Certified Ethical Hacker (CEH) is a qualification given by

EC-Council EC-Council is a cybersecurity certification, education, training, and services organization based in Albuquerque, New Mexico, that has certified over 237,000 professionals from 145 countries. History Jay Bavisi is the Founder of EC-Council Holding ...

and obtained by demonstrating knowledge of assessing the security of computer systems by looking for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system. This knowledge is assessed by answering multiple choice questions regarding various ethical hacking techniques and tools. The code for the CEH exam is 312-50. This certification has now been made a baseline with a progression to the CEH (Practical), launched in March 2018, a test of penetration testing skills in a lab environment where the candidate must demonstrate the ability to apply techniques and use penetration testing tools to compromise various simulated systems within a virtual environment. Ethical hackers are employed by organizations to penetrate networks and computer systems with the purpose of finding and fixing security vulnerabilities. The

offers another certification, known as Certified Network Defense Architect (CNDA). This certification is designed for

United States Government The federal government of the United States (U.S. federal government or U.S. government) is the national government of the United States, a federal republic located primarily in North America, composed of 50 states, a city within a fede ...

agencies and is available only to members of selected agencies including some private government contractors, primarily in compliance to DOD Directive 8570.01-M. It is also ANSI accredited and is recognized as a

GCHQ Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Unit ...

Certified Training (GCT).

Examination

Certification is achieved by taking the CEH examination after having either attended training at an Accredited Training Center (ATC), or completed through EC-Council’s learning portal, iClass. If a candidate opts to self-study, an application must be filled out and proof submitted of two years of relevant information security work experience. Those without the required two years of information security related work experience can request consideration of educational background. The current version of the CEH is V12, released in September 2022. The exam, which uses the same EC-Council

exam An examination (exam or evaluation) or test is an educational assessment intended to measure a test-taker's knowledge, skill, aptitude, physical fitness, or classification in many other topics (e.g., beliefs). A test may be administered verba ...

code (312-50) as the earlier versions, has 125 multiple-choice questions and a 4-hour time limit. The EC-Council and various ATCs administer the CEH examination. Members holding the CEH/CNDA designation (as well as other EC-Council certifications) must seek re-certification under this program every three years, for a minimum of 120 credits.

Critical components

The CEH focuses on the latest malware attacks, the latest hacking tools, and the new emerging attack vectors in cyberspace. It includes hacking challenges at the end of every module and is built 100% in compliance to the NICE 2.0 Framework to ensure a systematic job role mapping.

Examination

Critical components

References

Further reading