+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 26

Thread: CEH Pass

  1. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #1

    Default CEH Pass

    Man, I thought the CWSP was bad... This exam is way too broad to cover the objectives in the detail it does.

    I used the Wiley, Sybex, and Exam Prep books for my CEH-specific resources, and I added Hacking Exposed (sixth), Pen Testers Open Source Toolkit, Gray Hat Hacking, OSCP course materials, and various others, and I was still coming across things I hadn't even heard of. I can't go into detail, but I'm failing to find any mention of a couple of tools in their course outline (which is already enormous) that I received multiple questions on. The rest of the exam was all over the place. You'll be asked for a basic definition of a Security+ term one moment, and then you'll be required to analyze c/perl/shell code the next. I thought about half the questions were well done, and the other half made me swear at my computer (I was fortunately the only one in the room).

    I managed an 84% overall, and I took about two of the four hours allowed. Self-studying for this one would be a ***** without experience and a lot of solid knowledge in many different areas.

    I'm going to try to wrap up the Offensive Security OSCP and OWSP by the end of the year. I've already gone through the materials once; I just need to work on the exercises again and take the challenges.
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,810

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #2
    Nice! Congratulations! Glad to see you finally get a certification under your wings young grasshopper.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
    Reply With Quote Quote  

  4. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,462

    Certifications
    GCIH, CCNA, MCTS
    #3
    Congratz...


    Out of curiosity how did you qualify for the exam? I figured you just started security work this year.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #4
    Thanks guys.

    Quote Originally Posted by veritas_libertas View Post
    Out of curiosity how did you qualify for the exam? I figured you just started security work this year.
    My current position is 100%. However, security has been intertwined with everything I've done the past 3-4 years. I've designed and implemented new AD domains, written security policies, setup file servers with share/NTFS ACLs, VPNs, patch management/WSUS, anti-x, RADIUS, some physical security stuff, locking things down with group policy, programmed a PHP/MySQL project management system (not only accounting for web attacks but also included security functions to give different users different rights), IIS and Exchange security and SSL, wireless, disaster recovery/business continuity, end-user training, etc.

    I just sent them an email that outlined what I had been doing and they apparently thought that was acceptable.
    Reply With Quote Quote  

  6. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,220
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #5
    Whoa, congratz on the CEH too!

    I'm starting the OSCP course next week; I'm really interested on how and what you do with the exam.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Nov 2008
    Location
    Florida
    Posts
    259

    Certifications
    some
    #6
    Congrats on the pass!
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #7
    Quote Originally Posted by JDMurray View Post
    I'm starting the OSCP course next week; I'm really interested on how and what you do with the exam.
    I'm glad I only bought the one month of lab-time at the onset. It will cost an extra $50 overall when I add the second month, but I prefer to have the time off. I'd rather work on the material leisurely at my own pace and then hit the lab hard when I feel better prepared. I might wrap up a few other misc things in December and hit the lab hard in January. Of course, that's just me. The ADHD in me likes to study six things at once. If you just like to focus on one thing intensely at a time, the two-month package would probably be fine for you.

    I'll probably shoot for the OWSP in a couple of weeks. The course is good overall, but it's almost entirely based on WEP, which I found to be a bit disappointing. This challenge is much less involved and you need to own 3 routers in 3.5 hours. I might as well buckle down with the wireless security a little while longer and get that one out of the way while things are still fresh.
    Reply With Quote Quote  

  9. Senior Member davidspirovalentine's Avatar
    Join Date
    Nov 2008
    Location
    Port Moresby, Papua New Guinea
    Posts
    341

    Certifications
    MCP (70-270), CCENT, CCNA, CCNA:Security, CCNA:Voice, CCNP, CCIP, Linux+, CWSE, Project+, Enterasys Certified Specialist, MCSA 2012, PCMP, CMNA
    #8
    Congrats on a splendid achievement!!! You should be proud of the great work you put in not only to get the CEH but in the preparation towards it!!!!

    84%!!! Relax man you nailed it! Especially when you consider the broad topic range (as you mentioned).

    Congrats Again!!! I guess you have the rest of the year all figured out. Should you keep with your schedule, any BIG plans for 2010 that you wanna share? Like you always say "GO BIG OR GO HOME"...lol

    Kind Regards,
    David
    CCIE Written: 01/12/2012 - passed
    CCIE Lab: 22/12/2013

    The countdown begins...
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #9
    Quote Originally Posted by davidspirovalentine View Post
    Congrats Again!!! I guess you have the rest of the year all figured out. Should you keep with your schedule, any BIG plans for 2010 that you wanna share? Like you always say "GO BIG OR GO HOME"...lol
    Have you seen this thread? 2010 Certification Plans

    I'm going to do as many SANS exams as is economically feasible, along with the CISSP and possibly the CCNP. My major focus is going to be finishing my psychology degree. I've been working on it off-and-on for around 8-9 years, and I have three classes left, and then I need to test out of two years of Japanese. That latter task might fall back to 2011 though.

