«

»

Dec 23

Certified Ethical Hacker (CEH) Preparation Toolkit

The Tools You Need to Learn Ethical Hacking and Get CEH Certified

This is post number two in my quest to become a Certified Ethical Hacker.

In my last post, I talked about why I am Investing a Year in Ethical Hacking.

Now, I’m going to share the resources I plan to use over the next year.

cehtoolkit2

My general recipe for all certifications is the following:

  • Video Training
  • Book
  • Practice Test
  • Practice Lab
  • Notes
  • Other Websites

Keep reading and I’ll go into detail about each one.

Training Approach

The EC-COUNCIL requires two years of security experience to qualify to take the CEH exam along with a $100 application fee.  Alternatively, you can take their training for around $2,000 and they waive the experience requirement.

I have some experience so I have decided to skip the official EC-COUNCIL training and use a collection of resources that I have found.

Note:  I’m not making any money from the links below.  I’m just sharing what I use for the benefit of anybody who is preparing for the Certified Ethical Hacker exam.

Video Training

I have used video training almost exclusively for the last 10 years.  Reading a book is essential, cehpluralsightbut watching a good instructor dramatically accelerates understanding!  There are a lot of great video training providers out there but for the CEH, I will be using my PluralSight subscription.  They not only have CEH, but also PowerShell, Python, Wireshark, and a bunch of others.  Honestly…I’m not sure what I’ll get into exactly but I’m sure these will be helpful.  https://www.pluralsight.com/

 

BOOK

I always use one book and sometimes a smaller study guide as a secondary resource.  I almost necehbookver have used more than one full-sized book because I just won’t take the time to read that much.  I read reviews on Amazon and just pick the one that I think is best.  I also preview the book’s content or get the Kindle sample so I can get a feel for the authors writing style.  If I can’t get through the sample easily, I’ll skip the book.

For the CEH, I have picked this book:  CEH Certified Ethical Hacker All-in-One Exam Guide, Third Edition

I got the kindle version so I can read it on my lunch break at work or at home without having to carry a huge book around.

Practice Lab

For a lab, I have a pretty beefy desktop computer.  It is several years old but with a Core i7 processocehlab2r and 16GB of RAM, it is enough to comfortably run a few systems at once.  I’m using Windows 10 Pro with client Hyper-V.  I prefer to use my own system over a pre-built lab environment because I end up learning more when I build it start-to-finish.  I definitely recommend this approach.  It will take longer but it will be well worth the effort.  I’ve already started making some new systems!

Practice Tests

I have used Transcender for almost every certification I have earned since Windows 2000.  Their expcehtranscender1lanations are the most valuable part because they go into such great detail about why the right answer is right and why the wrong answers are wrong.

Practice tests also help get my brain in “test mode” which is a skill independent of the actual content of the test.

This is one resource I actually don’t have for the CEH yet.  I’ll see if my employer will pay for this part…I’ll share how that goes.  For $150 I think it is worth every penny!

https://www.transcender.com/

NOTES

I have always been a big note-taker.  It helps me organize my thoughts and rcehnotesephrase content so I understand it in my own words.  Even if I never read the notes (although I usually do) just writing them helps me remember.  Now for the weird part…Without exception, I use a BIC G2 pen and a classic college ruled composition notebook.  This is how I’ve taken notes for the past 10 years.  I thought a RED one was appropriate for notes about becoming a Certified Ethical Hacker!

I occasionally use note cards too but that has never been a big part of my study method.

 

Other Websites

I’m not the first person to take the Certified Ethical Hacker test or write about information security topiccehmetasploits.  I’m sure I will end up using a lot of different websites for supplemental learning.  So far, I have just one bookmarked that I am REALLY excited about using.

The FREE ‘Metasploit Unleashed’ course from Offensive Security is massive!

Yeah, I know they have their own cert but the content overlaps so I’m using it!  Who knows, OSCP might be next…but that is getting WAY ahead of myself.  CEH.  Focus!

BONUS

I have kids, and coworkers, and neighbors, and no matter what season it is, someone is always rucehbosenning a leaf blower nearby.  I like to make the whole world disappear and be completely engrossed in my study.  I “invested” about $200 in these REALLY nice Bose Quiet Comfort 20 Earbuds that have active noise canceling.  It is well worth it!  They are especially valuable during a difficult subject or while writing a script where interruptions can be pretty major setbacks.

Note: If I were to do it over again, I MIGHT have gone totally nuts and got the Bluetooth version of these.  The nice thing about wired is that you can still use them if the battery dies just without the noise canceling.

In addition to the earbuds, I also use the Focus @ Will app.  It is a few dollars a month which I can easily justify with the time I save.  Something about their playlist is less distracting than any normal music I would listen to while working/studying.  I like the AlphaChill playlist the best; give it a listen.  https://www.focusatwill.com

CONCLUSION

It takes a lot of different resources and a variety of techniques to learn a new skill.  As I lay out all of this content, a whole year almost doesn’t seem like enough time!  I’ll have to hustle!

Follow my progress here, on Twitter @Dconsec, or on Facebook @Dconsec

QUESTION

I would love to hear from anybody who has completed the CEH or anyone who is working on it now.  Have you used these resources?  If so, how did you like it?  If not, what other resources would you recommend?

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>