aren't wrong about v8 materials covering most of it. I got a few questions that I knew from outside, but basically if you read the AIO, do some practice tests, read infosec news, and just generally really enjoy this stuff you should be ok. There was coverage of risk assessment which was a bit weird, but the calculator you can use is on the screen so it's no big.

Know the breadth of it, read the questions carefully because in any test sometimes the context will give you hints to the answers and most importantly THINK LOGICALLY!!!!!!!!!! Reason stuff out. Dont get stressed, breath deep and move slowly.

I'm looking forward to seeing alot more passes going forward!

Also, the things I've used to study (I'm broke) were Matt Walkers AIO, Skillset practice exams (Which did nothing to prep me for the questions, but the content gave me some additional info about where I needed to work harder and that made the difference), cybrary.it and security-tube.net for video. I built my own lab using my laptop and vrtualbox and learned that stuff. Keep rocking guys! You got this!

danny069

Congrats! I will slay this beast in January. Thanks for posting your review.

tomatotux

Kick it's ass danny!

Uniquewarlock

GRATZ Toma! Gaaaah I can't wait to feel what all of you are feeling. My failure at the test has taken a toll me. For now, I have questions like I only saw one ALE/ARO=EF question did you see more? Also I'm studying my Wireshark filters, Netcat, and Nmap switches. I guess i'm asking did you see a lot of those on the test? Did you see any Armitage or Dimitry being referenced more than once? Any tool I should get really familiar with before my test in a week?When I took it I felt there was a large focus one Firewalls, SQL Injection, and Cross Site Scripting. Again congratulations on your pass and thanks for the response.

tomatotux

There's the big NDA I had to sign at the beginning so I cant be super specific but there was at least one question in every area of coverage. There were a few areas that went into more depth which related to pentesting and actual security work, but for the more loosely related administrative stuff it went crazy broad but only like 6 inches deep. Dunno if that helps any Uniquewarlock, but I'd be happy to help you get your head around this stuff. PM me if you need!

[Deleted User]

Congrats!

Uniquewarlock

I don't think you can PM in this forum but my email address is miles8358 at gmail dot com

CBMiller18

Congratulations on the pass! Well done.