CEH Practical Review – How to Prepare for the Exam

Reading Time: 9 minutes

It all started a few months ago, when I got an email from the EC-Council, that (once again) congratulated me on passing the CEH exam. As I scored high enough (91%) on the CEH Ansi exam, I was gifted with a CEH (Practical) exam voucher. As the discount was significant, and the Practical voucher was way cheaper than the “classic” exam, I’ve decided to take a risk and to try to pass the CEH Practical. And now here I am – sharing my CEH Practical review with you.

My background

My background at the time of taking the CEH Practical

Everyone having enough dedication and being patient enough has a chance to achieve anything. However, it is crucial to understand your potential and to decide if you are willing to put the effort to gain the experience you set as a milestone. If you are just starting in cyber security, you might want to get solid IT basics before taking the CEH (Practical) exam.

In this article, I am going to share my personal CEH Practical experience that will provide you with some resources on how you can get ready for the exam However, tips and references from me might or might not be enough for you to pass the CEH Practical. As everyone has varying skills, experience, and IT backgrounds, there is no magic book or course that would guarantee that you will pass.

Well, okay, maybe this is a bad exam to use as an example for this rule. Actually, there is a method that increases your chances of passing the CEH Practical. But more on this later.

Before starting with the advice, that I will shortly introduce myself:

  • I am graduate of Vilnius University where, during the IT studies, I gained pretty strong basics of many IT areas (programming, networking, cybersecurity, etc.)
  • Currently I am working as a penetration tester, and I have more than 2 years of experience working as a QA engineer, and as a penetration tester.
  • I am holding CompTIA Security+, and CEH certificates.
  • During the last 2+ years I spend a lot of my free time learning various cybersecurity topics.
  • Las year I had participated in an international cyber exercise, that was 2 weeks length.

As I had different experiences in IT areas, I am familiar with a variety of different things. Even though the background helped me to prepare for the exam more easily, the great news is that even if you do have less experience than me, with enough effort, you will be able to pass the CEH Practical.

Why do people take the CEH Practical exam?

It is true that there are different cyber security exams. Most of the exams cover similar cyber security areas and focuses on the standard examining approach. However, there are fewer practical exams, that require solving actual tasks. CEH Practical is one of those exams that test your abilities. Let’s discuss the reasons why people decide to take the exam:

  • EC-Council is a known name.
  • The exam is often discounted (either you can get a discount after passing the CEH Ansi, or get a scholarship, that are announced by EC-Council once in a while).
  • Loosely speaking, it can be called as a simplified version of OSCP, so it is a great practice before trying something harder.

The actual exam

After a brief introduction, let’s continue with the actual CEH Practical review.

As far as I know, the only way to take the CEH Practical is with the proctor. I did not found an option to take the exam in Pearson or another center, as it was with the CEH Ansi. But if there was this option, I would have chosen it, even if it cost more. Even though the thought of taking the exam from my home, having the camera on, was daunting at first, after I taking the exam I realized there is nothing to worry about.

Everything starting from scheduling the exam on the ProctorU platform. After I found and booked time for my exam, I had a chance to test my hardware by visiting a test page of the Exam Specialists platform. My hardware passed every test (microphone, camera, OS, bandwidth), except the Port test. I am not sure what it is about, but I can guess that it checks if you have LAN cable connected. As I used the WiFi, I did not received the “Check” for the test. But it was not stated that there is any problem with that (I did not received X either).

Testing the equipment for CEH Practical exam

After the exam day came, I connected to the same website I used for scheduling the exam and started the exam. I had to download the software and I had to launch it on my computer. I used Windows for the exam, even though I am usually a Linux user (but I have dual boot on my personal laptop). Shortly after making the necessary steps proctor connected and explained other steps for starting the exam. After the initial greeting, we decided to talk on the chat, and not by voice. This was easier for me personally to understand the rules.

One of the first things the proctor asked me to do, was to rotate my camera and show my room. There was nothing suspicious in my room (the day before the exam I moved a lot of my stuff from the room), so we proceeded with the identity check. I had to show my ID to the camera.

After that, the exam had started. I got access to the environment and started solving tasks. Sadly, this is the part where I have to stop telling my story, as leaking information about the actual exam is against the rules.

How hard was the exam?

I would say that it was not very hard. It is true that it takes some effort to finish it, as there are 20 tasks and it takes time to solve all of them. But these tasks are not hard – if you have the knowledge and skills, you will manage to finish them.

It took me 4 hours to finish all of them. And I passed with a score of 18/20.

How you can get ready for the CEH Practical exam?

