On July 10th I passed the CEH with 105/125 questions right and this is the write up to the exam and certification.
I got really interested in the CEH because it was a well known certification and the syllabus really interested me.
I also had a ton of recommendations online and from people in this industry saying that the CEH was a really good beginner level security certification.
Details about the exam and course:
I bought the course from the EC-Council website. There are certain requirements if you want to take this certification.
You should either have 2 years experience or buy their online iClass to attempt the exam. As I did not have the required experience I bought the online course.
The EC-Council website and how everything works with them is very confusing and I got very confused at times. But thankfully, the customer support answered all my questions and guided me through the buying process and the registration.
The course costs $1100 USD in India but I bought the course during the Black Friday sale in November of 2019 for $700.
I did not use the iClass material and used the materials suggested by Reddit (r/CEH).
Materials:
1. Matt Walker All-in-One Exam Guide
This was such a good book. It is well written with everything you need for the exam. This book also keeps you interested with lots of real life experiences and stories that doesn't bore you too much.
Matt Walker has done a great job in giving only what was needed for the exam. This book alone wont help you pass, but it is a huge factor in it.
It took me around 2.5 months to read the book completely. I read the book completely twice as I didn't want to miss anything. I took lots of notes with a pencil and a note taking app. I didn't end up using notes a lot because I found better notes online (linked below).
2. Boson Practice Exams
Boson practice exams are probably the best resource I used. They are a bit expensive, with the exams costing $100 but, in my opinion, they are totally worth it. It was very useful.
There are 4 practice exams, that totals to 600 questions. These are really helpful because it tells you why the right answers are right and the wrong answers are wrong. The exams also gives you enough practice you need.
I started taking the Boson exams 10 days before the main exam and scored 78%,80%,82% and 80% on the 4 exams. The real exam was quite similar in difficulty.
3. CyberQ - EC Council
I received these with the iLearn package I bought. I kept this questions and exams for last and took them 3-4 days before the main exam because I had read online that these exams were quite close to the the real deal.
The CyberQ dashboard has questions based topic wise in each chapter and has over 600 questions to practice. You have to get 80% in each topic of each chapter to pass that topic. In the first time taking all the topics, I passed 55 out of 67 topics and had to retake the 12 so that I could get a passing score on those.
The CyberQ portal also has 2 real time practice exams to test you and I received passing score on both those exams. My scores on the CyberQ exams were 94% and 90%.
Around 30-40% of the questions I saw on the real exam were very similar to these.
Around 30-40% of the questions I saw on the real exam were very similar to these.
4. Practicing with a CTF machine(VulnHub)
I wanted to practice using the tools which I had studied about in the book so I downloaded the machines from VulnHub and practiced with tools like Nmap, Nessus, hping, Metasploit etc.
This really helped me as instead of memorizing the switches, I had used the tools so much that I knew the switches and how the worked really well. This helped a lot for understanding how the tools work.
Applying the knowledge practically was really useful and I enjoy doing boxes at HackTheBox and TryHackMe now.
Main Exam:
I had bought the course with the in-home proctor based voucher but decided to change to PearsonVUE test center. The EC Council website has an upgrade for this which will cost you $100.
On exam day, I felt pretty confident but I was still nervous because the CEH is an expensive exam and I didn't want to end up wasting all that money.
The test went pretty smoothly. As questions went on, I felt more and more confident about it. There were 2-3 questions where I had absolutely no clue what the answer was and just took the best guess.
I finished the exam in about 1.5 hours and went through all 125 questions again. I had reviewed all the questions and was ready to submit. I called the person in-charge and hit submit.
PASSED!
I was so happy, I had studied for 4 months and it was totally worth it in the end.
I received the certification in my email around 3 days later.
I have learnt a lot from this certification and can't wait to apply this knowledge and get better.
Whats next?
Now that I'm done with the CEH, I will have to catch up with my university portions and study for the online finals I have coming up.
I will continue to do boxes on TryHackMe as I really enjoy the interactive learning I can do. As soon as I'm done with TryHackMe I will start doing HackTheBox to further expand my skills.
I am also looking into learning more about web app hacking so I can get started with bug bounty.
Useful links:
Boson Practice Exams: https://www.boson.com/practice-exam/ethical-hacking-practice-exam
VulnHub: https://www.vulnhub.com/
TryHackMe: https://tryhackme.com/
Happy Hacking!
Thanks for reading!
AZID
All the best for future 👍
ReplyDelete