CEH Practical Exam Review
Hey Guys!!! Myself Vinayak Agrawal. This blog is all about CEH Practical: where to study for this exam, learning materials, exam format, my experience and some advice from my point of view.
I recently enrolled for C|EH Practical exam in EC-Council’s cyber awareness sale, it costed me $149 for exam voucher (It does not include learning material).
What is C|EH Practical ?
CEH practical is a six hour practical exam which consists of 20 questions and you need to clear around 14–15 questions to pass the exam. The exam is proctored and is accessed through aspen dashboard. Also it is an open book exam i.e. you are allowed to google anything, however you are not allowed to talk to anyone. The exam is designed in a way to test our skills on-
Ø Network scanning
Ø Cryptography
Ø Steganography
Ø Wireshark
Ø Web vulns
Ø Brute-forcing
Exam Details
- Certification Name: Certified Ethical Hacker (Practical)
- Number of Practical Challenges — 20
- Test Format: iLabs Cyber Range
- Passing score: 70%
- Test Duration: 6 Hours
The exam is completely on iLAB environment. You will get 2 machines. One windows 2016 server and one Parrot OS(no more kali in updated exam).
You are required to use both machines as the questions will be related to both of them. During the exam, no one should be in your room and you need to keep your camera, microphone turned on and share your screen with them. They record the entire session.
About my exam
So now, let’s talk about my experience. My exam was scheduled at 17:15(IST) on 16/09/2021. After clicking on Start Exam, I was connected to a proctor on GoToMeeting. Proctor experience was nice, he assisted with all the login process and other stuff. Proctor will take a 360 view of your working area.
Now, I was provided with 2 machine, Windows server 2016 and one parrot OS. Windows was fine but parrot OS was lagging too much.
HAVE A GOOD INTERNET CONNECTION!!!
There were 20 questions, MCQs and fill in the blanks type. All the tools and wordlists were provided beforehand. Questions were based on Steganography, Cryptography, Wireshark, Network scanning, SQL, Hash cracking, password brute forcing and DVWA. I suggest you have a basic knowledge of Wireshark filters as it will save time.
Windows machine covered questions related to Steganography, Cryptography and Wireshark while Linux covered other topics mentioned above. You will be given 6hrs to solve them which is more than enough.
Tools I used during my exam
Ø Nmap
Ø JohnTheRipper
Ø Hydra
Ø Wireshark (Parrot and windows)
Ø Sqlmap
Ø Veracrypt (Windows)
Ø SNOW (Windows)
Ø HashCalc and MD5 calculator (Windows)
Ø Wpscan
EXAM Preparation
So, when I enrolled for the exam I didn’t have much idea about the exam as not many details are available on the internet. I talked to people on LinkedIn, asked about their exam experience and took some guidance on how to prepare for the exam.
I bought BittenTech’s- TechHacker CyberSecurity Bundle course which is based on CEH syllabus and much more, however its your choice to buy it, I am not promoting anyone here.
There are many free resources available on YouTube and google. You can read available blogs about CEH practical exam. The exam is not that tough, it requires basic knowledge and you can easily clear it.
Focus on the following tools:-
Ø Nmap (important)
Ø Directory Brute forcing tool (Gobuster, dirb)
Ø Password Brute forcing tool (Hydra is best)
Ø Sqlmap (Another important tool)
Ø Wpscan (Another important tool )
Ø Learn JohnTheRipper, Hashcat
Ø WireShark (very important)
Ø Veracrypt, Steghide, Snow
Some resources
https://www.youtube.com/playlist?list=PLrrgFyE6PtlaCixUxJPM0Y9Peye6iCewH
https://www.youtube.com/watch?v=wFtrPsdnLbU
https://github.com/CyberSecurityUP/Guide-CEH-Practical-Master
Furthermore, talk to more people who have already given the exam, ask about their experience and advices.
Thanks for reading. Keep Learning.
My socials
LinkedIn:- https://www.linkedin.com/in/vinayak-agrawal-2aa5a61ab/
Twitter:- https://twitter.com/Dr_Anonymous95
