It’s an unfortunate fact that cyber-crime is on the rise in terms of both incidence and level of sophistication. Hackers, for a variety of reasons ranging from simple mischief to committing felonies, cost the world of e-commerce billions of dollars annually. In fact, a report released earlier this year puts the annual cost of cyber-crime at $600 billion USD.
Clearly, there is a demand for people who can outsmart cyber-criminals. The best way to foil criminal hackers is to have ethical hackers (aka “White hat” hackers) opposing them. These ethical hackers, armed with the same skills and savvy as their unethical counterparts, are much in demand. The digital world needs heroes, but those heroes need training before they can fight crime.
To that end, there are Certified Ethical Hacker courses offered to train those prospective white hats, courses that culminate in the CEH certification exam. That exam is the final piece of the puzzle, a necessary element for anyone who wants a career in professional ethical hacking.
But many people find that the test is challenging and notoriously difficult. Wouldn’t it be nice to have a resource to help aspiring ethical hackers to pass the exam, something that gives a fair advantage?
Fortunately, that’s what we’re here for. Here are some amazing tips and tricks you need to keep in mind before and during preparing for your CEH exam.
What Does the CEH Exam Entail?
The first step in getting ready for the CEH exam (or indeed, for any exam, for that matter), is to get an idea of what you’ll be up against, what you’re facing. With that in mind, here’s what the Certified Ethical Hacking exam is made up of.
The exam, an entry-level certification test, is composed of 125 questions, all of them multiple choice. The score required to qualify for the certification depends on the exam itself. Some of the exams state the exact passing score as a percentage required. On the other hand, some of the exams’ passing scores are based on the knowledge and skills needed to demonstrate competence in the subject matter and the difficulty of the questions that are delivered to a candidate.
The actual cut score (the number of items you need to answer correctly) is based on input from a group of subject-matter experts who review the difficulty of the questions in relation to the expected skills of the target audience. As a result, the number of items that you have to answer correctly varies depending on the difficulty of the questions delivered when you take the exam. This ensures that regardless of which combination of items you see, the evaluation of skills is fair.
If you see a more difficult set of questions, the number of correct answers needed to pass is less than if you see an easier set of questions.
Since the number of correct answers needed to pass varies based on the difficulty of the questions delivered, if you see a difficult combination of questions, your performance may actually be higher in relation to the passing standard even though you answered fewer questions (in other words, a lower percentage) correctly than if you saw an easier set of questions.
However, the good news is that multiple-choice questions are easier to answer than questions that expect full, written-out answers, or even worse, essays! So while you will most likely have the time you need to answer the questions, there’s still the matter of knowing what you’ll be tested on and being ready for it.
The CEH exam tests your knowledge in 19 different domains. These domains cover every facet of CEH, such as server hacking, penetration testing, trojans and backdoors, viruses and worms, and of course, the basics of ethical hacking, to name a few. Here’s the tentative breakdown of the CEH v10 by section:
- Section I: Background -5 questions
- Section II: Analysis/Assessment -16 questions
- Section III: Security -31 questions
- Section IV: Tools, Systems, and Programs -40 questions
- Section V: Procedures and Methodology -25 questions
- Section VI: Regulation and Policy -5 questions
- Section VII: Ethics -3 questions
Now that you have an idea of what the exam entails, let’s look at the question of how to prepare and clear the CEH exam.
Before Preparation: Eligibility!
But first thing’s first. Before you even get to the point of exam preparation you have to make sure that you meet the eligibility requirements for taking the CEH exam in the first place. Otherwise, you’re just spinning your wheels.
For starters, you need to prove to the EC-Council that you have at least two years of information security experience, as well as an educational background that demonstrates a specialization in information security. And of course, don’t forget the CEH exam cost of $100 USD.
Incidentally, there is another, far better way to secure your eligibility, but we’ll be covering that later on, near the end. Stay tuned!
Getting Your Start: Research!
When it comes to preparation for the CEH exam, you need to do your due diligence in research, and nothing beats starting off your prep the right way than by going right to the source for help. The EC-Council website is filled with loads of useful resources such as CEH FAQ’s, background reading on CEH certification, exam breakdown, and more. Check them out first, then branch out from there.
