Wednesday, February 20, 2019

CEH 9 From uCertify

Security is a never ending cycle with so many new threats everyday. Attackers are always looking for vulnerabilities and new exploits are available on daily basis. People nowadays are at constant threat of malicious codes and 0-day attack. Using the latest version of application is no longer enough as the attack vectors are coming from every side of your machines. It could be from applications, operating systems, networks, email, etc. One single hole could damage your reputation, business, and personal image. Defending assets is definitely an important priority, both as personal and organization.

One of the most popular security-based certification at this moment is CEH (Certified Ethical Hacker) from EC-Council. This certification will teach every aspect we ever need to learn about security but in ethical manner. Their famous slogan is "To beat a hacker, you need to think like a hacker". In this program, students will learn a lot of attacking methods and techniques equipped with sophisticated tools known by most attackers to exploit system's weakness. By the end of the course, students use the knowledge gained to protect their assets.

Getting a CEH certification is definitely not an easy task. The materials is always updated on every version (version 10 is the latest one at the time of this writing) and you have to complete 125 questions in 4 hours and achieve the passing grade of 70% to get the title of CEH. There are 20 core modules and more optional modules to learn in this course.

If you are planning to get CEH certification in short time, there's a prep kit from uCertify for CEH v9 that comes with multiple lessons, practice tests, and performance-based labs in order to simulate the real exams. This prep kit also comes with 100 pre-assessment questions that can be used to measure your readiness into taking the real exam. I tried to take the pre-assessment for demo purposes and finish small number of questions but i didn't finish all the questions and it shows me the percentage in the right hand and also some rough estimation on how long until i can reach 100% score. It's a good way to indicate whether we are ready or not before continuing to go further. The questions in the pre-assessment covers basic and technical problems, ranging from social engineering, cryptography, network security, malware, web security, cloud security, mobile security, and many more.

Next is the lessons. The materials is sorted according to the CEH outlines so students will learn the same way of the real certification materials and on each topic, it has sub quizzes, exercises, and labs (not in every topic has it).

Each quiz have different questions and there are 3 ways of doing the quizzes. First one is getting feedback on every questions. This is a good way to check your answer and directly get a feedback about the answer, including which chapter it relates in the material list. The second way is a normal test just like in the pre-assessment and the last one is for review only, so it will show the answer directly and you can learn from each questions. After ending the test (normal or prematurely), there's always a progress report showing your scores so you can assess which part you are lacking and your strong points.

Next is labs. They have prepared a lot of labs that can be used to enhance your understanding and be able to try it in real scenario under a virtual machines. Most of the labs are done under Kali Linux, a special Linux distribution created for penetration testing environment. It can be installed on bare metal or in virtual machines (both VMware and Virtual Box images are available in the Download page). If you can't download them, use the online version provided by uCertify.

I must say i'm impressed with how uCertify prepared the labs for this kind of certification. You can play with the virtual machines on your desktop just like how you would play it on your virtual machine or your real hardware. It's a big advantage for those who can't afford to install virtual machines on their machines or need some time to getting familiar with Linux before installing it on their own machines.

Last one is practice tests where you can test your knowledge to 250 questions simulated test environments. Your goal is to master them all, but keeping it at your pace. You can stop at any time and continue later when you have time.

Overall, i'm happy with this prep kit. uCertify has done a great job on preparing students to prepare themselves to get CEH certified with their excellent prepkit. I would suggest you to take this course seriously if you are considering to plunge into security area.