Monday, April 27, 2015

How to prepare for Certified Ethical Hacker exam (CEH v8.0)?

Hello all. This blog will give you a fair amount of idea on why & how to prepare for this really good certification, Certified Ethical Hacker (312-50) (CEH v8.0).

As far as information security, network security and/or cyber security,  is concerned there is no boundary as such which defines the scope of overall computer security.

Information Security, mostly deals with the security of computer information(data in the form of anything, e.g. emails, text files, critical documents, databases etc.). Network Security, talks about securing your network devices(routers, switches, firewalls, IDS/IPS, etc.) which are a critical need in establishing an organization.

Cyber Security is a generic term which defines the security of Information, Networks, Cloud, Mobile, etc.

Why should you prepare for this certification?

Well, you don't really need to pass the exam unless your organization wants you to. But I would recommend reading all the topics in details. This would give you an excellent idea & will improve your basics on anything related to security. The study is mostly theoretical but you can relate it to real-time experiences or try to hack into your system.(Remember the warning in WWE fights. Similarly, Do Not Try to Hack Into anybody's space/computer/ipaddress.)
You can always setup labs, like Virtual Machines & run the vulnerable Operating Systems inside of it.

So, the answer is simple, want to learn hacking? This is a good way to start learning the basics of computer/cyber security.

Should I join a coaching institute? 

I would recommend joining a good reputed coaching institute(unlike as in CCNA, I said No).
Reason being, there won't be much difference for the fees you would pay if or not you join coaching classes. CEH v8.0 exam costs are $ 500 (~30000 Indian Rupees). You can easily get CEH coaching classes of at around INR 35000, inclusive of exam fees and official CEH books along with 6 DVDs that contains around 30 Gb of hacking tools.
Note: Do not try the tools, just like a small kid. Learn them & understand their significance. Try to analyse their behavior or the kind of work they do.

How should I prepare or study or learn?

As I said, join a coaching institute. But the fact is they will teach you, like you're in a bullet train running in around Europe. The classes usually contains 40 hours of learning(can be 5 straight full days or 2 hrs a day for 20 days).
They will walk you through the fantasy world of computer security, hacking etc. They might even talk you about hacking movies you need to watch. Guess what? Only for fun.
Do your home work, study the books the same day. Or you'll forget everything, if you are newbie into this field.

One main reason why you should join classes is, you will get to know the real world experience from the teachers or students(who may be already working with IT companies).

What are the important topics or ares?

Everything in the book & beyond. That's it.
Passing an exam wouldn't be tough if you go through the book just once. But if that's your ultimate motive, I would advise you to drop the idea of learning.
If you're well-verse with security thing, below are the chapters you should concentrate on:

  • System Hacking 
  • Sniffing
  • Denial of Service
  • Session Hijacking
  • Hacking Webservers
  • Hacking Web Applications 
  • SQL Injection
  • Hacking Wireless Networks
  • Hacking Mobile Platforms
  • Evading IDS, Firewalls, and Honeypots
  • Buffer Overflow
  • Cryptography
  • Penetration Testing
Every single chapter in this book is like a drop in the ocean. Learn well.


How to schedule exam?

Exam consists of 125 MCQs, you need just 70% to pass the exam.
As long as you are taking classes from an institute, you don't need to worry. Mine was the same case. If you want to know how to schedule it, write in comments, I'll update this section.

Before I windup, I would like you to go through below websites/links. Email me if you have specific requirements.

Official website for CEH & related details
How To Become A Hacker? I love this article and the way he summarizes everything related to hacking or being a hacker. To read the article, it would just take some 20-30 minutes. But it will take years of practice to be one.
Interview with a Blackhat. Read all the 3 parts of this interview based article. I'm sure you will like it.
Subscribe to this facebook page of OpenSourceForYou.

Did i left anything to mention? Let me know your experience & suggestions in comments section.

Sunday, March 31, 2013

How to prepare for CCNA (640-802 or 200-120)

Hello all people out there. This blog will give you an overview on why you should have CCNA certification & how to prepare for it.

CCNA as everybody knows is Cisco Certified Network Associate.
This is a very first certification you should be learning for, if you're working or have any plans to work in below IT fields:

  • Network Engineering
  • Network Administration
  • Network Security
  • Information Security
  • IT help desk
Additional areas may include any IT Operations or IT or ITES Jobs also. 

