.

CEH v7.1 Review

<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Fri Mar 02, 2012 5:35 pm

CEH v7.1 Review

Hi all, I just completed CEH this week (finally!).  I took a rather comprehensive approach and tried to include some review of each piece of study material I used to accomplish the cert.  If anyone thinks I say too much or need more elaboration, please comment.


Certified Ethical Hacker v7.1 Review


In December 2010, I was chosen as the recipient of the Global Knowledge monthly giveaway for the Certified Ethical Hacker (CEH) v7 course.  Finally, in February 2012, I completed the CEH exam.  It took some time to reach completion, but I am definitely enriched for the experience.

The following explains my experience and personal reaction to the pursuit each step of the way.

Global Knowledge – CEH 5-day class
I have heard it said that the success of this class depends highly on the instructor.  The instructor for the class did an extremely good job of teaching and bringing real experiences into the classroom.  He rarely read from the slides verbatim, instead he told stories and presented the content through its application.  I appreciated this style of teaching very much.  (I will not reveal his name because I don’t think he’d want me to.)

The class was very appropriate, intended to teach hacking concepts with some hands-on labs that were well designed and beneficial.  Thinking back on the training class, I remember some of the labs we did, the tools we used, and even some of the instructor anecdotes, which actually says more for the class than any review can.  If I can remember these things from 6 months ago, it was clearly memorable.

Global Knowledge did a good job with the class, but now after taking the exam, I would have a hard time saying the class prepared me well for it.  Granted, it wasn’t supposed to be a boot camp, but what I mean is the class probably went too deep for the type of content that was on the exam.  That said, I would imagine it was taught exactly the way EC-Council wanted it taught, so I can still say it was worth attending.

Positives:
  • One student per computer (very important for me, I learn WAY better individually than in a group)
  • Projector used the whiteboard rather than a normal projector screen, which allowed the instructor to write notes “on” the slides
  • Good discount on hotel
  • Nice view from break room
  • Excellent snacks (hey, this shows professionalism!)
  • Class breaks were staggered to avoid interfering with other classes

Negatives:
  • Staying late not allowed
  • Some demos took too long when they didn’t work right away, causing time constraints
  • Mediocre giveaways

Official Courseware
I don’t have much to say about the official courseware.  I did peruse it just before taking the exam to make sure the topics I studied were relevant to the actual material, but otherwise I didn’t pick it up much after the class.

A few things to note about the included courseware package:
  • Books much less cumbersome than previous versions
  • Books in color – Still powerpoint slides, but they were well designed, no explanatory text
  • Laptop bag is functional but not top-notch, more a nice piece of swag
  • Shirt was only available in XL, 2 sizes too big for me

Exam Prep Book – CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker
When I prepare for a certification exam, I spend a lot of time reading.  I wasn’t able to find any exam prep book for CEH v7 until this one came out, so that was my selling point – it was the first one I found.  I am happy to report that I enjoyed the book very much.

After receiving the book, I leafed through it and then checked out the CD to see what was included.  To my surprise, there was a PDF copy of the book on the CD!!  I immediately copied the PDF files to my Kindle in preparation for reading the entire book digitally.

(Brief note on Kindle textbooks:  Reading textbooks on Kindle is a tricky thing.  Sometimes graphs and pictures don’t show up correctly.  It is also hard to skip through large chucks of text at a time and find something you’re looking for.  I tend to read cover to cover, so this method is OK for me, as long as I have the physical book present for reference.  I would not recommend getting a Kindle book unless you know it was actually formatted for Kindle.  Some publishers convert and quickly proofread, but this is not good enough as many intricacies unique to digital formats are not understood well and are missed.  It is also important to note that some of these intricacies are mitigated by using iPad instead of Kindle; I have both and I prefer reading on Kindle in spite of the limitations.)

At first glance, I noticed the book was only 11 chapters, and the topics were in a slightly different order than the official courseware.  For example, Cryptography was presented in chapter 2, while in the official courseware it was covered in Module 18.  This is not good or bad, the flow of the book was appropriate and complete.  It was just an interesting thing to note when I first picked up the book.

I read the book cover to cover, and after doing it that way it felt like that was how it was supposed to be read.  Throughout the book, the author’s consistent use of geek humor and real world examples made the reading smooth and easy, despite being jam packed with technical details.  Especially toward the end, when I found myself feeling fatigued from reading, the author would throw in phrases like “keep going, you’re almost done!” that conveyed a personal, one-to-one atmosphere.  I admire this kind of writing as it shows connection with the audience.

