Tag Archives: Exam Preparation

Certified Ethical Hacker Exam

I have to blog my CEH experience otherwise I will not do it in the future. I promised myself that I will blog about CCNA exam and gave some tips about it and I wouldn’t. This time I will keep my promise to myself: time to write about CEH.

I passed CEH exam this Monday. According to EC Council (the organization who prepares CEH) The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.

Security guys who want to take a certification exam but cannot decide between CEH and Security+, I will recommend CEH because it covers similiar topics with Sec+ and it also helps you test your skills in security tools such as snort, hping2, nmap, etc.

I have to tell you that I find the exam a little unprofessional. There was a question that asking to interpret the output above but there was nothing at above! I called the Testing Center Staff and let her to note this and send it to the EC-Council. I also saw some typos. You prepare a world wide exam and make this type of mistakes? It just shows how much Ec-Council cares about the exam.

Anyway, let’s return the our topic.

There are two ways to take the exam: Self Study and Training.

If you have enough experience in the security field or took some computer security courses in the college, I would say Training would be waste of money. Instead spend your money to build a test enviroment. Lots of tools are covered in the CEH are free. You may not even need to buy another computer since you can use virtual machines. If you have Windows then use VMWare player. If you have mac or linux use Virtual box. All of them are free.

You have to fill out this form in order to be able to have self study option:


For more info about the exam, visit https://www.eccouncil.org/certification/certified_ethical_hacker.aspx

You will see lots of subjects if you check CEH exam in its offical website.  I will try to cover most of them in this blog rest of the year.

First Module: Introduction to Ethical Hacking

# What does a Malicious Hacker do?

* Phase1-Reconnaissaance

o Reconnaissance Types

* Phase2-Scanning

* Phase3-Gaining Access

* Phase4-Maintaining Access

* Phase5-Covering Tracks

Phase1: Reconnaissance (Footprinting)

There are two types of footprinting: Passive and Active.

Whois, traceroutes, google, dumster diving are examples of passive footprinting.

Ping, traceroute, nslookup, dig, host are example of active footprinting.

After finding enough information about the target, next step would be scanning target hosts.

Phase2: Scanning

In this phase attacker wants to collect as much as information possible. He uses scanners like nmap, hping, nessus, etc.

The main goal in this phase is learning networking enviroment of the victim.

Phase3: Gaining Access

After having enough information about his target, attacker wants to have a control on the victim’s machine. In this phase he needs to understand what he has from previous phases. For example if he see port 135-139 and 445 are open, there would be a chance to connect the machine by openning a null session.

Phase 4: Maintaining Access

Hackers usually want to keep their access with their victims. In order to do this, they plant rootkits, trojans, open backdoors.

Phase 5: Covering Tracks

I think this is the hardest part for a hacker because modern operating systems and applications logs everything login failure, succesfull access, IPs, times….

This is actually a good thing for “ethical hackers” because we want to track intruders in case of an attack. Of course there are some ways to cover your tracks as much as possible but what I am saying none of these methods can gurantee you that you cover all of your tracks.

This module is just for some general background information. We will have much more fun with next modules (well not the next one but after the next- next one is about the laws.)