    I actually didn't even stick to my end of year plans for an entire day. I got through about 1/5 of the CCNA:S book last night, and I'll probably take that in a couple of weeks. With a fresh CCNA and all the other security studying I've been doing recently, it's mostly just been review.
    Reply With Quote Quote  

  11. One Man Wolfpac NetAdmin2436's Avatar
    Join Date
    Mar 2008
    Location
    Minnesota
    Posts
    1,078

    Certifications
    AAS in Computer Networking, MCSE 2003, Network+, Security+, A+
    #10
    Congrats dude!
    Reply With Quote Quote  

  12. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,220
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #11
    Quote Originally Posted by dynamik View Post
    I'd rather work on the material leisurely at my own pace and then hit the lab hard when I feel better prepared. I might wrap up a few other misc things in December and hit the lab hard in January.
    It looks like the 60-days lab package is best for you then. I'm going to be spending all of this month learning how to "own root" from the online labs and doing little else (except playing Torchlight ). You have up to 90 days after completing the labs to take the exam, so I'll probably take the exam in late March after some further independent studying.

    Quote Originally Posted by dynamik View Post
    I'm glad I only bought the one month of lab-time at the onset. It will cost an extra $50 overall when I add the second month,
    It'll cost you an extra $200 overall if you buy an additional 30 days. You'll save $50 if you just buy the 60-day package upfront.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #12
    Quote Originally Posted by JDMurray View Post
    It looks like the 60-days lab package is best for you then. I'm going to be spending all of this month learning how to "own root" from the online labs and doing little else (except playing Torchlight ). You have up to 90 days after completing the labs to take the exam, so I'll probably take the exam in late March after some further independent studying.


    It'll cost you an extra $200 overall if you buy an additional 30 days. You'll save $50 if you just buy the 60-day package upfront.
    Yea, that's what I was saying. I bought 30 days (which have elapsed) for $550. I'll add another month in 2-3 weeks, so my total for 60 days will be $750 instead of $700.

    I can do a lot of lab work on my own stuff, but they have specific challenges in their lab that you apply to your overall score for the certification challenge.

    The exploitation section is what's slowing me down. I have a good handle on pretty much everything else. As soon as I get that down, it's back to their labs and the challenge!
    Reply With Quote Quote  

  14. k-r4d l33t 1nf0s3c g33k unsupported's Avatar
    Join Date
    Jan 2009
    Location
    407
    Posts
    191

    Certifications
    CISSP, GCIH, GCIA, C|EH, Security+, Network+, MCP
    #13
    Congrats!!!!!!
    Reply With Quote Quote  

  15. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Location
    Melbourne, Australia
    Posts
    1,985

    Certifications
    B.Sc, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #14
    Congrats !!
    ‎"After the earth dies, some 5 billion years from now, after it’s burned to a crisp, or even swallowed by the Sun, there will be other worlds and stars and galaxies coming into being — and they will know nothing of a place once called Earth." - Carl Sagan.
    Reply With Quote Quote  

  16. Senior Member impelse's Avatar
    Join Date
    Dec 2006
    Location
    Houston, TX
    Posts
    859

    Certifications
    CEHv7, CCNA, Security+ 70-290, 70-291 CCNA:S
    #15
    Congrats.
    Blog: http://blog.thehost1.com/
    Online backup: http://www.thehost1.com/
    2013 Goals: CEH: Passed CISSP: Working OSCP:Pending
    Reply With Quote Quote  

  17. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,220
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #16
    Quote Originally Posted by dynamik View Post
    I can do a lot of lab work on my own stuff, but they have specific challenges in their lab that you apply to your overall score for the certification challenge.
    I've talked with a few people who've gone through the course and you definitely need the online labs to do the regular work too. I assumed that I would already have most of the hardware and software to do the labs myself off-line, but apparently there's a lot of necessary, specialized materials in their virtual environment as well.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #17
    Quote Originally Posted by JDMurray View Post
    I've talked with a few people who've gone through the course and you definitely need the online labs to do the regular work too. I assumed that I would already have most of the hardware and software to do the labs myself off-line, but apparently there's a lot of necessary, specialized materials in their virtual environment as well.
    Not really. I just went through my guide again to verify, and I only found three potential things I can't do.
    1. Exploit Ability FTP Server - I absolutely cannot find the old version that they used
    2. Experiment with Core Impact - It's cool but you can't use it in the challenge and we don't use it at work
    3. Vulnerable Web App - Although I could write my own or do something similar with Damn Vulnerable Web App
    Their lab is definitely cool, but those are a small portion of their 400-page manual. You can do the vast majority on your own.
    Reply With Quote Quote  

