Mastering the certified ethical hacker exam: Strategies and insights with Akyl Phillips

Cyber Work Hacks knows that you have what it takes to pass the Certified Ethical Hacker (CEH) exam! And you don’t have to do it alone! Infosec’s CEH boot camp instructor Akyl Phillips gives you his top tips and tricks for taking the exam! Phillips breaks down the common formats for CEH questions, talks common mistakes people make while taking the exam and why it’s not the end of the world if you fail the CEH on the first time (especially if you do it with an Infosec CEH/Pentest+ dual-cert boot camp). As Phillips puts it, first you have to get to know the beast, and that will allow you to slay the beast! Sharpen your tools and get down to business with this Cyber Work Hack.

0:00 - Certified ethical hacker exam
1:42 - What is ethical hacking and the roles using it?
2:46 - Tips and tricks for taking the CEH exam
3:32 - Tools to have before the CEH exam
5:09 - Common mistakes people make with the CEH exam
6:11 - What if I fail the CEH exam?
7:02 - Will I get CEH exam feedback?
7:49 - Best piece of advice for CEH exam day
8:55 - Outro

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Chris Sienko: 

CyberWork Hacks knows that you have what it takes to pass the Certified Ethical Hacker or CEH exam, and you don't have to do it alone. Infosec's CEH Boot Camp instructor, akil Phillips, gives you his top tips and tricks for taking the exam. Akil breaks down the common formats for CEH questions, talks common mistakes people make while taking the exam and lets you know why. It's not the end of the world if you fail the CEH on the first try, especially if you do it with an InfoSec CH Pentest Plus Dual Cert Bootcamp. As Akil puts it, first you have to get to know the beast, and that will allow you to slay the beast. So sharpen your tools and let's get down to business with this CyberWork Hack.

Chris Sienko: 

Hello and welcome to a new episode of CyberWork Hacks. The purpose of this spinoff of our popular Cyber Work podcast is to take a single fundamental question and give you a quick, clear and actionable solution or a new insight into utilizing InfoSec products and training to achieve your work and career goals. And that's what we're going to do today. Today on the show, I'm happy to welcome McKeel Phillips, infosec's boot camp instructor for our Certified Ethical Hacker or CEH certification. So for those of you who don't know, ceh is a massively popular cybersecurity certification that's aimed at bringing aspiring ethical hackers into a place beyond book knowledge and into industry recognized hands-on competency. So, as such, passing the exam puts you in a pretty high tier with potential employers. You know you're gonna rise to the top of that resume pile. That said, it's not an easy exam and it has a lot of moving parts, so I'm looking forward to having Akil walk you through some of his tips and tricks for taking the CEH exam. So, akil, thank you for joining me today and welcome to CyberWorkX.

Akyl Phillips: 

Thank you for having me, Chris, and I'm glad to be with you today.

Chris Sienko: 

My pleasure, that's great. Thank you for having me, chris, and I'm glad to be with you today. My pleasure, that's great. So, akil, the CEH certification from EC Council is well known as a solid certification for cyber professionals looking to work in a certain range of jobs that are gathered under the umbrella term of ethical hacking. So can you briefly explain ethical hacking and the types of jobs that ethical hackers do?

Akyl Phillips: 

Sure. So ethical hackers are our red teamers. They're our very own bad guys, if you will. Right, yes, you can't very well defend yourself against criminals if you don't understand the tactics and techniques that criminals are using. So ethical hackers are the guys that take all of those cybercrime techniques and they teach you about them and see how well your defenses actually work in a real skirmish, if you will.

Chris Sienko: 

Right yeah. So so when, when people talk about red red teaming, this is the, this is the type of schooling or you know, education that you need to learn to kind of get your foot in the door for those types of roles?

Akyl Phillips: 

Yeah, definitely. If you don't have a background in ethical hacking, you're kind of just shooting from the hip.

Chris Sienko: 

OK, yeah, that makes sense. So you've been, you've been steeped in the CEH exam and all the changes it's gone through, so can you tell our listeners your best tips and tricks for taking the CEH exam?

Akyl Phillips: 

Sure. So you definitely want to make sure that you get some practical knowledge right, and what I mean there is make sure you're doing some level of working with tools running through a methodology. There's several methodologies and you'll learn that in your course, but understanding the methodologies that are used, I think, is very key to making sure that you can actually remember and retain the information, because if not, it's a lot of information jam packed into a little bit of time when we talk about our boot camps.

Chris Sienko: 

Yeah, when we talk about boot camps, I mean, you know, this is something where you're going to be, you know, completely immersed in this for five days or however many days, and thinking about nothing but, and you're going to learn a lot. But it definitely helps to have a feel for that so that you're not just completely paddling around on that first day. What are some of the tools and the hands-on things that you should sort of have, you know, some familiarity with as you come in?

Akyl Phillips: 

Yeah, I would say definitely. If you aren't familiar with tools like Nmap, I would recommend that there's going to be a lot of port scanning, a lot of reconnaissance. I don't think that the tools matter as much as understanding of what the tools do, right? So once you can say well, I need to do reconnaissance, so I'm going to grab DNS Anom or DNS Recon and then bring those things in, that's really when you know you're getting ready for this exam.

