r/CEH

Does experience with TryHackMe and a degree/ certification help one land an entry-level cyber job?

Hey everyone,

Just wanted to share that I officially passed the CEH exam. It’s been a long road of studying, but I’m glad to finally have this one in the bag.

I know there is a lot of debate on here about how to prepare, so I figured I’d share a quick no-fluff breakdown of what the actual experience was like for me:

The Question Style The exam is 125 questions and they cover a massive amount of ground. It’s not just about knowing the tools it’s about knowing the specific flags and the logic behind the attacks. You really have to be able to look at a snippet of code or a scan result and immediately know what’s happening.

What worked for my prep:

Deep Dive into Tools: I spent a lot of time on Nmap, Wireshark, and Metasploit. You can’t just skim these. You need to know the specific commands.

Practice Exams: This was the most important part for me. I used CertsTopic for my practice runs, and it was a lifesaver for getting used to the way the questions are phrased. It helped me find the gaps in my knowledge especially in areas like cloud security and cryptography before I went into the real thing.

YouTube Walkthroughs: I found some great walkthroughs on YouTube that showed the actual lab environments. Seeing the tools in action made the theory a lot easier to remember during the test.

Final Advice: Don't rush. The questions are designed to trip you up if you move too fast. Read the full scenario, eliminate the obviously wrong answers and trust your training.

If you’re currently in the middle of your study plan and have questions about specific domains, feel free to drop them below. Happy to help out where I can!

I've been working on a small interactive lab for people who are new to nmap and basic enumeration.

It simulates scanning a metasploitable host in the browser. No VM setup is required and no real traffic leaves is sent. The lab covers host discovery, port scanning, service enumeration, NSE scripts and flag style questions based on scan results.

It's aimed at beginners so I added hints through guided popups, objectives and a more visual representation of the information learned.

Before I build out the lab with more hosts and network pivoting I'd really appriciate feedback from people who teach or are learning cyber security.

Do the objectives feel like they're in a sensible order?

Is anything misleading compared with real nmap?

Is the guidance too hand holdy or not enough?

Link: https://sigmaiota.uk/student-resources/scan-lab/

No signup, no tracking wall, just free browser lab.

Enjoy! :)

I feel like this cert is turning into a cash grab . Scenarios that are supposed to be realistic must have appropriate options but you must choose "the most appropriate "ones right?. Guess what its not that . I say this after failing my first attempt as well as second. I thoroughly studied after my first attempt only to score lower somehow. I feel CEH tries to be realistic but loses the actual impact of why even it exists, and no Im not saying this as a loser post, I genuinely feel this cert needs major reassessing because the scenario questions are long but not enough detailed to actually say a certain option is better over the other . You'll be gambling on one and only for it to end up as wrong .

This cert is genuinely traumatic and to anyone planning on buying it , go ahead only if you can afford it. There are other certs which have much more sanity when it comes to existing.

FYI my scores for 1st attempt was 8X and second was 7X , both required 90 to pass.

Wish EC council understood its own goals.

If my sanity remains and I god forsakenly decide to take up a retest I hope I make it.

Is there cybersecurity certificates that has same exam materials of CEH and same type of questions in exam which is scenario based questions?

Being able to quickly filter through a massive pcap file is a skill that will save you a lot of time on the exam. I spent a few hours just practicing different display filters to isolate specific types of traffic like TCP handshakes or suspicious DNS queries. Understanding how to look for anomalies in the packet data is essential for the scanning and sniffing portions of the curriculum. The more comfortable you are with the tool, the faster you can identify the "smoking gun" in a simulated attack scenario. It is a practical skill that translates directly from the study material to real world analysis.

Failed CEH today, 77% (96/125 correct) passing score was set at 80%. I only studied for 10 days. Kinda bummbed but the transript shows the weak modules.. trying again in 1 week