Question: What is a certified ethical hacker (CEH)? How to become a CEH?

Answer: Certified ethical hackers are cybersecurity professionals who have received intensive training and a formal certification in penetration testing computers and network systems to identify and address information security vulnerabilities. To become a certified ethical hacker, individuals must take and pass an examination offered through The International Council of E-Commerce Consultants, otherwise known as the EC-Council. In order to qualify to take the CEH examination, candidates must either have two or more years of experience in information security, or have attended a certified ethical hacker training program that has been approved by the EC-Council.

Certified ethical hackers (CEHs) play an important role in cybersecurity, as they are trained to conduct network systems security checks by hacking into authorized computer systems to find weaknesses that would otherwise be exploited by cybercriminals. Otherwise known as white hat hackers, offensive cybersecurity professionals (named as such due to the fact that their security tactics involve attacking systems to identify vulnerabilities), or Red Team professionals, CEHs are a crucial part of any cybersecurity team. Some of the key responsibilities of a certified ethical hacker include performing regular network scans for an organization, conducting network and computer systems attacks using common and emerging attack vectors, using viruses and malware to invade systems, completing vulnerability analyses, and developing recommendations and strategies to protect an organization from unauthorized intrusion and exploitation.

As mentioned previously, to become a CEH, professionals must take the CEH exam offered through the EC-Council. To prepare for this examination, students must have substantial professional experience in cybersecurity and ethical hacking, or else have completed formal training in the field. Students who want to gain training in certified ethical hacking have numerous options, ranging from courses offered through the EC-Council to CEH bootcamps offered by colleges and training organizations, cybersecurity graduate certificate programs that cover key CEH concepts and skills, and bachelor’s and master’s programs in cybersecurity with substantial coursework in certified ethical hacking. To learn more about the path to becoming a certified ethical hacker, please refer to the section below.

How to Become a Certified Ethical Hacker

The pathway to becoming a certified ethical hacker is straightforward, in that it entails preparing for, taking, and passing the Certified Ethical Hacker examination provided by the EC-Council. This test is designed to evaluate candidates’ ability to use the latest offensive cybersecurity tools, methodologies, and strategies to legally hack organizations’ security systems and structures. In order to qualify to sit for this exam, students must meet one of the following requirements:

• Have a minimum of two years of professional experience in information security and cybersecurity, submit an Exam Eligibility Application Form, and pay the eligibility application fee of $100.
• Completed an official EC-Council training in certified ethical hacking (these trainings waive the $100 exam eligibility fee), or received an earlier version of the CEH credential.

The Certified Ethical Hacker Examination

Currently in its 11th version, the EC-Council’s CEH Certification examination is one of the most established and respected cybersecurity credentials in the industry. Comprised of 125 questions, which students answer over the course of four hours, the EC-Council’s CEH examination covers the following categories, which the EC-Council refers to as Cybersecurity Domains*:

• Foundations of Information Security and Ethical Hacking: The CEH exam has 8 questions that cover information security standards and controls, ethical hacking concepts, and the cyber kill chain (which is the process of tracing every stage of a cyber attack).
• Reconnaissance Methods: The CEH exam includes 10 questions on footprinting (i.e. data collection and profiling) concepts and methodologies for search engines, web services, and social networking sites; DNS, network, and email footprinting; and footprinting tools and countermeasures. In addition, candidates answer 10 questions on network scanning processes and procedures; host, port, and service discovery; and 6 questions on enumeration (i.e., the counting of system/network vulnerabilities) concepts and countermeasures.
• System Hacking Processes, Procedures, and Techniques: Candidates are expected to answer 9 questions on vulnerability analysis techniques, including vulnerability classifications and assessments, vulnerability assessment tools, and reporting. This exam domain also includes 6 questions on system hacking concepts such as gaining and maintaining access, exploitation of vulnerabilities, clearing logs, executing applications, and cracking passwords. Finally, candidates must answer questions on different types of malware and their uses, malware countermeasures, and on computer viruses and worms.
• Networks and Perimeter Hacking: This domain includes 18 questions covering key concepts and techniques in sniffing (i.e. interception and/or theft of data using applications), sniffing countermeasures; social engineering (i.e. gaining the trust of targets so that they give up sensitive information); Denial of Service (machine and/or network shutdown) attacks and protective measures against them; session hijacking concepts, tools, and countermeasures; intrusion detection systems and their implementation; and evading firewalls and honeypots.
• Web Application Hacking: Candidates must answer 20 questions on web server concepts, web server attack methodologies and tools, patch management/software updates, web applications attacks and their countermeasures, and SQL injection types, methods, and tools.
• Hacking of Wireless Networks: The exam includes 8 questions on wireless network hacking, including the identification of wireless threats, wireless hacking tools and methodologies, Bluetooth hacking, and wireless encryption.
• Hacking of Mobile Platforms, the Internet of Things, and Operational Technology: This exam domain includes 10 questions on mobile platform attacks, hacking of iOS and Android OS devices, mobile device management, and mobile security guidelines, standards, and tools.
• Cloud Computing: The exam includes 7 questions on cloud computing concepts, threats, hacking, and security measures, as well as serverless computing.
• Cryptography: This part of the exam includes 7 questions on cryptography concepts, encryption algorithms, email and disk encryption, cryptanalysis, and public key infrastructures (i.e., the hardware, software, policies, and procedures used in the granting and management of digital certificates and public keys).

