Enroll now to get details on Plans & Pricing
Certified Ethical Hacker CEH v11 will teach you the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.
what sets CEH v11 apart from the rest:
Introducing All New CEHv11
Enroll now to get details on Plans & Pricing
WHY IS CEH IN-DEMAND GLOBALLY?
COMMON JOB ROLES FOR CEH (Certified Ethical Hacker)
With the CEH v11 we’ve taken all that the CEH already is and added more to it, to make it even better, more advanced, more detailed, and yet succinct.
In 2003, CEH introduced the five phases of ethical hacking, the blueprint for approaching your target and succeeding at breaking in. We have continued to hone these 5 phases, updating and refining them to match the skillset ethical hackers need today:
- Gaining Access
- Maintaining Access
- Covering Your Tracks
CEH v11 covers more than 500 new threats and vulnerability scenarios. This includes but is not limited to: APT, Fileless Malware, Web API Threats, Webhooks, Web Shell, OT Attacks, Cloud Attacks, AI, ML, and much more.
We work to deliver only the latest technologies, but also emerging technologies such as OT Technology, Container Technology.
Practice what you learned. Understand how knowledge can be transformed into skills and how these skills can be used to solve business issues with hands-on hacking challenges at the end of each module to reinforce what you’ve learned!
With the new Parrot OS, you have everything you need to develop your own programs and protect your privacy while using the internet. You will enjoy better performance on lower powered laptops and machines with an intuitive interface and a larger repository of tools.
CEH v11 now includes the latest Malware Analysis tactics for ransomware, banking and financial malware, IoT botnets, OT Malware Analysis, Android Malware, and more!
EC-Council leads the industry with more than 50 percent of course content dedicated to practical skills in live ranges leveraging our renowned iLabs.
If you are interested in any of our certification courses, sign up to try before you buy!
Available to US Residents Only.
CEH Course Outline
|Module 01: Introduction to Ethical Hacking
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
|Module 02: Foot printing and Reconnaissance
Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
|Module 03: Scanning Networks
Learn different network scanning techniques and countermeasures.
|Module 04: Enumeration
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures.
|Module 05: Vulnerability Analysis
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems.
|Module 06: System Hacking
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.
|Module 07: Malware Threats
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
|Module 08: Sniffing
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.
|Module 09: Social Engineering
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
|Module 10: Denial-of-Service
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
|Module 11: Session Hijacking
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
|Module 12: Evading IDS, Firewalls, and Honeypots
Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.
|Module 13: Hacking Web Servers
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.
|Module 14: Hacking Web Applications
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
|Module 15: SQL Injection
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
|Module 16: Hacking Wireless Networks
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.
|Module 17: Hacking Mobile Platforms
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
|Module 18: IoT Hacking
Learn how to secure and defend Internet of Things (IoT) and operational technology (OT) devices and possible threats to IoT and OT platforms.
|Module 19: Cloud Computing
Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
|Module 20: Cryptography
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
About CEH Exam
Number of Questions: 125
Test Duration: 4 Hours
Test Format: Multiple Choice
Test Delivery: ECC EXAM, VUE
Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)
In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has real world applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall cut score for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.
Clause: Age Requirements and Policies Concerning Minors
The age requirement for attending the training or the exam is restricted to any candidate that is permitted by his/her country of origin/residency.
If the candidate is under the legal age as permitted by his/her country of origin/residency, they are not eligible to attend the official training or eligible to attempt the certification exam unless they provide the accredited training center/EC-Council a written consent/indemnity of their parent/legal guardian and a supporting letter from their institution of higher learning. Only candidates from a nationally accredited institution of higher learning shall be considered.
Who Is It For?
- Information Security Analyst/Administrator
- Information Assurance (IA) Security Officer
- Information Security Manager/Specialist
- Information Systems Security Engineer/Manager
- Information Security Professionals/Officers
- Information Security/IT Auditors
- Risk/Threat/Vulnerability Analyst
- System Administrators
- Network Administrators and Engineers
CEH Training Options
This solution is an asynchronous, self-study environment which delivers EC-Council’s sought-after IT Security hacking training courses in a streaming video format.
