Announcement

Collapse
No announcement yet.

Certified Ethical Hacker Exam

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Certified Ethical Hacker Exam

    Hey guys,

    This is my first topic on this forum :) Basically I took the CEH course and I've been wanting to take the test for some time. However, I've been really cautious and kind of pushing it aside because it costs 200$ to take the test so I want to be sure I am well prepared.

    I am pretty confident I know my stuff but the practice test from the course website (Quickcert) has some questions that kind of seem stupid like: "In Microsoft Windows Patch KB37839748, How did (insert program/function/method) change....". This I found stupid in either that: 1. It expected me to memorize all the patches made to windows ( 0.0 ). 2. It assumes I can look it up on the website which im pretty sure won't be the case during the test.

    So my question is, has anyone here taken the test and could elaborate a bit on the type of questions given? Also if there are any recommended practice tests, please do link them.

    Thanks in advance!,
    Hmind

  • #2
    Re: Certified Ethical Hacker Exam

    I cant comment as to any good practice tests, but I would really just avoid the CEH cert in general. Its another 'lets make money off the security industry' cert that, frankly, we already have enough of. At least a CISSP gets you recognition with the HR folks when pre-screening your resume. We periodically get CEH folks who submit their resumes here at work, and to be blunt, we mock them relentlessly then round-file their resumes.

    I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me

    Comment


    • #3
      Re: Certified Ethical Hacker Exam

      Originally posted by noid View Post
      We periodically get CEH folks who submit their resumes here at work, and to be blunt, we mock them relentlessly then round-file their resumes.
      Yep, round filed:

      http://www.infoworld.com/article/04/...cadvise_1.html

      "A Yahoo! News/Reuters story discusses students in Los Angeles paying $4,000 to attend 'Hacker College' and become 'Certified Ethical Hackers'. Apparently: 'Instructors race through topics like symmetric versus asymmetric key cryptography (symmetric is faster), war dialing (hackers will always call late at night) and well-known TCP ports and services (be wary of any activity on Port 0)', and the president of the college: says 'What we attempt to do in our classes is teach how the hackers think.' Hmmm, perhaps 'Certified Script Kiddie' would be a more accurate designation."
      Last edited by Greyhatter; January 30, 2008, 11:20.

      Comment


      • #4
        Re: Certified Ethical Hacker Exam

        Nice article :) Well I kinda figured that, but the cert may look good on the college resume... I don't know, i might as well take it and use it when its appropriate, I paid for the course.

        Btw, I did not learn "how to hack" from the course, I learned all that the hard way (via the web). I'm aware all the contents are basically "script-kiddy" stuff and I also believe the cert stuff is a bunch of crap (ever since I saw my friend get the "Microsoft Word" certification =P ), but I wonder if colleges really think that or they would take it as "proof" of that knowledge...

        Comment


        • #5
          Re: Certified Ethical Hacker Exam

          I've gotta agree with Noid.

          Focus on getting your certifications in the specific areas you're going into. The security community is vast.

          I, for example work a video game company deterring cheaters who use programs to obtain items in games illegally or access other player's accounts. To get this position I had to get certs in the languages that the game was written in, as well as obtain a few network certifications. Luckily these were offered and paid for by my company. Note that I had been volunteering my time with them for 4 years, administrating their in-game chat before they offered me this position and I was learning on my own at that time as well.

          We have other guys in this forum who work for ISPs, Spyware/Virus/Trojan/etc removal companies, Network Administrators for major companies and freelancers in here as well. Most likely they will say the same thing I am: Obtain the certs, make a good resume and try to get your foot in the door of companies that interest you. Be prepared for them to put you somewhere boring before you get the job you want from them too.

          My suggestion is get A+, Networking+, CCNA and CWNA. That should make you pretty well-rounded and get your foot in the door of a company.

          Good luck.
          -Ridirich

          "When you're called upon to do anything, and you're not ready to do it, then you've failed."

