Certified Ethical Hacker (CEH) Certification: Complete Guide
Become a Certified Ethical Hacker (CEH). Full guide to exam format, the hacking phases, modules, study plan, and practice questions.
Certified Ethical Hacker (CEH) Certification: Complete Guide
The Certified Ethical Hacker (CEH) from EC-Council teaches you to think and act like an attacker so you can defend systems better. It is one of the most recognized credentials for penetration testing and offensive security roles, and recent versions add AI-driven attack and defense techniques.
Who Should Take CEH
- Aspiring penetration testers and red teamers
- SOC analysts who want to understand attacker tradecraft
- Security professionals pursuing roles that list CEH as a requirement
Exam Overview
| Aspect | Details |
|---|---|
| Questions | 125 multiple choice |
| Duration | 4 hours |
| Passing Score | Varies by exam form (roughly 60% to 85%) |
| Delivery | EC-Council exam portal or VUE |
| Cost | Exam voucher around 1,199 USD (verify current pricing) |
EC-Council also offers an optional hands-on CEH Practical exam for those who want to prove applied skills.
The Five Phases of Ethical Hacking
- Reconnaissance: Passive and active information gathering
- Scanning: Discovering live hosts, ports, and services
- Gaining Access: Exploiting vulnerabilities to get a foothold
- Maintaining Access: Persistence and privilege escalation
- Covering Tracks: Understanding how attackers hide (so you can detect them)
Key Modules to Master
- Footprinting, reconnaissance, and scanning networks
- Enumeration and vulnerability analysis
- System hacking, malware threats, and sniffing
- Social engineering, denial of service, and session hijacking
- Web server, web application, and SQL injection attacks
- Wireless, mobile, IoT, OT, and cloud security
- Cryptography fundamentals
Encoding and obfuscation appear constantly in offensive work. Experiment with a Base64 Encoder to see how payloads and data are commonly encoded.
Study Plan
- Weeks 1-2: Reconnaissance, scanning, and enumeration
- Weeks 3-4: System hacking, malware, and sniffing
- Week 5: Web and application attacks, SQL injection
- Week 6: Wireless, cloud, cryptography, and timed practice exams
Sample Questions
Sample Question 1
Which phase involves gathering information without directly interacting with the target?
A) Active scanning
B) Passive reconnaissance
C) Exploitation
D) Privilege escalation
Answer: B - Passive reconnaissance collects data without touching the target directly.
Sample Question 2
Which attack injects malicious SQL into an input field to manipulate a database?
A) Cross-site scripting
B) SQL injection
C) Buffer overflow
D) DNS poisoning
Answer: B - SQL injection targets database queries through unsanitized input.
Recommended Resources
- EC-Council CEH Official Page
- Official courseware and iLabs
- A safe home lab with intentionally vulnerable machines
Practice with ExamCert
The best way to get exam-ready is realistic practice. Try the free Certified Ethical Hacker (CEH) question bank on ExamCert, with exam-style questions and detailed explanations so you learn from every miss.
👉 Certified Ethical Hacker (CEH) practice test
Conclusion
CEH validates that you understand the attacker mindset and can apply it ethically. Build a lab, study every module, and drill practice exams to pass with confidence.