So, the question is why CCNA?
Learning CCNA would give you very basic understanding of certain things, like "how a data packet travels in a network", "basic fundamentals of network & related technologies" & "how all these things fit together".

Should I join a coaching institute?
If you can read a book at your own & know English language well, I wouldn't advise you to take up any coaching classes. In a place like Bangalore any average institute will ask for no less that Rs 13000 to any where at Rs 30,000.
So if you do not have enough money, I'm giving you a money free advice(though you've to buy a book at least). 
The advantage of joining an institute is that you get same set of people preparing for same thing, hence everybody talk the same stuff. You can find the same environment, but you've to go search online forums or your friends to discuss the things you don't understand.

How should I prepare?
Easy, just follow these steps:
  1. Buy this book "CCNA - Cisco Certified Network Associate: Study Guide (With CD) 7th Edition" by Todd Lamle. Publisher: Wiley India Pvt Ltd.
  2. Get the CCNA videos(buy it or download it from torrents) of CBT Nuggets by Jeremy Cioara.
  3. Download software Cisco Packet Tracer or GNS3 for certain practical labs.
  4. Go through every single question of this website http://www.9tut.com/
  5. Join CCNA groups/forums on http://learningnetwork.cisco.com
  6. Finally get the exam dumps at http://www.examcollection.com/cisco_exams.html 
How should I study?
  1. Revise the CCNA book at least 2 times with all the exercises & practical labs.
  2. Watch the CCNA videos & understand the basics of what trainer wants you to learn.
  3. Simulation practicals must be done 3-4 times, so that you remember commands by heart, because there comes a time when certain commands do not run in exam simulator. Try not to use TAB because in exam you need to type all the commands.
  4. There are certain exam dumps with higher rating, download them & learn all those different 600+ questions. Don't cram answers, instead learn what's the reasoning behind the answer.
  5. If you've any question post it in online forums or else put comment on this blog. I'll find answer to your query.
Important topics or areas:

  1. Basics of networking, Ethernet, TCP/IP & OSI layers.
  2. IP addressing, subnetting, VLSM, summarization(very imp.).
  3. Cisco IOS basic commands & managing Cisco Internetwork(advance commands).
  4. IP routing, EIGRP, OSPF, Layer 2 switching & STP.
  5. VLANs, ACL, NAT
  6. Wireless, IPv6 & WAN
If you know the syllabus of CCNA, you would be wondering that I've summarized all the topics. Didn't I?
Yes, these topics do not only help you pass the exam, but will play an important role in your day to day work life while you work for an organization.

How to schedule exam?
  1. Create an user account on http://www.pearsonvue.com/cisco/ with a valid email ID that you would like to use to track all your Cisco certifications. While creating an account pearsonvue will give you a Cisco ID which will be unique for you and will associate with all your future Cisco certifications.
  2. Schedule exam CCNA (code 640-802). 640-802 is a CCNA v1.0 exam that is going to expire on 30th Sep 2013. After 30th Sep you've to choose CCNA v2.0 (code 200-120) only and it will have certain new topics into the syllabus.
  3. You will have the option to choose the test centers.
  4. Currently the exam cost is $295 is likely to increase in future as more people are interested in it.
  5. Pass percentage varies from 82.5% to 85% depends on the difficultly level of exam.
There is certainly no thing left to tell you about CCNA, oh except the credibility it holds for everybody. I have given enough tips to pass the exam. The last thing I would say is "it's not a school or college exam for which you need to just pass the exam". Take your time & prepare honestly, since this will make you a good professional.
As 60-70 % of market is using Cisco's networking equipments different certifications like CCNA, CCNP & CCIE in various disciplines(e.g. R&S, Security, Voice, Design, Wireless etc.) will help you get the job, high salary, indeed a good career. Rest is all what you want out of yourself.

Comments & compliments are most welcome, if you feel like I've missed anything, please comment. I'll certainly try to update this blog.

With that saying, I wish you all the very best for your first Cisco certification.

Note: You can also get CCNA certification by clearning two exams ICND1 & ICND2 but I didn't discuss it since I believe you've enough knowledge to clear it in a single shot.