How to prepare for CEHv12 Practical Exam
Hello everyone, My name is Kartik Dixit. Recently I have successfully achieved my Certified Ethical Hacker (CEHv12) Practical certification. In this blog, I will be sharing some of the examination preparation tips to pass CEH (Practical) and my examination experience.
About the Certified Ethical Hacker (Practical):
The Certified Ethical Hacker (CEH) Practical is an extension of the CEH certification offered by the EC-Council. Unlike the standard CEH exam, which focuses on testing candidates' knowledge of ethical hacking concepts and theories, the CEH Practical exam assesses the practical application of those concepts in real-world scenarios. Here are some more details about the exam:
Examination Platform: iLab (Browser-Based)
Number of challenges: 20
Passing Score: 70% (14 out of 20)
Exam Duration: 6 Hours
The exam is fully proctored using GoToMeeting Software. You will need to turn on your webcam, microphone, and screen sharing. You will get 2 machines (Parrot Security OS and Windows 11). You can access the parrot OS machine using your web browser and for accessing the Windows machine you can use Remmina (Remote desktop client). This exam is an open book exam so you can use Google for help but you can not contact people and also you cannot use mobile or dual monitors. There will be 20 challenges in the exam and for each challenge you have to find the flag and submit it, you will get only 5 attempts to submit the correct flag. Make sure to have a good and stable internet connection during the exam.
Preparing for the Exam:
Preparing for the CEH certification exam was not much difficult for me as I was already having some prior experience in solving capture the flag challenges, solving TryHackMe rooms and HackTheBox machines. If you are a complete beginner then cracking the CEH Practical exam might seem daunting, but with dedication, the right approach, and consistent effort, you can easily crack the CEH practical exam. So, during the preparation phase, I practiced the lab activities on the iLab platform provided by EC-Council. I will also suggest you to take iLab, if you can afford it. If you can not afford iLab then try to solve some TryHackMe rooms and practice some easy HackTheBox machines. Also, try to practice all the tools listed below:
- ping
- nmap
- tracert
- Netcat
- Wireshark
- Angry IP Scanner
- Metasploit
- Zenmap
- hping3
- Advanced IP Scanner
- nbtstat
- ADExplorer
- enum4linux
- Nessus
- Nikto
- dirbuster
- responder
- john
- Hydra
- Medusa
- ophcrack
- RainbowCrack
- msfvenom
- Cain & Abel
- BurpSuite
- Zed Attack Proxy (ZAP)
- WPScan
- SQLMap
- aircrack-ng
- snow
- OpenStego
- QuickStego
- cover_tcp
- High Orbit Ion Cannon (HOIC)
- OllyDBg
- Detect it Easy (DIE)
- autoruns
- regshot
- HashCalc
- MD5 Calculator
- Cryptoforge
- BCTextEncoder
- CrypTool
- VeraCrypt
My Exam Experience:
I received my CEH practical exam voucher on 12th June. I scheduled my exam for 11th July 2023 at 4:30 PM IST. So, on the exam day, I logged in to my Aspen dashboard and started waiting for the meeting. After waiting for few minutes, I received a link for GoToMeeting. Once the meeting started, the proctor explained to me some rules and then he checked my table and room environment. After that, he asked for identity proof for identification. After all this process, the proctor started my exam.
In the exam, I was given three networks, so I started my scanning phase and scanned all three IP subnet using Nmap. I started taking notes of all my findings. After the Nmap scan, I started finding the flags for each challenge.
Before giving the exam, I also heard some of the people saying that there was an update in the syllabus after April 2023 and they were getting different questions from different topics which is totally dependent on CEHv12. And yes, it was right there were challenges from some new topics like RATs, Privilege Escalation, malware analysis, and IOT hacking and questions from previous topics were also updated and they were not so straightforward. But if you have practiced the iLabs provided by EC-Council then, you will not face much problems.
Here are the topics that were covered during the exam:
- Network Scanning
- Vulnerability Analysis
- System Hacking
- Web app Hacking
- Android Hacking
- Wireless Hacking (Cracking Wi-Fi password using handshake file)
- Privilege Escalation
- Cryptography
- Steganography
- Malware Analysis
- IOT Hacking
After I completed my exam, the proctor directed me to my Aspen dashboard and told me to download the transcript and the certificate.
Verify Badge | ASPEN (eccouncil.org)
Some Important Points:
First, begin the Nmap scan on all the subnets and in the meantime read all the questions carefully.
Try to solve some of the tryhackme rooms and hackthebox Machines.
If you are not able to solve any of the challenges or it is taking more time, then move to the next challenge. After completing other challenges, go back to that challenge that you missed.
In the learning phase do not skip any of the modules. At least learn how to use all the tools. I will suggest you to practice the iLab provided by EC-Council. It will help you a lot.
At last, if you face any issue in solving any challenge, then remember that Google is your best friend.
