Getting certified in CEH
One of the most well-known hacking certificates is EC-Council’s Certified Ethical Hacker (CEH). I also followed this course, fortunately at a course institute where there was a lot of practice. So in addition to some theory, also hands-on.
CEH v10 course and study material
The course was scheduled, five full days at a course center where, according to colleagues, a great teacher gives the course. On arrival I was kindly received and the coffee bar was shown. Luckily they had good coffee so that would be fine during the breaks. The course was planned over five full days with a total of 40 hours on site. On the first day, the teacher gave the study material, which consisted of three books. Two books full of slides from the presentation and a book for the lab environment. The teacher told a piece of theory and then quickly switched to practice to clarify the theory. Fortunately, the teacher was very practical and good in the subject matter
Modules in course
| Module nr. | Module name |
|---|---|
| Module 1 | Introduction to Ethical Hacking |
| Module 2 | Footprinting and Reconnaissance |
| Module 3 | Scanning Networks |
| Module 4 | Enumeration |
| Module 5 | Vulnerability Analysis |
| Module 6 | System Hacking |
| Module 7 | Malware Threats |
| Module 8 | Sniffing |
| Module 9 | Social Engineering |
| Module 10 | Denial-of-Service |
| Module 11 | Session Hijacking |
| Module 12 | Evading IDS, Firewalls, and Honeypots |
| Module 13 | Hacking Web Servers |
| Module 14 | Hacking Web Applications |
| Module 15 | SQL Injection |
| Module 16 | Hacking Wireless Networks |
| Module 17 | Hacking Mobile Platforms |
| Module 18 | IoT Hacking |
| Module 19 | Cloud Computing |
| Module 20 | Cryptography |
CEH lab environment
After each module there was a possebility to practice the new knowledge in their iLabs environment. During the exercises you were guided step by step through the explanations at the labs. You had to tick each step if you had done that. There were often multiple virtual machines available in the environment. For example, you had to switch between a Linux and Windows environment, a workstation or a server. During the course, the teacher had told us that you had to know how the applications worked, including the arguments you give to a command for the exam. So I wrote down in my notes mainly the things that I didn’t use often so that I could easily find it again before I took the exam.
Books
As mentioned before, we received three books at the start of the course. These three books were in my opinion not practical to read as they are based on slides of a presentation. The teacher indicated that we would get another book Passing the CEH 10: Learning the Certified Ethical Hacker 10 somewhere in that week. A book that does explain well how things work and how to apply it. Almost at the end of the course the books came in, they were printed especially for us. Some pages were printed too small, but still readable with some concentration. As a supplement I have bought the book CEH v10 Certified Ethical Hacker Study Guide 1st Edition , because it contained some practice questions at the end of each chapter, two practice exams and something I like during learning, flashcards.
Flashcards
Because I had bought the book: CEH v10 Certified Ethical Hacker Study Guide 1st Edition . I could access the flashcards via the website. With a lockdown due to COVID-19, I couldn’t go very far and I could best spend the time preparing for an exam next to my family. While the rest enjoyed themselves in the garden, I sat outside with them with my tablet and the flashcards. Although there are fewer flashcards than concepts, this has been a desirable addition to quickly test and refine my knowledge in between.
Practice exams
Like the flashcard, I was able to take two practice exams through the Sybex website. An advantage that I also discovered later while making the practice exams is that all questions per chapter were also digital. During the practice I got a lot more questions that I could practice. The practice exams are based on the book, so once you’ve read the material in its entirety, you should be able to answer all the questions without any problems. I noticed that my knowledge was sufficient and I looked forward to taking the exam with confidence.
CEH Exam outline
The CEH exam is an ANSI exam in which you have to answer 125 multiple choice questions in 4 hours. The exam can be taken at Pearson Vue and booked under code 312-50. The 4 hours that stands for 125 questions is, in my opinion, very long. So there is no need to really stress about time. During the course the teacher told us that the exam could exist out different question banks and the rating for each examination could diffur. Depending on which exam form is challenged, cut scores can range from 60% to 85%. All these information is written by EC-Council in a exam blue print which I used for preparing for my exam as well.
The exam
I scheduled the exam on Tuesday morning (April 28) at 9:00 AM. I always try to take the exams in the morning, so that I am still fit when I take the exam. The weekend before, nothing was planned and with the lockdown due to COVID-19, not much could be done. Fortunately, I was able to take the exam on location. This was because I had already planned in advance and only one person could sit there at the exam location. Now that everything was arranged and I was ready, I enjoyed a relaxed weekend where I could occasionally make an exam question during the weekend.
Tuesday morning I drove by car to the exam location. A short drive and I was on time for the exam. I also reported to the reception and I could put my things in a personal safe. My data was checked, a photo was taken and I was then allowed to go to the exam room.
After going through the rules and agreeing to the terms, it started. The questions flew by for me and in just over an hour I had answered all the questions. I felt confident that I had passed the exam and decided not to go through the questions again. At the end I saw that I had passed the exam, not flawless but still with a very good score.