CEH Practical Exam Review
Introduction
This Blog is going to be all about the CEH Practical, What to Study, Study material, my experience and some tips for the exam.
Hello Guys, My name is Chirag Singla, I have passed my CEH Practical Exam Recently on 15th Feb 2022.
As I have CEH ANSI cert also, I Received CEH Master Cert along with CEH Practical
Exam Information
- Certification Name: Certified Ethical Hacker (Practical)
- Number of Practical Challenges — 20
- Test Format: iLabs Cyber Range
- Passing score: 70%
- Test Duration: 6 Hours
Exam Details:
- The exam is completely on iLAB Environment not on our machine
- You can access your iLabs machines from your browser
- You will be provided with 2 machines, 1 Windows machine, and 1 Parrot OS.
- You can google stuff from your host not from the VM:s.
- The exam is Open Book, which means you can search on Google and refer to written notes as well but you are not allowed to talk to anyone during the exam.
- You need a webcam, headphones, and a microphone. They record the whole session.
Topics Asked in the EXAM
The Exam was mostly concentrated on
- Network Scanning
- Password Cracking
- Steganography
- Cryptography
- Enumeration
- Using Wireshark
- SQL Injection
- File Upload Vulnerability
About My Exam
Ec-Council was providing a $550,000 Ethical Hacking Scholarship and I have enrolled for the same. After waiting for 2 weeks to receive my scholarship, I needed to pay 99$ to get the same. Without wasting much time I enrolled for it.
I scheduled My exam for 15th Feb 2022, evening at 05:30 PM. My exam was started at 5:30 pm sharp and Proctor Connected me Through Video Conferencing Software. It took around 20 minutes for the proctor to tell me all the rules and regulations.
Note: You Need A High-speed Internet Connection for the Exam(At least 10 MBPS), Proctor asked me to check my Downloading and uploading speed and tell him before proceeding for the exam.
I completed around 15 questions in 1hour 30 minutes and the rest 5 questions took around 2 hours 30 minutes.
I found the Exam difficulty in between easy to moderate
Preparation I took before the exam:
- Using NMAP
- Using Password Cracking tools(John, Hydra, Hashcat)
- Using tools for Steganography(Snow, Quick Stego)
- Using tools for Cryptography(BCtext encoder, Veracrypt, Cryptool, HashCalc)
- Exploiting Web Vulnerabilities(SQL Injection, OWASP TOP 10, etc)
- Exploiting android through Adb Port (Phonesploit)
- Some Boot to root Machines
Tip: You must Learn Windows-based tools as some challenges were based on windows tools
Exam Resources to Refer
The Exam is easy if you have experience solving CTFs (TryHackMe, HackTheBox, PicoCtf).
However, there are many free resources available Online
- https://www.hackingarticles.in/database-penetration-testing-using-sqlmap-part-1/
- https://securitytutorials.co.uk/brute-forcing-passwords-with-thc-hydra/
- https://unit42.paloaltonetworks.com/using-wireshark-display-filter-expressions/
- https://github.com/CyberSecurityUP/Guide-CEH-Practical-Master
Thanks for reading, Keep Learning and Stay Safe
You can contact me on
Email: Chiragsingla1800@gmail.com