Skip to main content

C|EH (Practical) : Tips and Tricks to write Exam

About the Certified Ethical Hacker (Practical)

C|EH Practical is a six-hour, rigorous exam that requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, web app hacking, etc. to solve a security audit challenge.

This is the next step after you have attained the highly acclaimed Certified Ethical Hacker certification.

Professionals that possess the C|EH credential will be able to sit for exam that will test them to their limits in unearthing vulnerabilities across major operating systems, databases, and networks.

You will be given limited time, just like in the real world. The exam was developed by a panel of experienced SMEs and includes 20 real-life scenarios with questions designed to validate essential skills required in the ethical hacking domains as outlined in the C|EH program.

It is not a simulated exam but rather, it mimics a real corporate network through the use of live virtual machines, networks, and applications, designed to test your skills. You will be presented with scenarios and will be asked to demonstrate the application of the knowledge acquired in the C|EH course to find solutions to real-life challenges.

  • Exam Title: Certified Ethical Hacker (Practical)
  • Number of Practical Challenges: 20
  • Duration: 6 hours
  • Availability: Aspen – iLabs
  • Test Format: iLabs Cyber Range
  • Passing Score: 70%
  • Open Book: Just Like In The Real World!
A professional that holds the CEH Practical credential validates that they can:

  • Perform network scanning to identify live and vulnerable machines in a network
  • Perform OS banner grabbing, service, and user enumeration
  • Perform system hacking, steganography, steganalysis attacks, and cover tracks
  • Identify and use viruses, computer worms, and malware to exploit systems
  • Perform packet sniffing
  • Conduct a variety of web server and web application attacks including directory traversal, parameter tampering, XSS, etc
  • Perform SQL injection attacks
  • Perform different types of cryptography attacks
  • Perform vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems etc.
Difference between CEH and CEH Practical

The CEH Exam is a multiple-choice exam consist of 125 questions and a time duration of 4 hours to complete and is a closed-book test. The CEH Practical is a hands-on exam consist of 20 challenges, a time duration of 6 hours, delivered through EC-Council’s Aspen — iLabs environment and is an open-book (open internet) test.

Once you passed CEH Exam and CEH Practical you will be CEH Master.


Exam Tips
  • Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems, etc;
  • System hacking, steganography;
  • Network scanning to identify live and vulnerable machines in a network;
  • OS banner grabbing, service, and user enumeration;
  • Different types of cryptography attacks;
  • SQL injection attacks;
  • Packet sniffing;
What you need to prepare well:
  • Scanning and Reconnaissance
  • Sniffing
  • SQL Injection
  • Brute-forcing or Password Cracking
  • Cryptography
  • Steganography

Format
  • Realized Test with Web Browser iLabs
  • One Kali Linux (No Update) and Windows Server 2016 to perform the pentest
  • Five machines to compromise on an isolated network from the internet
  • Search in Google? (Yes!)
  • Talk to someone during the race? (No!)
Tools
  • Nmap
  • Hydra
  • Sqlmap
  • Wpscan
  • Nikto
  • John
  • Hashcat
  • Metasploit
  • Responder LLMNR
  • Wireshark or Tcpdump
  • Steghide
  • OpenStego
  • QuickStego
  • Dirb
  • Searchsploit
  • Crunch
  • Cewl
  • Veracrypt
  • Hashcalc
  • Rainbow Crack
Examples Questions (There are the real issues)
  • What is the IP of the Windows X machine?
  • What is the version of the Linux Kernel?
  • How many Windows machines are there?
  • What is the password for user X of the FTP server?
  • What is user X's IBAN number?
  • Which user X's phone number?
  • What is the password hidden in the .jpeg file?
Useful Links

 Attacks Vector

Network Scanning

Enumeration

Brute Force

Wordlists

SQL Injection

System Hacking

Web Scanners

Sniffers

Reviews and Details CEH Practical

Additional Resources

Comments

Post a Comment

Popular posts from this blog

Python OOPs Concepts: Using Variables and Methods

  Types of Variables in OOPs Python   Instance Variable Static Variable Local Variable   Object Level Variables Class Level Variables Method Level Variables When to use: For Every Object if you want Separate copy, use Instance Variables For all object one copy is required, use static variables Inside method, Just used for temporary requirement Where to Declare Inside the constructor method (in general) Within the class directly, outside of methods (in general)   Within the method only. How to Declare Within the constructor: Instance variables can be declared within the constructor method using the self .   Using default values : Instance variables can be assigned default values during initialization.   Outside the class: use object name.   · ...

Polymorphism: Method Overloading vs Method Overriding

  Method Overloading In object-oriented programming languages, method overloading enables a class to have several methods with the same name but different parameters. However, in Python, method overloading is not directly supported as opposed to languages such as Java or C++. This is because Python allows developers to define default arguments for their methods and pass arguments of any type to a method. This flexibility allows a single method to handle various types of arguments, eliminating the need for overloading.   However, there is a way to simulate method overloading in Python by using default argument values or variable length arguments and conditional statements. Here's an example: Program using default arguments:       Program using variable length arguments:   Multiple methods with Same Name: When we define multiple methods with same name, Python will consider the last defined method only. Python will not support method overload...

Is Li-Fi Better than Wi-Fi?

Li-Fi  ( light fidelity )  is a bidirectional wireless system that transmit data to the devices like mobiles, laptop, etc., via infrared light or LED. The device has a receiver to pick up light signals and a transmitter to send light signal back to the lamp using infrared light or LED. It was first unveiled in 2011 and, unlike Wi-Fi, which uses radio frequency, Li-Fi technology only needs a light source with a chip to transmit an internet signal through light waves. Light fidelity (LiFi) is a faster, more secure and efficient wireless connection that uses light waves to transmit data Li-Fi technology still has a long way to go before worldwide adoption but every year, we are getting nearer to enjoying it for ourselves. The future surely looks bright with LiFi. How LiFi Works? LiFi makes use of visible light through overhead lighting for the transmission of data. This is possible through the use of a Visible Light Communications (VLC) system for data transmission. A VLC system ...