Certified Ethical Hacker
I recently passed EC-Council’s CEH v9 exam. It was my first experience taking a certification exam.
I spent 5 months or so studying off and on, but didn’t really buckle down with my efforts until the last two weeks.
CEH Study Materials
Here is what I used. I’ll provide a short breakdown of what was essential and what I wouldn’t bother with if I had to do it again.
- The official self-paced online course. It consists of pre-recorded videos and a lab environment where you can interact with virtual machines of various operating systems including Kali Linux, Android, and Windows and Windows Server. It is rather expensive.
- Skillset. Tons of practice questions of varying quality. It also has basic CLI-only Linux labs, and some video training modules.
- Boson. ExSim Max for CEH v9. High quality practice questions with thorough explanations for each answer.
- Transcender practice tests. Like Boson, sort of.
- CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker.
What about CEH v10?
CEH v10 is on its way, but it may be a while before they start testing people on it. I figure the majority of my resources below will still apply to CEH v10. You could always just pay for a month of Skillset Pro to get the exam-pass insurance if you want to be on the safe side.
I would recommend scheduling your test ASAP if you’re feeling decently confident about your chances. The exam might be easier than you expect!
People are still reporting getting v9 exam content as of April 5, 2018.
What Was Essential to Passing the CEH Exam
#1] The Matt Walker book and practice tests
This book was excellent and a great return on my time investment. It got right to the point and covers the important topics without much filler.
I started reading this later on, (with about 2 months left in my studies) but wish I had started with it immediately. It would have saved time with guessing my way through some levels of the Skillset and Boson practice questions. It really would have made things click sooner if I had just started with this book first.
I made notes of all the “exam tips” and other items and came back to them later. I ended up with about 40 pages of notes to review in the last days before the exam.
Make sure to download the Total Tester practice tests. There is a link in an appendix at the end of the book.
#2] Skillset
I practiced endless questions, thousands of them, until the concepts stuck in my head. The free tier has some annoying nags that waste your time but you can answer all of the same questions as the pro option.
If you pay for a pro membership and reach 100% “readiness” and still manage to fail your CEH exam, they’ll buy you a new exam voucher. I went with pro for the month of my exam solely for this insurance. With the imminent release of CEH v10, I didn’t want to take any chances with getting an exam full of topics I didn’t study for yet. Pro also included some other perks that I didn’t use much.
If you want the insurance make sure you do the short answer questions on Skillset first as it can take several days for them to be graded. Getting your short answers graded is necessary for reaching 100% readiness.
What Was Very Helpful
Boson
This was harder than the exam itself.
It helped to re-enforce the concepts to the point where I was confident I would pass the exam on the first try. But if my goal was only to pass the exam and not actually learn this stuff, I could have skipped using this.
One major drawback of Boson is that you have to install it on a Windows PC. There is no web interface. With Skillset, I was able to bang out some practice questions on its web UI using any device. You can’t do that with Boson. You’ll need to actually sit down at a real PC and dedicate more time to it.
What I Could Have Skipped
The official course and courseware!
I was quite disappointed with this considering how much it costs.
Official Videos
The videos were OK, but I would not consider them necessary for passing the test or even learning these topics. I played them all at 1.5x or 2x speed to save time. They mainly consisted of explanations of key slides from the courseware and some demos of the iLabs exercises.
Official Labs
The iLabs were poor. They had a strange focus on obscure Windows hacking tools that will probably never be used in the field. I figure most of these aren’t testable.
The Windows tools used in the iLabs were not pre-installed, so every lab began with clicking through installation wizards and waiting. They should have installed everything first to make more effective use of our time.
There is no verification that you completed any of the steps. After a while I simply viewed the screenshots for each step and hit next, next, next rather than performing the actions. This was enough to get the gist of what was going on.
I had hoped for more training on the big name tools in Kali Linux and thought I was going to get it for this price tag. Bummer.
Official Courseware
The courseware was ~2360 pages of filler and clip art! The reader software they provide to cut through their DRM was clunky, and made the text uncomfortable to read for more than a few minutes at a time. I wasn’t able to do much more than skim through this.
Transcender
I also would have skipped Transcender. The other testing engines were better and/or closer to the test. Transcender had some quality issues with the questions, and way too many screwy “select all that apply” questions which the real exam did not use. Save your money.