There are a few tips I can give you that will help you to pass the CEH Practical:

  • Get familiar with the exam and exam taking procedures – start by reading the official page. Understand what type of exam is this, and what to expect from it.
  • Google everything – from CEH Practical success stories to failure stories. One of my biggest advices would be to spend significant time on the CEH subreddit. Search for the CEH Practical topics, filter by the ones having highest rating, and note every single advice you will find. You will have a lot of information that will give you clues of how should you prepare. But have critical thinking mode on, and don’t trust everything you read there.
  • If you can afford it – buy iLabs – this is something I came across many times while I was making my research about the exam. Having the access to iLabs, and finishing everything that’s on the platform will make you ready for the actual exam. Also, even if you read only the official Ethical Hacking and Countermeasures Lab Manual, that comes with the iLabs, this will give you a solid knowledge for the exam.
  • Practice on vulnerable apps – theoretical knowledge would not help in this exam. You should try everything you learn. For this purpose I recommend you creating Parrot OS on Virtualbox, spinning some vulnerable app, and trying different tools of the Parrot OS.
  • TryHackMe is the way to go – it has plenty of free rooms that will teach you how to use Nmap, Metasploit, Wireshark, John the Ripper, Hydra, Wpscan, steganography tools, and all the other tools that are needed for a penetration tester and someone willing to pass the CEH Practical exam. You can easily find the specific rooms on the TryHackMe platform. And then there are rooms that requires to combine the knowledge of various tools: Pickle Rick, Brooklyn Nine Nine, Anthem, Agent Sudo CTF, Kenobi, Avengers, etc. These are my favourites, I even wrote walkthrougs explaining them (Pickle Rick, Kenobi, Vulnversity, Brooklyn Nine Nine). But again, these are just examples, there are many many more. There is no recipe that if you solved X and X rooms, you will gain all the knowledge. Feel free to explore different rooms.

Gaining the knowledge and skills needed for the exam is necessary, but you shouldn’t forget to take care of the technical things.

  • Check your hardware. For the proctored session, you will have to install the software that will allow the proctor to monitor your machine. Make sure you will be able to run this software, also make sure you have a webcam and microphone as they will have to remain turned on during the whole exam. You can find more rules on taking the exam remotely on the official page.
  • Make sure there is nothing in your room that is banned according to the exam taking rules. You can’t use external screens, there should be no additonal devices, no secrets iPads on the walls. And again, refer to the official website for the complete list of rules. You will be asked to rotate your camera and show your room, so make sure you got the room ready so that you won’t have to get stressed if proctor asks to remove this or that from the room.
  • If you will be taking the exam from home – warn your family that you will be taking an exam during specific time. There is nothing worse than getting the exam suspend after someone walks in the room.

CEH Practical vs OSCP

Before making the final decision if you should take CEH Practical or OSCP, you should understand the key differences between them.

 Experience requirementsTest lengthValidityPrice
CEH PracticalNone6 hours3 years550 USD (but if you are lucky to get the discount it is 100 USD)
OSCPNone24 hours hands-on exam + 24 hours to submit the reportDoes not expireStarting at 999 USD (30 days lab access)

Even though both of the exams are hands-on and requires practical skills to pass, OSCP is way harder than the CEH Practical. Offensive security is known for its rigorous exams, and even though CEH Practical is not that easy and requires knowledge and skills, OSCP is in another category. Another EC-Council exam, LPT (Master), might be an alternative to OSCP. I am not familiar with this exam, but there is a review of someone having both certificates, LPT and OSCP.

On Reddit or various forums, you might often see that the CEH Practical is often called as an easier version of the OSCP. While I had not taken the OSCP exam yet, I believe this is true. You will pass the Practical exam if you will put enough effort into learning tools and methodologies covered in the official material. But, according to the various reviews, OSCP requires more than that. It requires thinking out of the box. And the fact that the time frame for solving the OSCP tasks is 4 times bigger than the Practical’s, speaks for itself. However, the OSCP costs more, unless you are lucky to get the voucher.

Are CEH exams still prestigious, and is the CEH Practical worth it?

It is true that EC-Council once in a while gets criticism from the community. And there are reasons behind this criticism. Recently there were a few incidents – plagiarism by EC-Council, and sexism in their advertisements. And sadly there were similar cases in the past.

So, how about the worth of the EC-Council certificates?

Apparently, it seems that these exams are very disliked by the cyber security community. And often, discussions on social media about the certificates involve stigmatizing CEH.

I am personally annoyed by the public opinion about the CEH Ansi, and the EC-Council as an organization. It receives so much hate, that you might even want to hide the fact that you have the CEH certificate. There are even stories that having a certificate will lower your chances of getting a job.

No matter how CEH and CEH Practical exams are perceived, it still requires effort to pass them. It requires spending months preparing for the exam and spending a significant amount of money on it. And in the end, being looked down for holding it does not seem to be fair.

Also, CEH is approved by DoD, so it does hold value. But what is worth noticing, that CEH Practical is another exam and it is not on the DoD list.

Talking about the CEH Practical, one of the thing about this exam is that there are no CEH practical dumps (the term “exam dumps” refers to questions and answers of the actual exam. Using dumps is illegal and can get your certificate suspend).

It means that if you want to pass it, you should really know what you are doing. Memorizing the answers is not an option, as there is nothing to memorize – either you can solve the given task, or not. This gives the exam extra value as the main argument against CEH, that you can memorize terms and tools, and you will pass, is not valid for the Practical.

So, in conclusion:

  • CEH Practical is a hands-on (not theoretical exam), so if you want to be a penetration tester it might be your first step.
  • Practical is cheapier than the CEH Ansi – discounted it costs 100 USD.
  • It is not a walk in the park, so you still have to put effort into preparing for it.

Final words

If you can afford to take CEH Practical – do it. You don’t know what doors it might open in the future. This is also an interesting exam that you will enjoy taking. And if your next step is OSCP – this is a great exercise. I hope that CEH Practical experience I am sharing will be useful to you.

Leave a Comment