Table of Contents
About EC-Council’s CEHv10 exam
The CEH exam is a 4-hour exam with 125 multiple choice questions. This knowledge-based exam will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more.
Who is a Certified Ethical Hacker?
A Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems.
A CEH understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential.
Course Outline
- Module 01: Introduction to Ethical Hacking
- Module 02: Footprinting and Reconnaissance
- Module 03: Scanning Networks
- Module 04: Enumeration
- Module 05: Vulnerability Analysis
- Module 06: System Hacking
- Module 07: Malware Threats
- Module 08: Sniffing
- Module 09: Social Engineering
- Module 10: Denial-of-Service
- Module 11: Session Hijacking
- Module 12: Evading IDS, Firewalls, and Honeypots
- Module 13: Hacking Web Servers
- Module 14: Hacking Web Applications
- Module 15: SQL Injection
- Module 16: Hacking Wireless Networks
- Module 17: Hacking Mobile Platforms
- Module 18: IoT Hacking
- Module 19: Cloud Computing Module
- Module 20: Cryptography
Preparation
As many have mentioned, the ECC material for the most part is useless. The course book is so massive and broad, and the videos are too split up for me to focus on, so I decided to mostly rely on outside material:
- The Matt Walker All-in-One book is essential. Matt Walker makes difficult to understand concepts seem super easy to understand. It has some interesting stories too that kept my attention. I would read this book even if I was not planning on giving the exam.
- Boson hands down the most crucial study material I used. If you are on the fence, or if you are paying for the cert personally, get it.
I did all the exams in study mode and read each explanation as the info given was the best summarized material I could find.
In short, stop holding out and get this if you are serious about passing the exam.
After understanding concepts, I’ve gone through official courseware suspecting miss outs in AIO, if any.
Not surprisingly, there are few things AIO didn’t cover. Believe me, there are one or two questions cropped in the exam.
Taking the exam
A day before, I didn’t prepare much, I worked on some Bug Bounty hunting automation scripts and I relaxed listening to music.
On the final day, it took around 30 minutes to complete test formalities and to start the exam. The proctor was very nice and everything went smooth, without any software/connection issues.
1 hour in the exam I have gone through all the 125 questions and I have marked 15 of them for reviewing them later.
After 10 more minutes I was ready to end the exam and to receive my grade:
Total Time: 1:10 hr
Total Points Scored: 105/125
Time preparing: 4 weeks
Ending notes
Biggest issue with the CEH: The wording of the questions. They are not worded very clearly, and some of the questions have 4 answers none of which make any sense. But you have to pick the “least worst” one. The CyberQuotient exams and quizzes are helpful for getting the question wording down, which is a big part of the battle.
Overall it was a difficult exam that I am glad it’s behind me. Study and prepare, don’t go into this with less than a good understanding of the material. If you give it a good honest effort you should be fine. Do NOT underestimate it!
Stay safe & Stay healthy. Good luck on your exam!
TLDR: Skip the EC-Council class, look over the AIO content, get the Boson question set and take each test 2-4 times (or until you have the content down cold), and use the CyberQuotient content if you have it. For reference, I redid (3 times) the Boson tests until I was regularly getting 92-93% and ended up with 91 and 94% on the two practice CyberQuotient tests (by the 3rd round).