The Exam Itself
It turned out to be easier than I expected. But it’s entirely possible that it was easy because I over-studied.
The Matt Walker book warned throughout that there is a lot of stuff you’re just supposed to “already know” to be a CEH (OSI model, subnetting, etc.) He warned that this exam is difficult and should not be your “virgin experience” with a certification-level exam. I did not find these claims to be true after all, though they did make me study harder than I would have otherwise. My networking knowledge was my weak point going in to the test, but it did not matter.
ProctorU
I took the test online through a service called ProctorU. They watch you on a web cam, listen on your microphone, and view your screen to make sure you don’t cheat. It was a little awkward but not too bad. I would probably use that service again in the future.
I scored 89.6% after they applied the final weighting to the questions. You need over 70% to pass.
Audits
They allow you 4 hours to answer the 125 questions. That should be way more than anyone would ever need.
Some people who finished the exam relatively quickly (in under 1 hour) reported that they were getting audited by EC-Council. I was done in about 45 minutes, so I spent another 20 minutes carefully reviewing all of my answers before submitting. I was not audited.
If I Had to Do It Over Again in Minimal Time
I would have spent much less time on the fluff (pretty much all of the official course content) and would have focused on the following:
- Matt Walker AIO book cover-to-cover plus the practice tests
- Skillset to level 4 or 5 in each topic. Reaching 100% readiness took too long and involved too many repeated questions. I would not bother with pro unless you’re under a severe time crunch and not feeling fully confident in your chances.
- Boson to a score of 80% or better on each practice test. Some people say you can get away with 70% or so since it’s harder than the real test.
What’s Next
OSCP! This looks like a blast. I’ve been practicing rooting Vulnhub VMs and will post some walkthroughs soon.
Congrats on conquering the C|EH exam! I am attempting next week. Used mostly skillset pro 101% (average 78% on test engine) , sybex test prep and today I got the Matt Walker book (on your recommendation). Thanks for your post it was a good read.
Cheers,
Mike
Thanks for responding. Sounds like you’re in good shape for the test. If you don’t finish the Matt Walker book in time, I’d at least recommend scanning for all the “Exam Tip” blocks throughout. Those were gold.
Good luck!
how the eligibility to take the exam? ..how much is the protorU exam voucher?
That should all be in EC-Council’s FAQ
Hi Jon,
I am completely new to the field of IT itself, having worked as a qualified accountant for 5 years, I am looking to learn further about ethical hacking. I was advised to cake CompTIA network, technician security first prior to study material for CEH. Not entirely sure if its due to sale since it was a sales person insisting I take more courses and increasing the price obviously as each one became a top up.
My question really is, is there above necessary to complete before going through study material for CEH? another route I was advised was ISO27001 and CompTIA security + prior to studying CEH. I would be grateful if you could advise what would be the best approach and how long in general would you believe it would take someone to complete the course and sit the exam? a tution provider informed me I could complete all the above in 200hours if I spend the time with them and will be prepared enough for any of the exams.
let me know your thoughts.
Kind Regards
Ali
Hello Ali
If you are new to IT, ethical hacking will prove to be difficult. It’s usually something that people pivot to after several years of experience in a more traditional IT role, such as system administration, networking, or software engineering.
That said, it’s certainly not impossible to pass multiple choice certifications like the CEH without experience if you study hard enough. 200 hours of study may or may not be plausible. You could always use the Skillset guarantee for a safety net.
But, I probably would not recommend anything from EC-Council if I had to do it over again. They charge too much, and don’t have a lot of respect in the industry. “Certified Ethical Hacker” sure sounds cool to the uninitiated, and it may get you past some HR filters, but that’s as far as it goes in regards to turning you into a real ethical hacker. The real ethical hacking cert is the OSCP. But that will require more IT experience than you have to even get started with it.
I haven’t taken Security+ but from I hear it’s about on par with the CEH difficulty level, and is much more affordable.
Keep an eye out for CompTIA’s beta exams. This year I’ve snagged PenTest+ and Linux+ for $50 each.
“The courseware was ~2360 pages of filler and clip art! The reader software they provide to cut through their DRM was clunky and made the text uncomfortable to read for more than a few minutes at a time. ”
The reader software they provide is clunky and made the text uncomfortable to read for more than a few minutes at a time.
This is the problem I have right now and get very little help with this
I don’t think you’re missing much if you don’t bother reading the courseware.