CEH Exams

[skel]

Hi Everybody

I came across this site only today while I was doing some reading for the CEH. I read the prev thread about CEH.

First congrats Lv4

I am too is trying to do the CEH within next few weeks. I have an idea of the V3 exam ( I went for the training last year !!!) but the V4 is new to me.

Do you have any advice ? Any areas where they are are many questions ? :-)

Regards

[Lv4]

Thanks skel.

I don't know the difference between the v3 and v4 exams, but I guess I do know the v4 stuff fairly well.

They hammered me on nmap commands, know the /full/ commands and not the short cut commands. For example they expect to see nmap -v -v for very verbose, but I have always used -vv for the same thing.

Also I got a lot of packet sniffs that I had to decipher, and a couple of ettercap commands. Oh and I also had a couple of code snippets that I had to figure out where a buffer overflow was happening at... but that was only two questions out of the 125 given... and one of them was very obvious. They were both written in C/C++ but I wouldn't be too concerned about that.

Mostly though it was general security questions, like stuff on SSL, SQL injections and "word questions", i.e. Mary is a network administrator for XYZ corp and during a regular packet sniff she sees a lot of SYN packets to her firewalls, what does this indicate... like I said general stuff.

Your milage may vary though, because to my understanding they have a fairly large pool of questions. I know none of the other 20 people that took the exam with me got any code/buffer overflow questions, nor did they get any ettercap stuff. Maybe ICC just loved me and wanted to see how good I really am

[skel]

Hi Lv4

thanks for the reply. Will brushup on these areas further.

Regards