Things I liked:
  • Good use of humor
  • Appropriate examples
  • Intended to be read cover to cover
  • Easy to read
  • Current events are discussed
  • PDF version included

Things I didn’t like:
  • Focus on both exam and real life career (help me through the exam please, if I wanted career advice I wouldn’t look in an exam-prep book)
  • Use of “she” instead of “he” is distracting to me – this goes for the official courseware too.  Not to be politically insensitive, but the VAST majority of the industry is male so please use the masculine pronoun when needed, or just use “he/she” if you care enough to be inclusive.
  • Adobe Reader 7.07 on the CD??  ‘Nuff said.

LearnKey MasterExam Practice Test
This practice test was included with the textbook.  After taking the exam, I realize the practice tests and content included in the book was actually very good.  Typically when I purchase an exam-prep book I have little confidence in the practice questions included since they are based on the book information and not necessarily matching with the actual exam.  In this case, I was pleasantly surprised.  The areas I struggled with on the practice test were matched with the exam objectives, and after putting in some extra studying I understood the topics quite well.  Related questions on the exam were therefore quite straightforward.  This speaks very well to the quality of the book and the applicability of the practice test.

Exam
The test is done, phwew!  I passed comfortably, though not perfectly.  This exam was the longest exam I have taken in my career, and I have taken quite a few.  Now that it is done, I can say I was a bit underwhelmed by the experience.

Leading up to the exam, I had very high expectations at the difficulty and comprehensive breadth of CEH, but the test was considerably conceptual and only mildly deep in certain areas.  A strong background in TCP/IP and decent test-taking ability would be enough to get through the exam without much trouble.  That said, not everyone has the TCP/IP background, and if I didn’t have substantial networking experience I would have had to commit MUCH more brain power into figuring out what each exam question was really asking.

I don’t mean to knock the exam too badly.  EC-Council did a good job putting together an associate-level course for security-minded individuals.  I now feel more knowledgeable on security topics and how hackers can map out a network without much effort, but I certainly do not feel any more prepared to perform penetration testing as a career.  If EC-Council wanted to go that route, I would suggest putting together a practical of some sort, a lab exam, to be performed post-CEH.

Final Thoughts
This feels like a milestone, like the “must have” certification in the security world.  This may or may not be true; it really depends on personal goals.  For beginners, the credential seems unattainable, but it can be done.  After taking the class, reading the book and taking the exam, I can see why.  Take the class, pay attention, do a little extra work practicing and it should be no trouble at all. 

One more thing to note, most of the information presented during my course of study was already familiar to me by reading and participating in the forums of The Ethical Hacker Network, so participation on the forums is extremely helpful for long-term career progression.

I want to send my special thanks to Don and the regulars at The Ethical Hacker Network.  Achieving CEH was a goal of mine ever since I first heard it existed several years ago, and being granted the training was an amazing opportunity.
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Fri Mar 02, 2012 8:59 pm

Re: CEH v7.1 Review

Fantastic write-up, and congratulations!

Although, you forgot the most important part: What's next? ;)
The day you stop learning is the day you start becoming obsolete.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sun Mar 04, 2012 9:12 am

Re: CEH v7.1 Review

Yes, excellent review! Thank you for sharing and congratulations!
<<

nytfox

User avatar

Newbie
Newbie

Posts: 20

Joined: Mon Nov 28, 2011 1:54 am

Post Sun Mar 04, 2012 1:51 pm

Re: CEH v7.1 Review

=)
Unlike others I love NULLS
http://treasuresec.com
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Sun Mar 04, 2012 2:21 pm

Re: CEH v7.1 Review

yatz wrote:Exam Prep Book – CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker
When I prepare for a certification exam, I spend a lot of time reading.  I wasn’t able to find any exam prep book for CEH v7 until this one came out, so that was my selling point – it was the first one I found.  I am happy to report that I enjoyed the book very much.

I thought the All-In-One was excellent and a great companion to the EC Council material, although it did fall a little short in covering several sections: Wireless, Trojans, & Web hacking.

I actually appreciated where the author gave pen testing advice instead of just teaching to the test. For one, there's an awful lot of dated material in the ECC package and the All-in-one author pointed out these areas.

Unfortunately, I'm not sure how the information in the book will be relevant to the v8 test, which is a shame.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Sun Mar 04, 2012 9:32 pm

Re: CEH v7.1 Review

Good review and congrats!
sectestanalysis.blogspot.com/‎
<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Mon Mar 05, 2012 9:04 am

Re: CEH v7.1 Review

Thanks everyone!

ajohnson wrote:What's next? ;)


I actually needed to get CEH done quickly as now I need to study for CCNP.  I will be attending Cisco Live in June and I'll need to be ready to take the ROUTE exam by then.  Not sure if it's too aggressive to try for CCNP by the end of the year, maybe ROUTE and SWITCH this year and then TSHOOT exam next spring.  I didn't want to jump to CCNP without CEH yet, so I'm thankful I passed!
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software