Breaking down CEH exam questions with an Infosec expert
Jun 20, 2024
Infosec
Infosec and Cyber Work Hacks are here to help you pass the CEH, or Certified Ethical Hacker exam. For today’s Hack, Akyl Phillips, Infosec bootcamp instructor in charge of the CEH/Pentest+ dual-cert bootcamp, walks us through four sample CEH questions, explaining the logic behind each answer and discounting the wrong ones with explanations, allowing you to reach the right answer in a logical and stress-free way. This episode is a real eye-opener for aspiring red teamers, so keep it here for this Cyber Work Hack!
0:00 - Mastering the CEH exam 2:42 - Types of CEH exam questions 3:32 - CEH exam question examples 12:08 - Why a CEH boot camp is helpful 13:44 - How long is the CEH exam? 14:37 - Best CEH exam advice 15:18 - Outro
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Infosec and Cyber Work Hacks are here to help you pass the CEH, or Certified Ethical Hacker exam. For today’s Hack, Akyl Phillips, Infosec bootcamp instructor in charge of the CEH/Pentest+ dual-cert bootcamp, walks us through four sample CEH questions, explaining the logic behind each answer and discounting the wrong ones with explanations, allowing you to reach the right answer in a logical and stress-free way. This episode is a real eye-opener for aspiring red teamers, so keep it here for this Cyber Work Hack!
0:00 - Mastering the CEH exam 2:42 - Types of CEH exam questions 3:32 - CEH exam question examples 12:08 - Why a CEH boot camp is helpful 13:44 - How long is the CEH exam? 14:37 - Best CEH exam advice 15:18 - Outro
– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
About Infosec Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.
Chris Sienko:
InfoSec and CyberWork Hacks are here to help you pass the CEH or the Certified Ethical Hacker Exam. So for today's hack, akil Phillips, infosec Bootcamp Instructor in charge of the CEH Pentest Plus Dual Cert Bootcamp, walks us through four sample CEH questions, explaining the logic behind each answer and discounting the wrong ones with explanations allowing you to reach the answer in a logical and stress-free way. This episode is a real eye-opener for aspiring red teamers, so keep it right here for today's Cyber Work Hack. Hello and welcome to a new episode of Cyber Work Hacks. The purpose of this spinoff of our popular Cyber Work podcast is to take a single fundamental question and give you a quick, clear and actionable solution or a new insight into how to utilize InfoSec products and training to achieve your work and career goals.
Chris Sienko:
So for today's hack, I'm very happy to be talking with InfoSec's bootcamp instructor, akil Phillips. Akil's teaching one of the most popular certifications we have EC Council's Certified Ethical Hacker or CEH certification exam. So Akil previously told listeners his favorite tips and tricks for taking the CEH. That was on the feed last week. Hope you'll check it out. But today Akil has graciously agreed to walk us through several sample questions that he came up with that are very similar to those that appear on the CEH exam and give us some strategies for narrowing down the correct answer. So thank you for joining me today, gil.
Akyl Phillips:
Thank you. Thank you for having me.
Chris Sienko:
So, gil, can you break down the different types of exam questions on the CEH? Is this a primarily hands-on exam, multiple choice, something in between?
Akyl Phillips:
For CEH. It's primarily multiple choice and you do want to have some background in understanding the tools that can be used. But yes, again, you're still going to get to eliminate some answers there.
Chris Sienko:
Yeah, is it within the sort of multiple choice framework? Is is there a lot of terminology? Or is it? Are you getting to sort of things where it's showing you a scenario and then you have to choose the correct answer based on, you know like, imagining the scenario writing in your head?
Akyl Phillips:
It can be hit or miss on that one, so you might get some that are scenario based or you might get some that are specifically. You have to know this information, so it depends on the flavor of that question, got it?
Chris Sienko:
Depends on the flavor of that question. Got it Well? I guess the best way to get a feeling for each of these types of questions here is to run a couple examples in our feed here. So if you want to pull your screen up, akil, let's start with an example that you've prepared for us All right, let's do it, okay.
Akyl Phillips:
So here's the first one. Let me get some stuff out of my way, okay? And it says uh, tony is a penetration tester tasked with performing a penetration test after gaining initial access to a target system. Which of the following tools would not be useful for cracking the hashed passwords? We have A Hashcat, b John the Ripper, c THC, hydra and D Netcat. So do you just want me to go ahead?
Chris Sienko:
Yeah, yeah, yeah. I think a good way to sort of get a sense of it is if it's possible to sort of eliminate obviously you know wrong answers. I guess in this case you're basically eliminating right answers. So walk us through what your sort of deductive process would be here.