Chris Sienko: 

Yeah, you mentioned the creating a methodology. So the important thing here, I suppose, is that you, if you see a situation that it's not like you just instantly like run through all of the tools that you know and see what happens, but like you're able to sort of like plan your attack out a little bit, um, and and there's probably sort of more of an emphasis on people wanting to know, like how you did it, uh, or how you, how you thought to do it, rather than how you did it yeah, I think it's.

Akyl Phillips: 

um, I think this is like the digital version of working out or working with your uh dad that does like carpentry or any sort of tools, and there's a right tool for every job.

Chris Sienko: 

Mm, hmm, yeah, and that makes sense, and, and, yeah, and if you bring them the wrong tool, you're going to you're going to get hollered, yeah, so, so yeah, based on feedback you've received as a boot camp instructor, what are some of the more common mistakes people make with the CEH, either in the preparation leading up to it or on exam day?

Akyl Phillips: 

I think the biggest mistake in all of the boot camps that I teach is really just anxiety. Right, we have a whole lot of like build up towards the exam. We kind of create the exams as these big villainous dragon monsters and you know it can be really scary. And the truth is, you know, to the best of my knowledge, most people don't pass away after taking the exam. You don't leave with grave bodily injury, so you're going to be fine. And you know a failure isn't the end of the world. Right, and that's something I try to get through to people as well InfoSec has the best pass rate in the industry, but failing is not the end of the world.

Chris Sienko: 

Yeah, yeah, it's, yeah, it's, it's. It's neither completely beyond you, but also not, yeah, not something you can't recover from. So to that end. So what is your advice? If you finish the exam and find out you didn't pass, like what do you? What's the next step? You pick yourself up, dust yourself off and start climbing the mountain again. Like where do you? Where do you start in? In sort of giving it another shot?

Akyl Phillips: 

I would say definitely. If you're coming out of a boot camp, you just did five days of familiarizing yourself with the information. If you took it right away, now you have a one up, right, you know exactly what the beast looks like, right? So I would say, give yourself another week or so, another five days of preparation on your own, polishing the spots that you know are a little bit rough, and then go right back into it, because knowing the shape of the monster completely changes the way that you approach it.

Chris Sienko: 

Yeah, yeah. I can't count the number of times I've been, I've taken a test and I've gotten answers wrong, just because I didn't understand the methodology of how the test was run. Like you don't understand, oh, two, two answers are possible, or you know, or whatever. So and I okay. So I want to ask about CEH. I was speaking to another one of our bootcamp instructors yesterday about CCNA and does the CEH sort of give you a sense of what? Is it just a pass fail? Or do they say you were not especially strong in these domains? Do you have a sense of what you need to like study harder on?

Akyl Phillips: 

They're really great at giving feedback, so they do give you a breakdown of what you need to study a little bit more, but they also tell you exactly how many questions you got right, which is different than a lot of exams.

Chris Sienko: 

Okay. Well, to wrap things up, Akil, what is your best piece of advice for exam day?

Akyl Phillips: 

Best piece of advice for exam day is for exam day. Uh, best piece of advice for exam day is I guess I got to go back to the anxiety is, um, people who are in much more tumultuous uh situations do well on these exams. So count your blessings before exam day, right? Uh, I just had a bootcamp where, um, right after the guy passed, he looked at me and said, hey, I was sleeping in my car all week, right, and I was like wait, what? So? You know, there are stories like that where a lot of people can find themselves wrapped up in the anxiety. But if you can, you know, project yourself in another person's situation, is it the worst that it could possibly be? And if you can succeed under these conditions, what does that say about you? What does that say about how you know resilient you actually are?

Chris Sienko: 

Wow, that's awesome. What a great story. Well, akil Phillips, thank you for giving us a solid game plan when it's time to take the CEH exam.

Akyl Phillips: 

Thank you for giving me the opportunity.

Chris Sienko: 

My pleasure and, as always, to our audience. Thank you for watching this episode and if you enjoyed this video, you're taking the CEH or you're studying it, you feel like this helps you. Please share it with your colleagues. Any forums that you're on or any social media accounts that you have, you know, let people know that you're getting some benefit out of this and definitely subscribe to our podcast feed and our YouTube page. If you type in Cyber Work, infosec into any of them, we'll pop up pretty high at the top there.

Chris Sienko: 

So there's plenty more to come, and if you have any topics you want us to cover CEH or otherwise just drop them in the comments below, and I like to read them all and we will get to them all eventually. So until next time, have a great week and happy learning. Hey, if you're worried about choosing the right cybersecurity career, click here to see the 12 most in-demand cybersecurity roles. I asked experts working in the field how to get hired and how to do the work of these security roles so you can choose your study with confidence. I'll see you there.

Subscribe to podcast

How does your salary stack up?

Ever wonder how much a career in cybersecurity pays? We crunched the numbers for the most popular roles and certifications. Download the 2024 Cybersecurity Salary Guide to learn more.

placeholder

Weekly career advice

Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Booz Allen Hamilton, CompTIA, Google, IBM, Veracode and others to discuss the latest cybersecurity workforce trends.

placeholder

Q&As with industry pros

Have a question about your cybersecurity career? Join our special Cyber Work Live episodes for a Q&A with industry leaders. Get your career questions answered, connect with other industry professionals and take your career to the next level.

placeholder

Level up your skills

Hack your way to success with career tips from cybersecurity experts. Get concise, actionable advice in each episode — from acing your first certification exam to building a world-class enterprise cybersecurity culture.