This solution offers you the opportunity to learn from world-class instructors and the opportunity to collaborate with top Infosecurity professionals. MasterClass classes come with a slew of additional benefits including add-on certification training, local meet-up opportunities, and iLearn access.
Training Partner (In Person)
This solution offers in-person CEH training so that you can get the benefit of collaborating with your peers and gaining real-world skills, conveniently located at one of the hundreds of training centers authorized to teach EC-Council courses around the world.
Education Partner (In Person or Online)
This solution offers education courses through EC-Council Academia partnered institutions to benefit students enrolled in a college or university degree programs.
Prove Your Skills and Abilities With Online, Practical Examinations.
Certified Ethical Hacker (CEH) Certification
The CEH exam is a 4-hour exam with 125 multiple choice questions. This knowledge-based exam will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more!
CEH Practical Certification
CEH Practical is a 6-hour, rigorous exam that requires you to demonstrate skills and abilities of ethical hacking techniques such as:
- Port scanning tools (e.g., Nmap, Hping)
- Vulnerability detection
- Attacks on a system (e.g., DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
- SQL injection methodology and evasion techniques
- Web application security tools (e.g., Acunetix WVS)
- SQL injection detection tools (e.g., IBM Security AppScan)
- Communication protocols
This is the next step to become a CEH Master after you have achieved your CEH certification. Within CEH Practical, you have a limited amount of time to complete 20 challenges testing your skills and proficiency in a performance-based cyber range. This exam is NOT a simulation and incorporates a live corporate network of VMs and applications with solutions to uncover vulnerabilities.
Upon Completing the CEH (Master) program, consisting of CEH and CEH (Practical), the CEH (Master) designation is awarded. CEH Masters have shown proficiency at a master level in the Knowledge, Skills, and abilities of Ethical Hacking with a total 6 hours of testing to prove their competency. Top 10 performers in both CEH and CEH Practical exams are showcased on the CEH Master Global Ethical Hacking Leader Board.
FREQUENTLY ASKED QUESTIONS
About The Program
An ethical hacker or a white hat hacker is an authorized InfoSec professional who ensures safety of the organization by performing penetration testing and locating the vulnerabilities in a computer system, network, applications, or other computing devices.
EC-Council places great emphasis on the quality of its instructors. A 17-year-old will not be teaching security to professionals at our accredited training centres. Certainly, experience is the greatest teacher. However, EC-Council adheres to a code of ethics and encourages security professionals with significant years of teaching experience in the industry and a security background to handle our security related programs.
The program focuses on hacking techniques and technologies from an offensive perspective. This advanced security program is regularly updated to reflect the latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.
EC-Council believes in giving back to the security community as it has partaken of it. When you are a Certified Ethical Hacker, you are more than a security auditor or a vulnerability tester or a penetration tester alone. You are exposed to security checklists that will help you audit the organization’s information assets, tools which will check for vulnerabilities that can be exploited and above all a methodology to assess the security posture of your organization by doing a penetration test against it. In short, the knowledge you will acquire has practical value to make your work place a more secure and efficient one.
Where does CEH stand when compared to other educational offerings in the field of information security?
Consider this: A security defense programeducates candidates regarding proper configuration, firewalls, or rather pre-emptive security. CEH takes the alternative approach – defense in depth by attacking the systems. This is in sharp contrast to programs that teach defensive tactics alone. CEH imparts offensive tactics supplemented with defensive countermeasures. This ensures that the CEH professional can have a holistic security perspective of the organization.
Hacking techniques represent ways and means by which computer programs can be made to behave in ways they are not meant to. These techniques extend beyond the technology domain and can be applied to test security policies and procedures. Hacking technologies are used to refer to those tools and automated programs that can be used by perpetrators against an organization to incur critical damage. As technology advances, the skills required to execute a hack are much lesser as pre-compiled programs are available to effect havoc with simple point and click.
Congratulations on becoming a CEH! You have joined an elite group of professionals around the world. Your next level is to proceed with the CEH (Practical).
The answer is yes. You must show 2 years of work experience in security related field. You must also submit a CEH exam eligibility application and obtain an authorization from EC-Council before you can attempt the exam. For more details, please click HERE.