Get A Study Guide
Preparing for the CEH exam means making oneself familiar with Certified Ethical Hacking certification in general. For that, you need a study guide, and there are plenty of them out there to choose from.
If you want a good springboard, a specific recommendation, then this guide will give you a full end-to-end view of the CEH certification process, including a pre-made study plan. The e-book details the history of ethical hacking, a salary report for CEH positions, the prerequisites for certification plus the eligibility requirements, and the aforementioned study plan.
But no matter which guide you choose, make sure you don’t ignore this step!
Join a Forum
A load shared is a lighter load. There are many CEH forums and blogs out there, filled with people who have the same interests and goals that you do, with many of them aspiring to be CEH certified as well. Many people on these forums have taken (or are preparing to take) the exam and have tips and strategies to share, as well as general advice and insights.
You can also pick the brains of fellow CEH students and professionals, and in the process discover where each other’s strengths and weaknesses lie, thereby helping everyone to narrow down where their knowledge is perhaps a little light. One person’s strength may be another person’s weakness, and by communicating via the forum, knowledge is imparted to the one who needs it while the one who has it manages to reinforce what they already know (repetition does wonders for retention!). Once you’ve identified the areas where you need more work, you can move to the next step…
Create a Study Checklist
After you’ve discovered what gaps exist in your hacker knowledge, you should create a checklist of study topics, prioritizing the specific ones that require more attention. Bear in mind that you should definitely make sure to still devote some study time to the topics you already know; it never hurts to reinforce and refresh your knowledge a little. However, the priority should definitely be towards addressing any knowledge gaps first, then revisit later.
Here’s a list of topics you can expect to find covered in the CEH.
- Access points for penetration (risk assessment)
- Current security laws and industry standards
- Security controls
- Session hijacking
- Social engineering
- TCP handshake
- DDoS attacks
- Hacking in the cloud
- Latest trojans and viruses
- Latest phishing schemes
- Latest mobile hacking tools
- Security issues in Windows operating systems
- SQL injection
- Types of Malware
Find Our Ethical Hacking Courses in Top Cities
Practice Makes Perfect
If you want to avoid unpleasant surprises when taking the CEH exam, then consider taking a practice exam or two. They’re easy to find online, and the EC-Council site has a number of them. Note that this particular step shouldn’t be attempted until you have already done a lot of research and prep work, taking care of any knowledge gaps.
A word of warning: there have been instances where some people have posted some of the CEH v9 questions online. Be aware that the EC-Council is aware of this practice, and has updated the questions (hence them rolling out the new version, v10). Stay on the straight and narrow, and don’t fall for short-cuts like this! The things you see online won’t be the exact same things you see on your CEH test.
Want Some More Help?
We mentioned earlier about a “better way” to secure CEH eligibility, and here’s where your patience pays off! Sure, you can wade through the paperwork and red tape to verify your eligibility to take the CEH test, or you could take a course and fast-track your way to the exam!
Simplilearn has every resource you need to prepare for the test and ace it on the first try. With Simplilearn’s Certified Ethical Hacker Certification, you will gain training on the advanced step-by-step methodologies that hackers actually use, such as writing virus codes, and reverse engineering, to name a few. Equipped with this training, you can better protect your corporate infrastructure from data breaches. You’ll master advanced network packet analysis, securing web servers, malware threats, and advanced system penetration testing techniques to build your network security skillset and beat hackers at their own game.
The course provides you with 40 hours of instructor-led training, six months’ free access to CEH v10 labs, study material by the EC-Council, and of course, the CEH exam, with the $100 fee already included! The course can be taken via Online Classroom FlexiPass for individual students, or as a corporate training solution for businesses.
Once you’ve finished the course and taken the exam, you will have achieved the goal of being a certified ethical hacker, and doing it while learning valuable skills. Why tackle CEH certification on your own, when Simplilearn can be a valuable ally and resource, smoothing out the road for you?
But why stop at the CEH v10? Simplilearn offers a vast array of cyber-security courses, including the ultimate, the Cyber Security Expert Masters program. Of course, Simplilearn also teaches other facets of digital education in addition to cyber-security. But whatever it is, Simplilearn is your go-to resource for training in the digital age.
Check it out now, get your CEH certification, and then start on your journey to becoming a full cyber-security expert!