Certified Ethical Hacker Exam Prep [Paperback]

Michael Gregg (Author)

Book Description

Publication Date: April 17, 2006 | ISBN-10: 0789735318 | ISBN-13: 978-0789735317 | Edition: PAP/CDR

The CEH certification shows knowledge of network penetration testing skills. The CEH exam takes three hours and 125 questions, requiring a broad and deep knowledge of network security issues. The CEH Exam Prep is the perfect solution for this challenge, giving you the solid, in-depth coverage you'll need to score higher on the exam.

 

Along with the most current CEH content, the book also contains the elements that make Exam Preps such strong study aides: comprehensive coverage of exam topics, end-of-chapter review, practice questions, Exam Alerts, Fast Facts, plus an entire practice exam to test your understanding of the material. The book also features MeasureUp's innovative testing software, to help you drill and practice your way to higher scores.

Editorial Reviews

About the Author

Michael Gregg (CISSP) is the president of Superior Solutions, Inc., a Houston-based training and consulting firm. He has more than 20 years experience in the IT field and is an expert on security, networking, and Internet technologies. He presently maintains nearly two dozen certifications, including CISSP, MCSE, Security+, CCNA, and CIW Security Analyst. He has consulted and taught for many organizations and is a 9-time winner of Global Knowledge's Perfect Instructor Award. He is the author of several books and courses, including CISSP Practice Questions Exam Cram 2 and CISSP Exam Cram, both from Que Publishing.

Product Details

• Paperback: 696 pages
• Publisher: Pearson IT Certification; PAP/CDR edition (April 17, 2006)
• Language: English
• ISBN-10: 0789735318
• ISBN-13: 978-0789735317
• Product Dimensions: 7 x 1.5 x 9.2 inches
• Shipping Weight: 2.2 pounds (View shipping rates and policies)
• Average Customer Review: 4.2 out of 5 stars  See all reviews (20 customer reviews)
• Amazon Best Sellers Rank: #272,068 in Books (See Top 100 in Books)

More About the Author

Michael Gregg is COO of Superior Solutions, Inc. (www.thesolutionfirm.com), a Houston based information security assessment, penetration testing, and IT security training firm. Mr. Gregg is responsible for helping corporations establish and validate enterprise wide information security programs and controls. He is an expert on cyber security, networking, and Internet technologies.

While consulting consumes a large amount of Michael's time, he has contributed to more than 10 books and has spoken at security, technology, and educational conferences such as ISC2's Security Leadership Conference, Hacker Halted, Government Technology Conference (GTC), National Credit Union Administration (NCUA) IT Conference, and The American College of Forensic Examiners.

Michael has appeared in numerous media outlets including The New York Times, Fox News, Canadian News (BNN), Kiplinger as well as NPR, ESPN, and other major networks. He holds two associate's degrees, a bachelor's degree, and a master's degree. He presently maintains many certifications including CISSP, CISA, CISM, etc.

Most Helpful Customer Reviews

71 of 71 people found the following review helpful

4.0 out of 5 stars Very effective book May 24, 2007

By Nick R.

Format:Paperback

The previous poster did bring up a good point: this book will not teach you how to hack. It WILL help you pass the CEH exam. It lays a very good foundation, and the only reason I give it 4 stars was because it was lacking the detail and depth to be fully comprehensive.

Keep in mind, that this book is meant for people who do have an administration background and who happen to be pretty familiar with Linux and Windows. The book is written for that group of people because without that experience, you probably won't have the experience necessary to be a CEH.

I happen to read all 3 books for the CEH that are listed on Amazon. The Sybex book, the EC-council book, and this book. By far, this book was the best out of the 3. The Sybex book was a waste of money as it wasn't as good as this book and it had even less depth. The EC-council book had a bit more detail in some topics, although it lacked cohesion and was poor at presenting the thought behind it. I think this book and the EC-council book compliment each other, and give you a pretty good idea of what you actually need to know. I would start with this book and finish up with the EC-council book and/or courseware. My reasoning is that you should set the foundation first and this book does that.

Also, as with hacking, google is an excellent resource. These two books won't be enough to fill all the holes, but the internet is a damned good filler.

In conclusion this book provides for pretty good preparation for the actual test, and is a comfortable read.

ABOUT THE TEST:

150 questions, you have 4 hours. I took only 2 and scored an 86%. 70% is passing. I studied for only two weeks, but have extensive background in the subject area.

The test is very specific, and you are expected to know the material in detail - NOT just concepts. The test is geared towards people with security experience, and the test questions are true to that purpose. It will be very difficult to pass if you:
1) Don't know linux
2) Don't understand Microsoft's OS and operations
3) never actually used any of the hacking tools

Linux is not a MAJOR part of the test, but there are enough questions on linux command line operations to make a difference.

Keep in mind, just reading alone will not let you pass this test. It is very important that you try out the most popular and important tools (firsthand!). You will be asked about specific commands, and be expected to know them. Know nmap, snort, hping2, tracert and tcpdump down cold. Know the ICMP codes and types. The only way you learn this stuff is to actually practice it.

This really isn't an entry level test at all. Even if you know all your stuff, the test isn't easy to pass. I'd strongly encourage that people take some practice with actual pen testing before they try this test (use vmware to simulate a target if you cant throw a home made lab together). If you don't actually try this stuff out, your odds of passing will plummet.

About 10% of the questions are what I'd consider bad questions - either they are unclear, or ambiguous or poorly word... Without violating the NDA - one of the questions parallel the following examples: Can you establish tcp sessions while spoofing your ip address? The answer is: it depends - are you sniffing the outgoing traffic? If so, then it is certainly possible.. otherwise there is no way you'll establish a tcp connection. What if the question doesn't specify, and the answer hinges on this? This type of ambiguous situation happened on at least 10 questions. This will lose you points right off the bat, because to no fault of your own you won't be able to determine the valid answers.

Good luck!

9 of 9 people found the following review helpful

5.0 out of 5 stars Better than Offical Material August 4, 2006

By Steve H

Format:Paperback

If your studying for the CEH exam or just want to learn more about ethical hacking and security this book is a must have.

I wish they would have included this with the course material as it's a better prep for the test. It also comes with a Linux ISO that has many of the tools used by ethical hackers and discussed in the book.

8 of 8 people found the following review helpful

5.0 out of 5 stars Better and Cheaper than offical book June 3, 2006

By Tech. Pro.

Format:Paperback

Does a very good job of going over all the CEH exam objectives in a clear and understandable way.

The test prep software is very helpful. Whenever you get an answer wrong it gives you a reference to the section in the e-book of where the answer came from and an Internet link to look up.

This book and the Anti-Hacker toolkit does a good job of getting you ready for the test.