To be eligible to apply to sit for the CEH (ANSI) Exam, a candidate must either:
- Hold a CEH certification of version 1 to 7,
* (Prior to being ANSI accredited, EC-Council’s certifications were named, based on versions – CEHV1, CEHV2 etc. During that time, candidates that attempted the certification exams were vetted for eligibility. In order to avoid “being double bill”, the EC-Council Certification department shall issue a waiver of the application fee of any candidate that has a CEH V1- CEH V7 certification and wishes to attempt the CEH ANSI certification.)
- or Have a minimum of 2 years work experience in InfoSec domain (You will need to pay USD100 as a non-refundable application fee);
- Or Have attended an official EC-Council training (All candidates are required to pay the $100 application fee; however, your training fee shall include this fee)
- As various consumer laws across the world to prohibit any type of “price fixing”, EC-Council Certification department is unable to prescribe minimum pricing for its exams. This allows a free market approach which benefits our certification community.
- As the price of an exam vouchers is many times bundled with official training by our accredited partners, the price may vary depending on the region, training facilities, training partner, the trainers experience, cost of proctoring the exam and even the mode of training of the partner.
- It is imperative that we make it clear that no student shall be deemed to have any added advantage whatsoever from one mode of training to another in order to challenge the CEH ANSI exam as the exam is a standard exam for everyone, regardless of the method of training.
- Should any training partner attempt to tell you otherwise, we ask that you lodge an official complaint with the EC-Council certification department so that the necessary action can be taken against the training partner.
On an average, application processing time would be between 5-10 working days once the verifiers on the application respond to EC-Council’s requests for information.
No, the $100 application fee is not refundable.
The application process is valid for 3 months from the date of approval.
Yes, the application form is mandatory for all test takers who want to take the exam directly without undergoing training.
Once your application is approved you can proceed to purchase your exam voucher either from EC-Council Online Store or from one of our authorised training channels.
The CEH (ANSI) exam is an MCQ (Multiple Choice Question) exam. This exam is available at the ECC Exam Centre and the Pearson Vue Centre
The exam voucher code is valid for 1 year from the date of receipt.
For those attempting the exam at a physical testing centre (ETC/ Pearson Vue), the exam will be proctored by a proctor authorised at the testing centre.
For those attempting the exam remotely (ECC/ RPS), The exam will be proctored remotely by an authorised proctor.
The Exam is a 4-hour session.
In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only have academic rigor but also have “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.
Sessions should be booked at least 3 days in advance of the desired exam date.
Note: All exam sessions are proctored by EC-Council Remote Proctoring Team.
EC-Council fulfils its social responsibility by ensuring that only persons with a minimum of two years of security related experience are eligible for the program. In addition, all candidates are required to sign an agreement where they agree to respect the knowledge acquired and not misuse it in any way. The candidate also agrees to abide by all legal laws of their respective countries of residence in the use of thus acquired knowledge. Besides the CEH exam is a tough one to pass as students must have in-depth knowledge to achieve the globally recognized ethical hacking certification.
Does it matter if an elite hacker writes a buffer overflow or a script kiddy runs a tool if the target system gets compromised anyway? The point here is that the enemy may be intellectually great or small, but he/she requires just one port of entry to wreck damage while the organization has the entire perimeter to guard with limited time and resources.
The ANSI accredited Ethical Hacking program is primarily targeted at security professionals who want to acquire a well-rounded body of knowledge to have better opportunities in this field. Acquiring a Certified Ethical Hacking Certification means the candidate has a minimum baseline knowledge of security threats, risks and countermeasures. Organizations can rest assured that they have a candidate who is more than a systems administrator, a security auditor, a hacking tool analyst or a vulnerability tester. The candidate is assured of having both business and technical knowledge.
Once you are ready to proceed with your exam, please ensure you understand the below:
- You need to run an equipment test
- You need to carry an identification proof
- You should hold an valid exam voucher
Yes, the CEH (ANSI) is a part of the EC-Council Continuing Education Scheme.
The value of CEH lies in its practical value. Over 18 domains, students are exposed to business risks and the potential damage that can occur due to negligence. Students will be able to make an informed decision regarding the amount of risk a company can face if it chooses to address a security concern.
Enroll now to get details on Plans & Pricing