How To Prepare for the CEH exam certification?
Step 1: Create a Plan
The structure CEH exam comprises of seven different areas.
1. Background: 4% weight, 6 items
- Networking technologies (e.g. hardware, infrastructure)
- Web technologies (e.g. web 2.0, Skype)
- Systems technologies
- Communication protocols
- Malware operations
- Mobile technologies
- Telecommunications technologies
- Backups and archiving (e.g. Local, network)
2. Analysis/Assessment: 13% weight, 19 items
- Data analysis
- Systems analysis
- Risk assessments
- Technical assessment methods
3. Security: 25% weight, 38 items
- Systems security controls
- Application/file server
- Firewalls
- Cryptography
- Network security
- Physical security
- Threat modeling
- Verification procedures (e.g. false positive/negative validation)
- Social engineering (human factors manipulation)
- Vulnerability scanners
- Security policy implications
- Privacy/confidentiality (with regard to engagement)
- Biometrics
- Wireless access technology (e.g. networking, RFID, Bluetooth)
- Trusted networks
- Vulnerabilities
4. Tools/Systems/Programs: 32% weight, 40 items
- Network/host-based intrusion
- Network/wireless sniffers (e.g. WireShark, Airsnort)
- Access control mechanisms (e.g. smart cards)
- Cryptography techniques (e.g. IPsec, SSL, PGP)
- Programming languages (e.g. C++, Java, C#, C)
- Scripting languages (e.g., PHP, Javascript)
- Boundary protection appliances
- Network topologies
- Subnetting
- Port scanning (e.g. NMAP)
- Domain name system (DNS)
- Routers/modems/switches
- Vulnerability scanner (e.g. Nessus, Retina)
- Vulnerability management and protecting systems (e.g. Foundstone, Ecora)
- Operating environments (e.g. Linux, Windows, Mac)
- Antivirus systems and programs
- Log analysis tools
- Security models
- Exploitation tools
- Database structures
5. Procedures/Methodology: 20% weight, 25 items
- Cryptography
- Public key infrastructure (PKI)
- Security architecture (SA)
- Service-oriented architecture
- Information security incident
- N-tier application design
- TCP/IP networking (e.g. network routing)
- Security testing methodology
6. Regulation/Policy: 4% weight, 5 items
- Security policies
- Compliance regulations (e.g. PCI)
7. Ethics: 2% weight, 3 items
- Professional code of conduct
- Appropriateness of hacking
Step 2: Break the plan into manageable study periods
Study the areas that you are most weak at first, then you can progress your market into smaller groups.
For example, you have the following scenario:
✓ 6. Regulation/Policy: 4% weight, 5 items
✓ Security policies
✓ Compliance regulations (e.g. PCI)
Need more training – 5. Procedures/Methodology: 20% weight, 25 items
Cryptography
- Public key infrastructure (PKI)
- Security architecture (SA)
- Service-oriented architecture
- Information security incident
- N-tier application design
- TCP/IP networking (e.g. network routing)
- Security testing methodology
Study Creating Scheduled Reports first
You must allocate a time period for each section by breaking each subdomain into chunks and the overall domain as well. For example:
5. Procedures/Methodology: 20% weight, 25 items – 5 hours
- Cryptography – 30 mins.
- Public key infrastructure (PKI) – 30 mins.
- Security architecture (SA) – 30 mins.
- Service-oriented architecture – 30 mins.
- Information security incident – 30 mins.
- N-tier application design – 30 mins.
- TCP/IP networking (e.g. network routing) – 1 hour
- Security testing methodology – 1 hour
Step 3: Familiarize yourself with the exam
At Intellectual Point, we have rapid exam test prep. Each student is given their own login information to track progress and take practice tests. There is also a Rapid Flash Cards website to practice in flashcard style studying.
Various practice exams are given online but need they must have the most current information so make sure the questions are updated. With our rapid test prep you are given the most current information, and topics covered in the exam. We have a 98% success rate for students. Students that fail have an option to retake the class at no cost. Exclusions apply, please see the instructor for details.
Step 4: Attend the exam prep sessions post class
The instructors of the class have exam prep sessions post-class to help prepare you for interview questions and exam prep. Before attending these sessions, review the required material. Mark where you have questions and what areas you can improve your IT skills. Be ready to practice, practice, and be asked questions to pass the exam.
Step 5: Take advantage of the resources offered at Intellectual Point including.
Aside from the exam questions help, students can use rapid flashcards to help prepare for the exam. You have eager peers and instructors willing to help you along the way.
You can also join our digital natives meetups to add connections. The digital meetup groups have individuals with job skills, connections, and open positions. They can help you get a career and making small connections that could add a large impact on your career decisions.
Step 6: Relax and take the exam.
You’ve done all the prep work. It is time to relax and be confident about the exam. Come with a positive attitude and make sure you had enough sleep. Make sure your environment to take the exam is quiet so that you can stay focused. Immediately inform the test center if there are noises that are causing you to be distracted.
Time management – Jump over the performance-based questions. To save time, take a guess and checkmark the “Mark” box. Make sure to check the entire exam before submitting the exam.
Step 7: Check if you Passed or Failed the exam
Make sure you check with the proctor to see if you passed or failed. If you passed, then celebrate by treating yourself to something special. Don’t worry if you failed, students can attend live labs or our digital meetups to connect with experts that will help. The more you surround yourself with experts, the better you are able to perform on the job and in the exam.
The exam will test the students on the following:
- Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
- Inform the public that credentialed individuals meet or exceed the minimum standards.
- Reinforce ethical hacking as a unique and self-regulating profession.
The exam consists of 125 multiple choice questions with a test duration of 4 hours.
Keep in mind in order to beat a hacker you must think like a hacker.
Here are some helpful tips on how to pass your exam?
How to Prepare for the Splunk Exam