          Commander W.H. Hamilton

          Comment


          • #6
            Re: Certified Ethical Hacker Exam

            Originally posted by hmind View Post
            Nice article :) Well I kinda figured that, but the cert may look good on the college resume... I don't know, i might as well take it and use it when its appropriate, I paid for the course.
            I recommend strongly that you do not throw good money after bad. Some certifications are a wash, and some will actually count against you. CCNA, sure. CISSP, absolutely. Those are both good (for your resume, that is). Certifications such as CEH will only count against you. If someone actually *knows* what it is, they'll round file your resume in a heartbeat (I would). If they don't, the word "hacker" is the only thing they're going to see, and you'll *still* get tossed.

            Originally posted by hmind View Post
            Btw, I did not learn "how to hack" from the course, I learned all that the hard way (via the web). I'm aware all the contents are basically "script-kiddy" stuff and I also believe the cert stuff is a bunch of crap (ever since I saw my friend get the "Microsoft Word" certification =P ), but I wonder if colleges really think that or they would take it as "proof" of that knowledge...
            Times have changed, I suppose. Learning "how to hack" from the web just doesn't seem like much, to me. Take things apart. Put them back together. Stop and look at everything around you. I'm pretty old school, and I suspect that you might want to spend some time contributing to some OSS software, or quietly hanging out on various security mailing lists, before worrying about getting CERTs (or not).

            Comment


            • #7
              Re: Certified Ethical Hacker Exam

              Alright so i guess ill just not worry about that cert then, thanks :) I feel a bit like a noob now... But anyway, thanks for all the great info and ill look into what you guys suggested. Interestingly I have been to a class for Networking + (just went for the class with a family member to check it out, no credits :( ) and it seemed interesting although that class was recapping on website security certificates and public-private keys, it was nice to be in a room full of people who understood what I was talking about the other half of the time :)

              Thanks again,
              hmind

              Comment


              • #8
                Re: Certified Ethical Hacker Exam

                Ya, the Networking+ and Security+ certifications actually have some traction in the operations side of the security house. You can't go wrong with things like the CCNA cert. I personally despise the CISSP certification, but it at least has some name recognition with HR. As your career progresses things like the CISM, CISA, GIAC, PMP, etc. become useful depending on what focus your career takes. CISA and GIAC would be good if you head into the world of architecture and engineering. CISM and PMP are good if you are a manager like me.

                I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me

                Comment


                • #9
                  Re: Certified Ethical Hacker Exam

                  bear in mind that security+ is a retardly subjective exam and you're probably better off spending time and effort on cissp if you're series about infosec
                  if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

                  Comment


                  • #10
                    Re: Certified Ethical Hacker Exam

                    Don't know if this deserves its own thread (since the last post here was a bit old, but having these comments tied to my post here are a good thing for anyone wanting to play catch-up as they read) but i'm just curious...

                    Has anyone else recently received an invite to "Hacker Halted"... some retarded conference in Miami from the CEH crew? I don't know how they got my email address, and their message has so many fake URLs and such that Thunderbird thought it was a scam message. (All URLs are wrapped through RS6 Email Marketing Solutions)

                    Originally posted by their invite
                    EC-Council to Host The World's Largest Reunion of Certified Ethical Hackers

                    Miami will witness the biggest ever ethical hackers reunion party organized by the creators of the world renowned Certified Ethical Hacker program, in conjunction with the Hacker Halted USA 2009 Conference.

                    Albuquerque, New Mexico - To be held from September 20 - 24 at the Hilton Miami Downtown, overseeing Biscayne Bay and the stunning downtown skyline, Hacker Halted USA 2009 is set to be the perfect platform for information security professionals to enhance knowledge and exchange views, as well as network with other security professionals globally. It is also touted to be the largest reunion event of Certified Ethical Hackers from all over the world.

                    Hacker Halted USA 2009 is proud to have world renowned security experts comprising the likes of Howard Schmidt, Dave Litchfield, Ira Winkler, Michael Malin, Iftach Ian Amit, Mark Harris, Pamela Fusco, Jeff Bardin, Daniel Hoffman, Peter Berghammer, Trey Ford, James Aquilina, Tom Bowers, Ron Gula, Gunter Ollman, Greg Hoglund, among others, present intriguing and thought provoking security topics such as Threats and Countermeasures, Virtualization Security, Computer Forensics and Investigations, Application Security and Secure Coding, Malware and Botnets, Business Continuity and Disaster Recovery.

