CEH Practical
Hi
Having passed the CEH v10 exam back in December - i am now looking to add on this with the CEH (practicals) exam ... however i cant find any information on what type of questions are to be expected.
I know its supposed to be a set of 6 exercise to perform ... but no idea how the questions are layed out - am i overthinking this.
Any thoughts/advice
Thanks
Roy
I hope all is well. The basic idea behind the CEH Practical exam, is to create a Live Fire environment where a CEH candidate will be given a series of time-limited tasks, or scenarios, that they have to execute on or figure out, and do so by actually doing things, as opposed to just answering questions about the theory of doing some particular thing.
The coverage area(s) for the practical approximate the same coverage areas as the CEH exam itself, as noted below:
CEH (Practical) Credential Holders should be able to:
Demonstrate the understanding of attack vectors
Perform network scanning to identify live and vulnerable machines in a network.
Perform OS banner grabbing, service, and user enumeration.
Perform system hacking, steganography, steganalysis attacks, and cover tracks.
Identify and use viruses, computer worms, and malware to exploit systems.
Perform packet sniffing.
Conduct a variety of web server and web application attacks including directory traversal, parameter tampering, XSS, etc.
Perform SQL injection attacks.
Perform different types of cryptography attacks.
Perform vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems etc.
I hope that helps to at least get you started off in the right direction.
Good Luck !!!
Cheers,
Adam
Hi Adam
Thanks for advice/suggestion
While I do have an idea of what its supposed to be covering - what i havent been able to find is some sample question from the CEH practical exam.
Having talked to the EC-Council people - I understand that the ilabs from Ec-Council - covers everything that is required for the CEH practical - so I have ordered a 6-month subscription to their ilabs and I am going thru them at the moment - although i already had access to the labs as provided by itprotv - but wasnt sure if that would be enough.
Going thru CEH course once again but paying more attention to the exercises/hands on demos from Daniel very helpful - I think i am getting most bits of the puzzle :-) ...
I was looking for sample questions to have an idea of what type of answers they are expecting - 20 exercises over 6 hrs ... thats around 18mins per question - I am sure all the questions wont be same weightage... would these be ctf style questions - or EC-Council expecting some narratives about how we went about "finding the answers".
I think due to the nature or sensitivity of the matter - there is no such information available around - well not that i have come across.
Thanks
Dev
The short answer to your immediate question is that the Practical Exam is HANDS-ON and is like a CTF exercise. You are expected to get through as many of the 20 challenges as you can in the allotted 6 hour time window, gathering points for each challenge completed successfully.
Here are 2 helpful links to take a look at. The first is a write up of a successful candidates experience, and I would suggest you read it carefully to understand the process of going through and getting setup for the exam, as well as what to expect when actually taking the exam. The write up DOES NOT really go into any of the details you are asking about, except to mention that it is a CTF environment using virtual machines for you to do the challenges on, BUT, it is a great primer for the actually step by step experience of getting through the exam, and will help you to avoid any surprises based on he process.
First Link: https://medium.com/@jonaldallan/passed-ec-councils-certified-ethical-hacker-practical-20634b6f0f2
The second link is a Reddit thread on CEH, and there is some really good info there, but you will need to dig a bit... :)
Second Link: https://www.reddit.com/r/CEH/comments/ek0gzp/ceh_practical_passed_2020/
Good Luck !!!
Cheers,
Adam