Showing posts with label revision. Show all posts
Showing posts with label revision. Show all posts

Wednesday, 3 June 2015

The 5 best CEH certification books 2015


By Sarah Morgan


Cyber-attacks are now ranked amongst the top 10 global threats to your business, a survey from Aon Solutions revealed this week. It’s no surprise – security breaches can cripple your business infrastructure, leak private customer data and destroy your organisation’s reputation.

The IT security field is expected to grow 37% by 2022 and many security professionals are now taking the offensive and building their white hat hacking skills with EC-Council’s CEH certification.

The CEH v8 certification is an advanced certification, and to conquer it you’ll need to prove your expert white hat hacking knowledge. To help you do just that, here are our 5 best CEH certification books for 2015…


CEH: Certified Ethical Hacker Version 8 Study Guide – 14 Oct 2014
ISBN-13: 978-1118647677

Sybex’s Certified Ethical Hacker Version 8 Study Guide is perhaps the most popular preparation tool for the CEH certification.

The guide boasts a concise, easy-to-follow approach to the certification that covers all exam objectives with examples and hands-on exercises.

You’ll study everything you need to pass the CEH exam – including cryptography, footprinting, trojans and covert channels. Also included is a companion website, stuffed with study tools like practice exams, chapter review questions and electronic flashcards.

The guide is useable in both classroom and self-study scenarios. Plus, an average user score of 4.2/5 stars across Amazon (28 reviews) ranks this as one of the most sought-after books on our list.

Available in:


CEH Certified Ethical Hacker Bundle, Second Edition (All-In-One) – 1 Oct 2014
ISBN-13: 978-0071835572

A popular CEH revision guide from Matt Walker - a man with so many certifications after his name he makes the alphabet feel insecure.
Billed as a money-saving self-study bundle, this comprehensive package includes massive amounts of content:

  • CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition
  • CEH Certified Ethical Hacker Practice Exams, Second Edition
  • CEH Quick Review Guide

The All-in-One exam guide is your primary asset for CEH certification success. Inside, you’ll find complete coverage of all CEH exam objectives and topics.

Reviewers cite a desire for a greater focus on policy questions. Despite this it retains an impressive 4.1/5 star review average on Amazon (14 reviews)

Available in:


Certified Ethical Hacker (CEH) Cert Guide15 Dec 2013
ISBN-13: 978-0789751270

Authored by certification expert Michael Gregg and published by Pearson IT certification, this chunky 640 page CEH certification guide is certainly comprehensive.

As well as a companion to the CEH certification’s v8 topics, you’ll also focus on building your own study guide, complete with test preparation routines and review questions. A CD featuring two complete practice exams is also bundled with this certification guide.

Finally, you’ll get preparation hints and exam tips from leading security consultant, Michael Gregg.

Available in:


The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy – 1 Aug 2013
ISBN-13: 978-0124116443

Though not a CEH certification guide, this introductory book provides any aspiring ethical hacker with a solid foundation of ethical hacking knowledge – crucial for passing the CEH exam.

You’ll study the same hacking tools commonly found within the CEH certification, and learn how to use them to conduct real life penetration tests.

This book begins with the basics and guides you towards more advanced subjects such as post exploitation and access maintenance. This is an ideal book for anyone with an interest in penetration testing - especially useful for those starting down the path to their CEH certification.

Available in:


Official CEH CoursewareEC-Council

As well as study guides, you also have the option to simply purchase EC-Council’s official CEH courseware. This is everything you’ll need to pass your CEH exam - included in the official bundle is:

  • Three official EC-Council CEH books (lab manual and two courseware manuals with slides)
  • 6 DVDs

The labs showcased in the courseware are tested against the latest operating systems with all up-to-date patches and hot-fixes applied.

Plus, the 6 DVDs contain over 20GBs of guides on how to use the latest hacking and security tools alongside more than 1,000 minutes of videos demonstrating hacking techniques.

