if you're using braindumps i can't imagine why you're worried about failing......

Didn't really expect that kind of response tbh.

Firstly the EC-Council make no stipulation on braindumps, secondly I think it's a little far fetched and dramatic to call braindumping unethical. Points 3 seems moot as it's a re-stipulation of the questionable point raised in 2

Thank you for posting a lmgtfy link on CEH keywords, I don't find that to be patronising at all... 

Sorry all, I must have stumbled on the wrong forum. I thought this was a community forum for those in the security industry.

Not wanting to enter a discussion about the rights and wrongs of braindumps, for me I don't see it as any different from the past papers I done to practice for university exams. Even the EC-Council are releasing their own practice exams soon 

Certification is a necessary evil in our industry, I think that education and good practical experience is the key in moulding a successful professional, not the answering of a number of random questions on a given subject.

I think we all know that someone who has no knowledge and has just memorised a number of answers isn't going to be best prepared when faced with whatever task they have to do.

Not sure why you responded to my thread at all Seph, if it was just to tell me you wouldn't answer my questions 

Could any mods please advise if my question by its nature is against forum rules etc, as I said in my first post, I'm new to the forum. If braindumping is a taboo subject then I'll desist on posting in this thread.

Thank you

V...

Yawn. What you stumbled upon is a forum for those in the security industry who are "up and comers" and are learning and sharing information to make themselves stronger professionally, not solely to pass an exam. There is a difference. Most here share information about their experiences so that other peers (normally their juniors) can understand security as a practice not a thesis slash theory.


Then why bother taking an exam? Certifications have become bastardized because of far too many people memorizing books, taking exams, slapping a professional title behind their name while not understand an iota of a subject. This is what is synonymous behind the types of answers you will receive when using words like: "brain dumps" to others who dedicate time out of their lives to become true security professionals as opposed to "professional test takers."


Again I ask, then why bother with the brain dumps? In your previous post, you state:



Then the answer and solution is simple, you need to go back and understand slash study the content you're failing on. 60% is really and personally, I wouldn't aim to take any test unless I can average above 95% through at least 5 practice exams or better. This to me states that I understand the core of it while am likely failing at little tidbits like verbiage. The reality for me is, the 5% of the questions I do fail at are not because I AM wrong, but because I view security differently and could have likely written a better question. Not being arrogant, just being truthful.


Braindumping is and will forever be taboo to professionals. You need to think outside of the box so here goes an analogy... "An intern is failing with an average of 60% throughout his or her tests. In an effort to hurry their life/career, they shoot to memorize every imaginable concept/term/idea/theory in order to pass 'that one exam.' After trolling slash searching for answers, they come across the 'gold' they'd been searching for. They take the test, smoke the exam, after all they did memorize everything they could. They're now a doctor - after all, what do you call a doctor who comes in last in their class... a doctor."

Would you want this to be your doctor? Do things like malpractice, etc., come into play? Do you think this would be an effective doctor or a prescription factory doctor who will simply tell you: "Take two of these...", "didn't work? Try two of these then..."

Same holds true for security. Many of us on this forum love and respect the industry we're in. Many of us loathe people for taking "the easy way out." We loathe it because it creates a devaluation of our profession, what many have worked hard to accomplish slash achieve: A piece of paper that states: "We know what we're doing" at least that is what a certification USED to mean. Nowadays because of braindumping, we see "professionals" via way of a title with zero knowledge and or experience. That paper, was only made possible because of moronic brain dumps.

Moderator? Me? Not one, but I think you will find that out of anyone else here, I will call it how I see it without the BS. I am also probably one of the top 10 experienced professionals here with or without a certification. Suggestion... Learn it the right way without the use of braindumping. Otherwise, you're cheating and lying to yourself, your potential employer and other professionals who hold the cert you're aiming to pass.

Don,

Thanks for the reply, I'm sure I'll find my way eventually.

I was really only posting to gauge the content of what I was studying in relation to what to expect in the exams. It seems crazy that on other threads  people talk about exam format and books etc they used to get there but an almighty flaming ensues when the b* word is raised. 

It almost seems like it hits a raw nerve with some posters, maybe those that "doth protest too much"

I have been dancing around the CEH for some time now, I started studying security some time around 2000 and have been involved comercially in security projects, drafting a security policy, have experience with Cisco PIX, ASA's, Bluecoat proxies, Juniper Firewalls, Nokia Checkpoints etc.  I want to adapt my career towards pen-testing and eithical hacking, CEH certification seemed like the next logical step especially after being hit by redundancy almost a year ago.

I'm a qualified CCNP and yes I did get there with the help of braindumps however I have to say that out of a practice pool of 600 questions on the routing exam, not one appeared on the actual exam 

This is partly what my OP was based on - relevancy of testking and sybex questions to actual exam questions.

To the critics of brain dumps, I would defy anyone to state that I'm an any less capable a CCNP than any one of my counterparts. I have over 5 years experience working with organisations such as IBM and HP to prove that.

I'd like to apologise to anyone that my post offended, although I still don't actually see the issue myself. My purpose was never to enrage anyone.

I'll let you know how I get on in the exam.

Thanks for the response.

V...

My route for passing the CEH was reading the courseware. That's really the only study method I used for the exam. Any other experience didn't really come into play as most of the required answers came from following the course books.

My advice would be to read the objectives and study based on those. There are numerous posts here saying they had questions come up that are not in the objectives (and EC-Council is supposed to be fixing that) so be prepared for that as well. The Sybex book basically takes this route of going through the objectives and giving you just enough information. I never tried the practice exams so can't speak for their content or accuracy.

How's this for creating your own experience... VOLUNTEER!!

1. Volunteer for a non-profit
2. Get some other IT job and slowly work your way into more security-related duties. This is another form of volunteering.
3. Volunteer your own money for your own training and your own lab. The best investment is in yourself, especially if it for career advancement which in turn makes you money. $100 in books, $300 laptop for a cheap lab and an internet connection for research. This is a tiny investment for a career that can last a lifetime.

This way, even when going for a junior position or even an internship, you can speak with authority and confidence on the topic for which you want employment.

Some other free ways to get your foot in the door include going to local meetings. The best way to get a job is if you know someone. So go meet someone in the infosec field. Buy them a drink and pick their brains.

These any many other pointers can be heard in my talk "DIY Career in Ethical Hacking." Good thing I made the slide deck and 2 versions of the audio available for free. Check them out:

http://www.ethicalhacker.net/content/category/7/15/24/

Hope it helps,
Don

It's not something I am going to do.  I already have the materials (books,videos) for the CHFI, and then I am taking the CEH/CPT through info Sec.  Class has already been paid for and I am now just waiting on the class to being.  AUG 28-Sept 2.