I'm a type of guy that likes to read books and study for a cert on my own pace, so that's why I prefer the via self-study approach as opposed to boot camps. First, because my current employer won't pay for it and I don't have the financial means for paying a full blown course. Second, I learn and retain information better if I study on my own.
So I went ahead and registered to this site. I began to read articles about the subject and also posted questions to the forum in which responses were immediately received. The following links will direct you to the CEH topic forums that helped me with my study:
http://www.ethicalhacker.net/component/ ... 1/#msg2731
http://www.ethicalhacker.net/component/ ... 4/#msg3574
http://www.ethicalhacker.net/component/ ... pic,174.0/
http://www.ethicalhacker.net/component/ ... pic,665.0/
http://www.ethicalhacker.net/component/ ... een,1/#new
I started to study last September by reading the first book (Gray Hat Hacking : The Ethical Hacker's Handbook). This book is a little advance and it talks about vulnerability tools, advance port scanners, programming survival skills and buffer overflow. I began reading this book because I was fascinated with exploit coding, source code analysis and the like, and because I already had 2 years experience under my belt in the security field. If you lack the knowledge of hacking methodology, buffer overflows and pertinent tools then I suggest that you read this book last after reading the other books that I will now mention.
My second book (Counter Hack Reloaded by Ed Skoudis). Awesome book on step-by-step hacking and countermeasure. Ed illustrates and explains clearly on how to ethically hack systems and network in a methodical fashion. If you really want to learn on how to conduct a penetration test and how to defend your network, this is the book. It gives you a clear picture on the methodology that the hacker use to compromise your network.
The other two books that I will now list is mainly focus on the cert itself. After reading Ed Skoudis' book you should have a clear understanding of the hacking methodology, these books will focus the main objectives of the CEH to help you pass the exam. For a detail explaintions on CEH and it's objectives, I recommend (Certified Ethical Hacker Exam Prep (Exam Prep 2)). This is book is far way better compared to EC-Council official courseware. The book help grasps knowledge of network penetration testing skills. Please be advice though, there's lots of typo errors some misinformation. Just read carefully and if you find something that you don't understand or confused about, research your question or post your inquiries to the forums. I did purchase CEH(v5) courseware but I only read half of it because there was to many information to read and for you to remember. It did not help me accept for the lab manual and tools that came with the cd. However, in my exam there were only few tools that I was asked about. The courseware in my oppnion is only good for reference. If you have the money and would like to add it to your library then go ahead and buy it but other than that you can definitely pass the exam without it. The second book focusing on CEH which I highly recommend is the (CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50). This book really narrows down what you need to know to pass the CEH exam. It's concise, covering all exam objectives and it's officially endorsed by EC-Council. This is book is a must have. Some of the practice questions that came with the review guide especially from the cd rom was ask in my exam.
So basically these are the books that I read for the exam. As I was reading these books I created a virtual lab at home and practice the tools mentioned in those books. This will really help for the exam as you will definintly remember the commands and switches when ask in the test. Now even though I created a virtual lab I was compel to enroll the Offensive Security 101 class because of the course price and earning an additional certification just by taking their hacking challenge exam and at the same time practice the tools and methodology for the CEH exam. Man, this couldn't have come in a better time. The Offensive course helped me apply my hacking skills that I learned from reading the aforemention books and from the course itself. I consider this to be the best hacking course out there for the money. For my complete OffSec 101 review please refer to the following link:
http://www.ethicalhacker.net/component/ ... ic,1152.0/
As for practice test is concern, I purchased TestKing CEH practice test since I heard good things about it. The product came with 458 312-50 downloadable exam engine and a downloadable, printable exams (in Testking iPad format). This played a big part of me passing the exam as well as practicing the test questions that came with CEH focus exam prep books. The practice tests helped me evaluate my understanding of the material and enforce my preparation for the exam. Check the following for more info:
To sum it up, it took me 8 months of preparation for the CEH(v5) exam via self-study and compared to a boot-camp sessions I know that the majority of the people will choose this route instead. But let me tell you that it is all worth it and I can't tell you how much I learned during the course of my studies. At the end, I earned two certification and only spent less than $800 not counting the official courseware from EC-Council (which really did not help me in this case) and including Offensive Security 101 course. I think you can't go wrong with the strategy that I took. Anyways, I hope this information that I hand before you will help you earn the Certified Ethical Hacker certification and I would once again like to express my gratitute to EH-NET site creator Don and it's wonderful members for an excellente site. Thank you.
Additional info with regards to the CEH(v5) exam:
In the exam I had a lot of questions on snort, nmap, honeypot, firewall and tcpdump logs. Make sure you know how to interpret these. Know how to read code, for instance, C, ASP and bash scripts. There were multiple questions on buffer overflow, SQL injection and such. As for the hacking tools, in my exam there only a few such as nmap, hping, snort command line and ettercap. Just follow the (CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50) and read about the tools described in this book. As a matter of fact, this book really hit the spot and informs you what you should expect from the test. Know your ports such as (21(ftp), 23(telnet), 389(ldap)).
Overall the test was diverse in its entirety in terms of the questions being ask. I considered the CEH(v5) to be a good test.
For all future candidates, good luck