Akyl Phillips:
So I would start in the middle with the tools that I knew would 100% work for cracking hash passwords. John the Ripper, that's explicitly its job, right? Yes, so John the Ripper is going to grab a shadow file and then you're going to run through different hashes. Similarly, you have that feature within THC Hydra. Now, when we say hash passwords, there is some hashing that is done with hashcat, and that's actually its job is a password cracker as well, but we have D for netcat, which is called the Swiss Army knife of network tools. So this is the only one that stands out as not really related to the topic. Got it?
Chris Sienko:
OK, so yeah, so in this case, the netcat is our. Is our answer yes, got it Okay, so yeah, so in this case, the net cat is our. Is our answer yes, okay, very good, all right, let's, let's, let's check out the next one here.
Akyl Phillips:
All right. The second one is Becky has hired a client from Dubai to perform a penetration test against one of their remote offices and, working from her location in Columbus, ohio, becky runs her usual reconnaissance scans to obtain basic information from their network. When analyzing the results of her Whois search, becky notices the IP was allocated to a location in Le Havre, france. Is that how you pronounce that?
Chris Sienko:
I was excited to hear what you said, because I don't know either. But yeah, I'll go with that. Le Havre, something like that. We'll work with it.
Akyl Phillips:
Yeah, which regional internet registry should Becky go to for detailed information? So, this one is really pinpointed. You want to know exactly who is the internet registry for this portion of the world. So we have mention of Dubai and we also have mention of France. So that points me towards RIPE NCC right, france. So that points me towards ripe NCC right. Uh, who is the internet register for?
Chris Sienko:
internet registry for the Middle East and Europe. Oh okay, got it okay, so that covers all of them. Uh, now what are? What are? Can you speak a little bit to what the other three like cover?
Akyl Phillips:
sure, uh, aaron, is the internet registry for us here in the Americasicas right not to uh exclude. So that's north and south america and the caribbean islands. Um, well, we have lac nick, I believe that's latin america specifically got it.
Chris Sienko:
Um, and ap nick, if I'm not mistaken, I believe is the uh asia pacific area okay, so so far we, of the two questions we've, one is one is asked you to know the exact functioning of certain tools, and the second one wants you to have a sense of what some of the sort of governing or regulatory or whatever agencies are in different parts of the world. So that's that's interesting already. Here. We're already talking about things that are sort of like gathered around the process of ethical hacking, that aren't are not literally just, you know, getting into the system.
Akyl Phillips:
So yeah, no, you're spot on. It's um definitely one where you you can bounce all over the place.
Chris Sienko:
Yes, uh, okay. So, uh, do we want to try number three now here?
Akyl Phillips:
yep, let's go ahead and jump into it, says uh, bob, an attacker. An attacker has managed to access a target IoT device IoT is Internet of Things. He employed an online tool to gather information related to the model of the IoT device and certifications gained to it. Which of the following tools did Bob employ to gather the above information? And this one is really interesting because, again, if you aren't, you know doing that work, if you haven't been taught that you can use a specific tool for this, it might be a little bit harder to go ahead and search through. The first one is FCC ID, and this is actually the answer. This is the FCC identification database has a repository of all of these different tools that are used for not tools, but all of these different IoT devices, and you can just query that information there. So that is a correct answer.
Akyl Phillips:
Google image search is used for reverse image search. Ironically enough, I just found my mom had a romance scammer and I was able to figure out that the romance scammer was who they were from a Google reverse image search. Yeah, that was pretty fun. It was a nice little Christmas gift. Um, there's also a searchcom, which I haven't heard of before this question, and earth explorer. Similar deal there. Um. So I tell students a lot of the time if you haven't heard about it in your bootcamp a lot of times you can get rid of it. Um, and but that can be a double-edged sword. Right, that can be a double-edged sword, but here, this is definitely one of the times that that works.
Chris Sienko:
Yeah, yeah, I was going to say this one is one of those ones where there's definitely certain answers, where you're like that's not going to get me there. At Google image search, you know, like if you're looking for specific information that's not graphical, like you can, at least you can at least illuminate one of the four I would imagine you know. So that's, that's interesting, nope spot on, spot on yeah, okay, so uh, we got. We got one more here. It looks like yep, uh.
Akyl Phillips:
This one is. Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark, an attacker, noticed her activity several times and sent a fake email containing a deceptive page link to her social media page displaying all new and trendy outfits. In excitement, sophia clicked on a malicious link and logged into that page using her valid credentials. What and which of the following tools is employed by Clark to create the spoofed email? Okay, so this is another one where you definitely want to know the tools. The answer here is going to be Evil Gen X, evil Gen X as a spinoff of NGenX, which is one of our most popular web servers on the internet. You have n gen x and apache, so what they seem to be doing here is creating a cloned website, um, and evil gen x is going to be very useful for that okay, and what?