Purchase the official CEH courseware from EC-Council store.


Related articles:


About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 13 April 2015

Crack the new CISSP CBK with these CISSP training resources


By Sarah Morgan


Your CISSP exam and curriculum is changing. With the release of a brand new exam blueprint and updated CISSP domains imminent, the material you're revising now will soon be out of date.

The switch will be made on April 16th 2015, when the ten CISSP CBK domains will be reduced to eight.


As a result of this refresh, the CISSP exam will be altered to reflect the new CBK changes (but will remain the same format). Any training or revision material you use must also be updated, or you’ll risk revising irrelevant content!

Don’t get caught out by the 2015 domain refresh. Take a look at these up-to-date revision resources, aligned to the 8 brand new CISSP domains.


1. Official (ISC)2 Guide to the CISSP CBK, Fourth Edition (ISC2 Press) Hardcover – 10 Apr 2015 
ISBN-13: 978-1482262759

Released last week, you don’t get any more up-to-date than (ISC)2’s Official Guide to the CISSP CBK.

This official guide, endorsed by (ISC)2 and edited by Adam Gordon, covers the refreshed technical content added to the CISSP CBK. The book provides a comprehensive guide to the eight CISSP domains and includes illustrated examples, practical exercises and real-life scenarios.

How to buy it:


And remember, if you’re an (ISC)2 member, you’ll get 50% off Official (ISC)2 textbooks!


2. The NEW 2015 CISSP Exam. Brace Yourself (and prepare yourself)! Webcast with Dave miller

Dave Miller has been an IT security specialist since 1980, is a published author and lecturer. So it’s no surprise he’s been following the new CISSP CBK with interest.

His comprehensive webcast, originally hosted March 17th 2015, is now available for free online at Oreily.com. The 93 minute webcast covers an abundance of CISSP topics including:

  • A review of the 2012 CISSP certification exam
  • The new CISSP 2015 examination
  • CISSP certification requirements
  • New test-worthy topics
  • How to prepare for the new CBK and CISSP exam
  • Conclusion: Q&A

To watch the webcast, sign up here.


3. (ISC)2 Overview & Key areas of knowledge in the 8 new CISSP domains

(ISC)2 has released a candidate information bulletin in line with the new CISSP exam blueprint. This massive document includes overviews of each of the 8 brand new CISSP domains alongside the key areas of knowledge you’ll need to understand to pass your exam.

This resource is excellent for any professional who needs a quick refresher on what’s contained in the new CISSP domains.

However, don’t treat the information found here as replacements for experience or knowledge - (ISC)2 state that, “[The candidate information bulletins] were developed to provide candidates with basic information…the outlines are not intended to be in-depth reviews of the examination.”

Access the document here.


4. (ISC)2 sample exam questions

Also included in the (ISC)2 CISSP candidate bulletin are sample questions, aligned to the new exam blueprint. We’ve included them below:


1. Which one of the following is the MOST important security consideration when selecting a new computer facility?

a. Local law enforcement response times
b. Adjacent to competitors’ facilities
c. Aircraft flight paths
d. Utility infrastructure

2. Which one of the following describes a SYN flood attack?

a. Rapid transmission of Internet Relay Chat (IRC) messages
b. Creating a high number of half-open connections
c. Disabling the Domain Name Service (DNS) server
d. Excessive list linking of users and files

3. Which one of the following is a limitation of fuzzing, as it relates to secure software development best practice?

a. Access to the source code is required
b. Not all discovered issues are exploitable
c. Issues must be accessible through an open interface
d. Is not suitable where code development is outsourced

Find the answers on Page 33 of the CISSP candidate bulletin.


Got a burning CISSP question?

If you’ve got more questions, take a look at our CISSP FAQ covering the new exam blueprint.

And if you need to get certified with accelerated CISSP training, good news – Firebrand are the only authorised (ISC)2 partner in the UK and will be teaching the latest 2015 CISSP material from the 20th April 2015.


Related articles:



About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.