Off the top of my head, the main reason you would want to study more for the CEH is the fact that the GIAC stuff is open book over the web and your only tested on material directly from the books. Whereas the CEH covers a lot of tool specific stuff, like switches or flags, that if you don't know it right away your not gonna guess it.

When I took the exam a month ago, I was surprised by the number of questions dealing with:

-Snort Signatures (what does the following sig detect? which of the following sigs would you use to detect x? etc.)
-Packet Analysis
-What programs are used to do what (Loki is use for what?)
-Poor interpretation of the English language

G'luck!

Hi All,

Well I passed the CEH exam with an 82% not great but I spent about 8 hours studying for the test after passing my GCIH.  It is funny though the previous write up on the forum with the CEH study guide made it sound like I had the same exam.  THOUGHTS:

About 1/4 of the test was log reviews. Snort/tcpdump/etc.
NMAP and all the associated switches was huge maybe 15 questions
I used the CEH exam study guide (condensed book) and Testking practice tests and about 25 questions were exact duplicates on the test.

Over all I felt cheated some what by the test.  It has a sense of almost being something valuable, it has a good breadth of knowledge but it is such a patchwork that it doesn't really seem to accomplish anything.  Pretty much what most have said here on the forum.  Since I had already scheduled the test before finding this forum, I didn't put much effort into studying for the test.

Now onto completing my paper for the GCIH gold and trying to run through the GCFA material.

Cheers,
Jack

Congrats bigwhiff, 82% isnt bad at all.