  19. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    2,843

    Certifications
    BS-CST EMT-B MPSC Security+
    #18
    Congrats! Couldn't agree more about the topics being all over the place. I've been looking at the OSCP, but I worry it isn't well known enough yet. I've got a laundry list of certs to finish, plus side projects I'd like to do. Just not enough time in the day, plus have the battle the disease called laziness!
    WIP:
    Securitytube Python Scripting Expert
    MS in Applied Computer Science - DSU - Applying
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    676

    Certifications
    Most Recent: CISSP & CCDA
    #19
    Quote Originally Posted by the_Grinch View Post
    Congrats! Couldn't agree more about the topics being all over the place. I've been looking at the OSCP, but I worry it isn't well known enough yet. I've got a laundry list of certs to finish, plus side projects I'd like to do. Just not enough time in the day, plus have the battle the disease called laziness!
    Dead on it's a niche market cert. You get it to improve your skill won't do much for your resume. I'll also have to find time to get to it sometime next year. Hopefully february.
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #20
    Quote Originally Posted by the_Grinch View Post
    Congrats! Couldn't agree more about the topics being all over the place. I've been looking at the OSCP, but I worry it isn't well known enough yet. I've got a laundry list of certs to finish, plus side projects I'd like to do. Just not enough time in the day, plus have the battle the disease called laziness!
    I think it's fairly well known in the circles where it matters. This is especially true now that Offensive Security is supplanting Milw0rm as the exploit database. I'd be very skeptical of any organization that employees offensive security techniques and isn't familiar with them. Honestly, I'm doing it more for the knowledge than the certification. They have a more advanced one (that has a long waiting list) that is even more obscure, and I can't wait to take it. That might be a project for 2011 though...

    Edit: Well said GA
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Nov 2008
    Location
    Florida
    Posts
    259

    Certifications
    some
    #21
    Quote Originally Posted by dynamik View Post
    I think it's fairly well known in the circles where it matters. This is especially true now that Offensive Security is supplanting Milw0rm as the exploit database. I'd be very skeptical of any organization that employees offensive security techniques and isn't familiar with them. Honestly, I'm doing it more for the knowledge than the certification. They have a more advanced one (that has a long waiting list) that is even more obscure, and I can't wait to take it. That might be a project for 2011 though...

    Edit: Well said GA
    I like how they setup the registration for OSCE.

    The "Cracking the Perimeter" Online course is not an introductory security course. Many pre-requisites are required, such as good familiarity with a Ollydbg, and a general mastery of offensive network security techniques.

    In order to register for the course you must bypass the protections implemented in this registration form and obtain a 16 Byte Registration Code . You will get further instructions once you obtain the registration code.

    Use of automated scanners will result in a 3 minute block from the website. No exploitation or vulnerability scanning is required to bypass the form. Use the source Luke!
    Offensive Security Online Security Training Challenge
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #22
    Interesting, I hadn't tried to register before since I haven't done the OSCP yet. I got through the first part in a few minutes, but now it's looking like it's going to be a long night
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Mar 2007
    Posts
    12,320
    #23
    W00T! Got it!

    Awww... now I feel obligated to do the OSCE...
    Reply With Quote Quote  

  25. Console champ of TE Mrock4's Avatar
    Join Date
    Nov 2004
    Posts
    2,327

    Certifications
    CCDA, CCNA, CCNP, CCIE R&S, Security+, CISSP, SCP #2235, CCNA: DC
    #24
    I'm late, but I wanted to say congrats on the CEH too. After I finish the CCNP in a couple of weeks, I'll either be going on to the CCNA: Sec or the CEH..lately I've been immersed in pen testing labs via VMWare and reading Hacking Exposed (6th edition)..so it seems natural to move on to the CEH.

    Best of luck with your aspirations..I feel some of your pain. I'm trying to finish up my B.S. in the next 18 months, which means I'll be taking too many classes, while still trying to move forward with certs, and have twins on the way!! Again, best of luck..stay motivated
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Mar 2006
    Location
    The Internet
    Posts
    586

    Certifications
    See Signature
    #25
    Congrats Chief - Nice work!
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks