I have read many things about that CEH is not that good, but I think otherwise. I think everyone in IT schould attend a cource like this. You learn alot, some basic some advanced stuff. You need to start from somewhere, and this is a good starting point.
You need to learn how to walk before you can run.
I passed the CEH – Practical test 2019-02-27 And my thoughts about the test.
- You use a browser to access the test
- You can take notes on the local machine. Remember you might be forced to reset the vm:s (Kali box and Windows machine)
- There are 20 questions, you need to press the arrow to se question 11-20
- I am not used to US-Keyboard, but after this I am. I dont know if it possible to change in the test.
- You access your Windows machine and Kali box from a web browser.
- Do not use the copy and past function that is in the web panel. At least with large text. I needed to reboot my Kali box when I pasted my notes between Windows box and Kali box.
- Do not use Linux as host, it is not supported on your machine. It is ok to use a virtual machine to acces the test. That’s what I did.
- You can google stuff from your host not from the VM:s.
- You need a webcam, headphones and microphone. They record the hole session.
- What skills are good to know at least what I used
- Sql blind injections
- Sqlmap
- Wireshark (windows)
- Stego stuff
- nmap
- netdiscover
- snmpwalk can be a good thing
- msfconsole
- How to find out what os is running on a box, nmap, snmp, smb and google is your friend.
- wpscan
Tips and Tricks 
What do you recommend using in preparation for this exam?
So little information out there.
What kind of questions are to be expected?
Congratulations in passing the exam.
LikeLike
Hi!
Like it or not the test is in the webrowser. US default keyboard can be tricky. Question like this. You have a machine in the network using mysql, find the password for user gurka or There is an image with a hidden account number , find it. What machine in this network is running windows 10? You will have 20 questions to answer to. Hints, Stego, sql injection, wordpress. I hope you will nail it!
LikeLike
Thank you for the reply, that helps.
Thank you, hope I do.
LikeLike
Take it cool, make sure you webcam and microphone is working. Take notes of your findings. Your are gonna nail it!
LikeLike
Hi, the question on this one, for example in Steganography, the VM on the browser will contain an image right? it is allowed to email the image at your host and examine the image there instead of on their VM?
LikeLike
You will not have internet access on the machine. But you will have all the tools on that VM that you have.
LikeLike
You can use any tools on internet or only for their specific VM?
LikeLike
Not from there machines, Windows or Kali. No need to, all tools are installed that you need. But you can copy/past to your machine if you want to and the use our PC for internet access.
LikeLike
Hello,
Congr. for the exam.
Which one seems more difficult compared to OSCP?
It is enough to solve 20 questions in 6 hours.
LikeLike
Yes it is enough. There is no bufferoverflow in CEH….I have not done OSCP yet. But plan to do. I will keep you posted!
LikeLike
Can you search the internet form your computer, I mean, there is no internet in the VM provided, but are you able tu use internet form your local network in your machine???
Another question, can you use your notes form, for example, your drive o from cherrytree??
LikeLike
The vm is accessed thru a web browser. But you can use another browser or tab to access your notes.
LikeLike