Chris Sienko:
and the other three are they? Are there any like easy uh, eliminations, in this case things that are just not at all related to that, or are they all pretty similar?
Akyl Phillips:
For sure you have Sloloris, which is used on DOS attacks PLC Inject PLC stands for Programmable Logic Controller, so this may be a tool more related to IoT devices and your SCADA systems. And PyLoris is not one that I'm familiar with, right, so that again, if you're not familiar with it, don't get hung up on it, just kind of learn to let it go.
Chris Sienko:
OK, great, yep, yeah. So that's a really solid piece of advice right there. If you've literally never heard of, you know one of the answers on there, like it's not because you fell asleep in class, it's because it's a, it's a real curve ball, right, yeah, okay, well, this is great. Let me um, uh, I'm going to stop the share here and I have just a couple more questions here for you. Akil, so InfoSec's uh, ceh slash, pentest Plus, dual cert bootcamp uh, which I should mention. Uh, if you take a bootcamp which I should mention, if you take a boot camp on CEH, you're going to get information for both CEH and Pentest Plus, but it ends after your five days with a practice exam before the actual exam. Is that correct? Can you tell me how that works and how it helps you to retain knowledge better than you know when it's the moment of truth?
Akyl Phillips:
Sure. So here's what I think the worst thing that could possibly happen to you on a prep for one of these exams. Right, you're studying, you're studying, you're studying, and then you get into the actual test and you've never actually done anything like this test, right? So for me, I use the practice exam as a setup for my students, because I tell them the worst thing that can happen is you take the exam, you fail the exam and then, in order to get the retake voucher that's promised to you from InfoSec, you have to go back and now do the practice exam. Right, how many people are going to go? I don't want to do that, right? So I try to get them to go into it with that pass number one and number two. Uh, I tried to use that practice exam to help them build their exam, taking stamina right, because we can all get tired of the exam in the middle of the exam.
Chris Sienko:
Yeah, how long is? How long is the exam? How much time do they give you?
Akyl Phillips:
For CEH. It's a lot of time actually.
Chris Sienko:
They give you a four hours, oh okay, yeah, that is, that is definitely a marathon and not a sprint. Okay, wow.
Akyl Phillips:
Yeah, definitely a double edged sword. Right Can either be just the amount of time that you need to review everything you need or, you know, if you're a more anxious person it can add to the anxiety.
Chris Sienko:
Now roughly like how much time per question does that? Does that like translate to Are there like 100 questions, 500 questions?
Akyl Phillips:
There's 125 questions.
Chris Sienko:
OK, yeah, you're sitting with a nice bit of time per question, definitely, yeah, I was gonna say you're, you're not luxuriating in it, but you're definitely don't have to be uh, snap judgmenting things in 30 seconds or whatever. So, uh, okay, so, um, I guess. One last question I asked this before, but I'll ask it again what's your best piece of advice for exam day?
Akyl Phillips:
uh, best piece of advice? Uh, so you know what? I'll give you something different than I gave you last time. Uh, second best piece of advice, then it would be uh, make sure that you eat breakfast. Right, take care of yourself that morning. Um, I think a lot of people kind of take it for granted and they go oh, I don't normally eat breakfast and it's like, well, you're also not normally awake and engaged until taking a four hour exam yeah, right, so you know it again.
Akyl Phillips:
Treat yourself right that morning. Make sure you eat breakfast, right. Uh, whatever your normal routine is, if it doesn't set you up for success and high performance in the morning, switch it up, switch itulous fabulous advice, akil.
Chris Sienko:
thank you for this front row center view of CEH's exam mechanics. That was super fun and very helpful.
Akyl Phillips:
Thank you for giving me the opportunity.
Chris Sienko:
And to everybody listening and watching at home. Thank you for watching this episode. If you enjoyed this video, if you think you got something out of it and you think other people might do as well, please share it with your colleagues. Any forums you're on or your social media accounts, Let us know you're doing it, Tag us in and definitely subscribe to our podcast feed and YouTube page. You can type in Cyber Work, InfoSec into any of them and we just pop right up there. There's plenty more to come and if you have any topics you want us to cover, whether it's certs or career tracks, just drop them in the comments below. We are always wanting to find out what you all are looking for. So until then, we will see you next time and, as always, happy learning. Hey, if you're worried about choosing the right cybersecurity career, click here to see the 12 most in-demand cybersecurity roles. I asked experts working in the field how to get hired and how to do the work of these security roles so you can choose your study with confidence. I'll see you.