Yes, I have the pro version. Started it today.

Dalobo

Thank you. 

I passed!   

Now on to my elearnsecurity.com stuff. 

Dalobo

I spent about 3 hours on the test and then about 30 minutes on review. I did not feel rushed and I did take my time. I passed very nicely.

My experience:

The test was not really that hard, but then I have done my due diligence. What makes it "hard" is just the fact that there is a lot of stuff to memorize.

<removed> I removed my comments - no questions in here but not sure I can talk about some of the issues with the test...</removed>

All in all, not to bad.

My study method.

17 years of security experience ranging from desktop security to my current job as a Systems Admin/Security Admin for a hospital.
AIO book - Read cover to cover, doubled up on what was new to me.
AIO practice tests - OK for the test, but I wish there had been more of them.
CEH review guide + practice test questions.
Official course ware (OCW) - Read all of the slides and doubled up on the ones new to me.
Train Signal's free video training on CEH.
This forum.
Web research on topics I had issues with.
Hack lab to practice using the tools, sniffing traffic etc.
750 flash cards made by me, for me, based on AIO and the OCW.
1 hour at lunch M-F doing Flash cards ~ 3.25 months.
2-3 hours M-F doing flash cards, practice test ~ 3.25 months
8-12 hours Every weekend doing flash cards, reading the books, reading this fourm, SANs white papers, working in the hack lab, and other various sources. ~3.25 months.

I hope this helps someone else who is studying.

Dalobo

Just wondering how much time it took people to do this test. 

I take my CEH this Friday.

After that I have 60 hours of lab time at elearnsecurity.com I might take the eCPPT, but since I bought the labs in Jan, I will not have much time to study/practice before the cert would have to be taken. I do not plan to be a full blown pentester, so I am not to worried if I do not pass or get the eCPPT. It is the understanding and basic know how that I want... to go with a CISSP. If I feel I am close to passing or just decide I want it, I will just buy the test to take at a later date. Can't hurt to have eCPPT on my business card and resume. 

Later this summer I plan to start on my CISSP. I might not sit for it until early next year though.

I take my test this Friday at 9 A.M.

I am guessing it is like any of the other tests I have taken. I hope it is not as hard as I think it is...

I have put a huge amount of time into studying. I feel prepared.

Wish me luck!

I have my voucher so all I need to do is schedule my test and then go take it.

I have my Net+, Security+, MCP and MCSE. I am wondering what, if any, the test taking experience differences are between them and the CEH.

Any helpful test taking advice that would only apply to the CEH cert?

Thank you,

Dalobo

While not directly related to the CEH, Security Now! www.grc.com/sn is a great security podcast. It helped me to ace my Security + certification. There is a lot of good information in there on encryption, DDOS protection (He was DDOS many many years ago), how TCP works at each layer, etc. There is over 6 years of podcasts there. 1 per week. They are on #397 as of this posting.

If you want some good free CEH training videos, check out http://www.trainsignal.com/blog/tag/ceh

I would suggest the All In One book as a good source as well.

Good luck,

Dalobo

Congrats. I am glad to hear you did not think it was as hard as you had heard. This is comforting as I just got my voucher and will be scheduling my test next week! This certification is to expensive to fail!  

What I used to study:
1. AIO book - read cover to cover and note carded highlighted points that were new to me. I went back and re-read areas I needed work in.
2. CEH official review guide. Read cover to cover, went back and covered areas I was week in. I also note carded areas that seemed to be stressed.
3. Practice questions from AIO and from CEH review guide.
4. 7.1 Official courseware - Note carded new stuff to me as well as stuff that AIO/CEH Review guide called out.
5. Years of security background/experience.
6. Over 740 note cards I created and memorized/learned-understand the concepts.
7. Free TrainSignal videos at http://www.trainsignal.com/blog/tag/ceh
8. Three months of intense study. - 1 hour at lunch at work in study room, several hours each night at home. 7-8 hours each weekend day.

Once I pass (*knocks on wood*), I will be doing my elearnsecurity.com professional course (60 hours). Not sure if I will take the certification or not. I am very short on time - less then 1.5 months before I "have" to take sign up for it. After that, I hit my studying for the CISSP hard.

Dalobo

You have to have a supervisor vouch for your two years. Also, you will need to have a non free email address to apply. No hotmail or gmail, you have to have a business email address such as jdoe@microsoft.com or jdoe@ibm.com, etc.

Dalobo

#1 Good question. I will be doing more testing this weekend. I think it might be the VM I am using so I am going to try it on a different VM.

#6 I have done a packet capture and I get this:

192.168.1.10 -> 192.168.1.15 TCP MICROSOFT-DS
See attached.


I guess the way I looked at it was it was not NetBIOS, but a new way of doing SMB traffic. Everyone here is saying it is still NetBIOS, just on a different port.

Thank you,

Dalobo

That is what I figured... show me the money! I am not sure why they charge so much for the certs, let alone an application fee, other then to pad their pockets.

Dalobo

#1 I am not sure what I am doing wrong I just get a blank screen. I am going to try this on a different Linux VM and see if that changes things.

#2/3/11 I am going to load up Windows 2000 and give it try against it. I am doing these on VM's in an ESX environment, but I would not think that would cause any issues. I am guessing it will work on 2000 or NT 4.

#5 Still has me a bit lost. I guess I am not grasping it. I will re-read the article.

#6 I read that article, but it talks about Windows 2000 which is a very old OS. It does not mention 445, hence the reason I said 445 is not a NetBIOS port. Does the CEH say otherwise??

#8 I have that one figured out now. It was just a stupid mistake on my part.

Thanks for all the help!!

Dalobo

The other threads about this are over a  year old, so maybe somebody has more info now.

Why do I have to pay an application fee to be approved to take the CEH cert?

Is this just a money thing, or are they doing a background check to make sure you are not some sort of criminal? (Hacking). I have nothing to worry about, but I am curious. I am guessing it is a "we want your money since you studied on your own and did not buy our books/courseware." thing.

I have been told it takes up to a month after applying to be approved to take the cert. Can anyone verify this, and if true, why is that?

When I go to their site, and click on the link to fill out the application, it takes me to a different page with a huge list of things to buy. Anyone have the correct URL?

Trying to use their contact link gives this error!
While trying to retrieve the URL: https://www1.2checkout.com/cgi-bin/contactsales.2c?

The following error was encountered:

Connection to 192.168.0.120 Failed
The system returned:

    (111) Connection refused
The remote host or network may be down. Please try the request again.

Your cache administrator is webmaster.
Generated Sat, 23 Feb 2013 23:01:04 GMT by proxy.2checkout.com (squid)


This is from the contact us just under the homepage link on this page:
https://www.2checkout.com/2co/buyer/orderpage?sid=51789

Thank you,

Dalobo