While the domains that the CEH certification examination covers remain consistent from year to year, the EC-Council is vigilant about updating the content of their examination to reflect evolutions in the industry. Currently, the CEH exam and its corresponding training programs offered through the EC-Council (see the below sections for more information) are in their 11th iteration, hence the designation CEH v11 that the EC-Council uses currently.

*Note: For more information on the above domains within the field of certified ethical hacking, please refer to our Cybersecurity Glossary, which defines terms discussed above.

The CEH certification is valid for three years from the date of the candidate’s successful passing of the examination; however, candidates can maintain their credential by fulfilling 120 credits’ worth of EC-Council Continued Education (ECE) over the course of three years. In summary, the path to becoming a Certified Ethical Hacker can be outlined as follows:

• Complete two years of professional experience in information security and cybersecurity, OR complete one of EC-Council’s official CEH trainings
• Complete an application to sit for the examination
• Take and pass the CEH examination
• Maintain one’s credential through continued education courses through the EC-Council

How to Prepare for the Certified Ethical Hacker Exam

As the above description of the CEH examination illustrates, this is a rigorous test that requires substantial preparation to pass. One of the most common ways to prepare for the exam is to enroll in the EC-Council’s own CEH training programs; however, several colleges and universities also have training programs and bootcamps that prepare students to sit for the exam. These programs can be a good option for professionals in the field of information security that already have at least two years of experience who would like to attend an exam preparation training program.

The Professional Experience Route: CEH Exam Preparation Materials and Programs

Many professionals working in the field of cybersecurity have formal academic training in cybersecurity or a related field, such as information technology, computer science, or engineering. There are numerous pathways to entering the field of cybersecurity, which include, but are not limited to, associate’s degree programs, bachelor’s degree programs, master’s degree programs, graduate certificate programs, and bootcamps in cybersecurity. There are also cybersecurity professionals who gained formal training while serving in one of the branches of the U.S. military.

Professionals with at least two years of experience, and who demonstrate competency in the cybersecurity field in their application to sit for the CEH exam, are not required to enroll in an official EC-Council training program. For these professionals, there are CEH study guides and practice tests that can be accessed online or purchased through a bookstore or Amazon.com. There are also online CEH training/exam preparation programs, online CEH bootcamps, and in-person CEH bootcamps offered by independent training providers. These intensive programs are often short in duration (five days is common) and have frequent start dates. The goal of these programs is to prepare professionals to pass the CEH exam.

Many online CEH training programs and bootcamps feature live online instruction; however, some are 100% asynchronous where students review course materials on their own time. These programs usually require students to complete the program within a specific time frame (e.g., six months), and students are able to interact with instructors through email if they have questions. Finally, some colleges and universities also offer CEH training programs and bootcamps through their divisions of continuing education. These may be a good option for students who feel more comfortable taking a training program offered by an institution as opposed to a training provider. For more information about cybersecurity bootcamps and how they can prepare students for certifications in the industry (including CEH certification), please refer to our FAQ on graduate certificate programs in cybersecurity vs. bootcamps in cybersecurity.

The EC-Council Training Route

Enrolling in an EC-Council training program is generally a good option for candidates with minimal experience in cybersecurity and information security, and who wish to gain knowledge that is specifically relevant to the CEH examination. The EC-Council has several programs for students to choose from in certified ethical hacking, including a short, intensive training program; and accredited bachelor’s, master’s, and graduate certificate programs.

Certified Ethical Hacker v11 Training Programs

This 5-day, 40-hour training program is a package that includes the price of the certification examination, as well as modules and exercises on emerging attack vectors, enumeration, web application hacking, operation technologies, encryption, modern exploit technologies, malware analysis, cloud computing and the Internet of Things, and 3500 hacking tools and techniques. In addition, this program features 24 hacking challenges through which students can practice what they have learned, more than 200 virtual lab activities, and training in over 420 CEH technologies and strategies.