                    Leonard Chin, the Conference Director said, "Even with the bleak economic outlook, information security can never take a back seat. We are sparing no efforts to put up a world-class event to advocate increased awareness towards information security. We will live up to our promise to deliver one of the most informative and educational conferences that drives both the decision makers and the technical communities." He further adds, "We will also host the first ever reunion party for our community of Certified Ethical Hackers, made up by members across 60 countries, in Miami."

                    This information security event in Miami will also see the launch of the Hacker Halted | Academy. Recognizing the growing demands for quality information security trainings and education, EC-Council has put together some of the most sought after technical training & certification classes offered by top training companies and led by well-respected instructors, all under one roof. In addition to EC-Council certifications, exam preparatory classes for CISSP, CISM, CISA, NSA IAM/IEM, ISO27001 will also be offered. These and various other hands on technical training classes will be offered by the likes of EC-Council, Global Knowledge, NetCom IT, Insyte Training, CCCure.org, NGS Software, Foundstone, Aspect Security, Intrepidus Group, InterNetwork Defense. Hacker Halted | Academy will unequivocally be the destination for any information security professionals who wish to obtain necessary certifications or cutting edge technical skills.

                    Since 2004, the global series of Hacker Halted has been successfully organized in many cities including Myrtle Beach, Dubai, Singapore, Kuala Lumpur, Taipei and Tokyo. With Miami being the 14th in the series, other cities slated to host the event in 2009 are Seoul, Hyderabad and Kuala Lumpur. The objective of the global series of Hacker Halted conferences is to raise international awareness towards increased education and ethics in Information Security
                    God, i totally wonder if it would be possible to Outerzone these people and host our own con with loads of big names in the industry at a hotel across the street or something where we just Bar Con the whole time.
                    "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
                    - Trent Reznor

                    Comment


                    • #11
                      Re: Certified Ethical Hacker Exam

                      Yeh, if you get full marks on the test instead of an A, you get "~Pwn3d by <name here>~"

                      Comment


                      • #12
                        Re: Certified Ethical Hacker Exam

                        Originally posted by Deviant Ollam View Post
                        Has anyone else recently received an invite to "Hacker Halted"... some retarded conference in Miami from the CEH crew? I don't know how they got my email address, and their message has so many fake URLs and such that Thunderbird thought it was a scam message. (All URLs are wrapped through RS6 Email Marketing Solutions)
                        I got the same email on March 30th.
                        "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

                        Comment


                        • #13
                          Re: Certified Ethical Hacker Exam

                          Originally posted by noid View Post
                          Ya, the Networking+ and Security+ certifications actually have some traction in the operations side of the security house.
                          I know this is really old, and this isn't related to why the thread was necro'd, but the 2009 Network+ objectives has a larger focus on security.

                          Also, I get fliers in the mail all the time at work for that sort of nonsense. A coworker of mine got his CEH the same week I went to Defcon last year and he felt slighted, like I learned more things just absorbing Defcon then he did taking his few day crash course for CEH in West Palm.
                          "As Arthur C Clarke puts it, "Any sufficiently advanced technology is indistinguishable from magic". Here is my corollary: "Any sufficiently technical expert is indistinguishable from a witch"."

                          Comment


                          • #14
                            Re: Certified Ethical Hacker Exam

                            Originally posted by theprez98 View Post
                            I got the same email on March 30th.
                            Yeap, that's when mine arrived. I've had it filed under "crap to think about when i got back home from recent travels" and finally got around to doing a forum search, since i was pretty certain that people had talked about these bozos before.
                            "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
                            - Trent Reznor

                            Comment


                            • #15
                              Re: Certified Ethical Hacker Exam

                              Originally posted by g3k_ View Post
                              I know this is really old, and this isn't related to why the thread was necro'd, but the 2009 Network+ objectives has a larger focus on security..
                              Im taking the Network+ in about a month and although i havent really studied for it I definitley see a bigger focus on security in it, according to Comptia 11% of the exam is Network Security. Also just curious but is the CCSP at all valuble, im sure its specific to what you are doing but i dont know how respected it is.
                              Not every problem, nor every thesis, should be examined, but only one which might puzzle one of those who needs argument

                              Comment

                              Working...
                              X