This program offers several options to match students’ scheduling needs, which include an asynchronous iLearn modality, Master Classes that include in-person meeting opportunities, additional certification preparation, and a Training Partner option that is in-person and entails collaborating with peers on projects and discussions at one of EC-Council’s training centers. Prices for this training program vary depending on the modality that students select—for example, while the iLearn option is $2199, the Masters Classes option is $3499. (Note: EC-Council Academia has also partnered with several colleges and universities to offer training courses at these institutions; students should consult with the EC-Council to identify which colleges and universities offer this benefit.)

EC-Council University Accredited Programs

In addition to its professionally oriented training programs, the EC-Council also has an accredited institution called the EC-Council University, which offers degree programs and graduate certificates. The EC-Council University is accredited by the Distance Education Accrediting Commission (DEAC), and licensed through the New Mexico Higher Education Department to offer undergraduate and graduate programs in cybersecurity and ethical hacking.

Bachelor’s Degree in Cybersecurity (BSCS)

This two-year, 60-credit program is designed for students who want to gain comprehensive, foundational knowledge in cybersecurity principles, methodologies, technologies, and threats. This program is comprised of 20 courses that cover everything from information systems security concepts to risk management, IT infrastructure auditing, network security and firewalls, cyberwarfare, and technical writing for the cybersecurity professional. This program includes five industry certifications, including the CEH and CND certifications, as well as the Computer Hacking Forensic Investigator (CHFI), Certified Threat Intelligence Analyst (CTIA), and Certified SOC Analyst (CSA) certifications.

This program requires that students have earned at least an associate’s degree from an accredited institution with a cumulative GPA of 2.0 or higher for all undergraduate coursework, and demonstrate English proficiency. Prospective students should note that in order to graduate from this program, students must not only complete the 60 credits of cybersecurity coursework, but also transfer at least 60 credits of coursework from other institutions (e.g., from their previous associate’s degree coursework) in order to confer their bachelor’s degree. This program costs $465 per credit hour.

Master’s in Cyber Security

This 36-credit hour, two-year program features 12 online courses that are delivered primarily asynchronously, and which include virtual labs that provide students access to real-world cybersecurity and CEH tools. Students in the Master’s program have a choice between five different specializations, including Security Analyst, Cloud Security Architect, Digital Forensics, Incident Management and Business Continuity, and Executive Leadership in Information Assurance. Courses in this program are limited to 30 students each to ensure that students receive sufficient faculty guidance. This program requires students to hold a bachelor’s degree from an accredited institution in order to be eligible for admission; all candidates must complete an application and submit transcripts of their past undergraduate coursework.

Depending on their specialization, students can earn up to four of nine different EC-Council industry certifications, including not only the CEH, CND, and CHFI certifications, but also the EC-Council Certified Security Analyst (ECSA) certification, the Licensed Penetration Tester (LPT) credential (which includes an additional exam fee), the Disaster Recovery Professional certification, the EC-Council Certified Incident Handler (ECIH) certificate, the EC-Council Executive Information Security Management (EISM) credential, and the Certified Chief Information Security Officer (CCISO) credential. This program costs $540 per credit hour.

Graduate Certificate Program – Information Security Professional

The EC-Council has numerous graduate certificate programs for individuals interested in different cybersecurity roles, from digital forensics investigator to security analyst and enterprise security architect. Consisting of 9 course credits (three classes), these graduate certificate programs include courses that may be transferable to the EC-Council University’s formal degree programs, such as their master’s degree in cybersecurity. The EC-Council’s Information Security Professional graduate certificate program prepares students specifically for roles in certified ethical hacking and certified network defense. This certificate is comprised of three courses: Managing Security Network Systems, Ethical Hacking and Countermeasures, and Research and Writing for the IT Practitioner.

Unlike the Certified Ethical Hacker v11 training program described above, in order to qualify for this graduate certificate program, students must hold a bachelor’s degree (with a GPA of 2.5 or higher) in a cybersecurity or IT-related field, and demonstrate proof of English proficiency. In addition, while the training program above is dedicated specifically to preparing students for the CEH exam, the Information Security Professional graduate certificate program also prepares students to sit for the Certified Network Defender (CND) credential. This program costs approximately $540 per credit-hour. EC-Council’s graduate certificate programs can be completed in 3-9 months, depending on whether students enroll full-time or part-time.

---