What is Certified Ethical Hacker Certification?

Certified Ethical Hacker, or CEH, is an IT certification that validates your skills in assessing IT systems for security vulnerabilities, that could be used by hackers.

CEH is offered by The International Council of Electronic Commerce Consultants, or EC-Council, which is headquartered in Albuquerque, New Mexico.

The Certified Ethical Hacker certification is ideal if you want to develop a career helping companies and organizations protect their data from hackers.

Ethical hackers, often known as white-hat hackers, have the skills to systematically inspect and evaluate network infrastructure to find security vulnerabilities which a malicious hacker could potentially exploit.

CEH is one of three programs in EC-Council’s Vulnerability Assessment and Penetration Testing (VAPT) track.

CEH certification will help you get jobs in cybersecurity, with roles such as information security specialist, security engineer, penetration tester, network administrator, security administrator and security engineer.

According to Robert Half’s Salary Report, cybersecurity is one of the top in-demand skills.

CEH’s popularity is rising quickly as companies become more aware of the importance of protecting their data and systems from hackers.

The CEH exam, CEH 312-50, consists of 125 multiple-choice questions, and the exam is 4 hours.

EC-Council has also introduced another related module that you can take.  It’s called CEH Practical.

This is a 6-hour exam, which focuses on the practical side of the certification.  This exam validates your practical skills in the areas of, finding vulnerabilities in computer systems, databases, software, and networks, in addition to creating strategies to mitigate risks.

Now, let’s look at the…

Skills Measured by the Certified Ethical Hacker Certification

The key skills assessed by the CEH certification include networks, threat analysis, risk mitigation techniques, cryptography, system security evaluation tools, awareness of cybersecurity policy and law, types of attacks and their solutions, network layers and protocols, mobile security, architecture design for maximum risk mitigation, and forensics.

The skills covered in the CEH certification will help you to understand the risks in cybersecurity, and the possible solutions that an organization could use to save its data, software, and hardware assets.

At a very specific level, CEH will help you understand the following concepts:

Network and Communication Technologies

• Networking technologies
• Web technologies
• Communication protocols
• Mobile technologies (e.g., smartphones)
• Wireless terminologies
• Information Security Threats and Attack Vectors, and
• Malware operations

Information Security Threats and Attack Vectors

• DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection
• Botnet
• Cloud computing threats and attacks
• Mobile platform attack vectors, and
• Cryptography attacks

Information Security Technologies

• Information security elements
• Information security management
• Security trends
• Hacking and ethical hacking
• Vulnerability assessment and penetration testing
• Cryptography
• Encryption algorithms
• Wireless encryption
• Bring Your Own Device (BYOD), and
• Backups and archiving (e.g., local, network)

Information Security Assessment and Analysis

• Data analysis
• Systems analysis
• Risk assessments
• Vulnerability assessment and penetration testing
• Technical assessment methods
• Network sniffing, and
• Malware analysis

Information Security Assessment Process   

• Footprinting
• Scanning (e.g., Port scanning, banner grabbing, vulnerability scanning, network discovery, proxy chaining, IP spoofing)
• Enumeration, and
• System hacking (e.g., password cracking, privilege escalation, executing applications, hiding files, covering tracks)

Information Security Controls

• Systems security controls
• Application/file server
• IDS
• Firewalls
• Cryptography
• Disk Encryption
• Network security
• Physical security
• Threat modeling
• Biometrics
• Wireless access technology (e.g., networking, RFID, Bluetooth)
• Trusted networks, and
• Privacy/confidentiality (with regard to engagement)

Information Security Attack Detection

• Vulnerability detection
• IP Spoofing detection
• Verification procedures (e.g., false positive/negative validation)
• Social engineering (human factors manipulation)
• Vulnerability scanning
• Malware detection
• Sniffer detection
• DoS and DDoS detection
• Detect and block rogue AP
• Evading IDS (e.g., evasion, fragmentation)
• Evading Firewall (e.g., firewalking, tunneling)
• Honeypot detection, and
• Steganalysis

Information Security Attack Prevention

• Defend against webserver attacks
• Patch management
• Encoding schemes for web application
• Defend against web application attacks
• Defend against SQL injection attacks
• Defend against wireless and Bluetooth attacks
• Mobile platforms security
• Mobile Device Management (MDM), and
• BYOD Security

Tools / Systems / Programs

• Network & host based intrusion
• Boundary protection appliances
• Access control mechanisms (e.g., smart cards)
• Cryptography techniques (e.g., IPSec, SSL, PGP)
• Domain Name System (DNS)
• Network topologies
• Subnetting
• Routers / modems / switches
• Security models, and
• Database structures

Information Security Tools

• Network & wireless sniffers (e.g., Wireshark, Airsnort)
• Port scanning tools (e.g., Nmap, Hping)
• Vulnerability scanner (e.g., Nessus, Qualys, Retina)
• Vulnerability management and protection systems (e.g., Founds tone, Ecora)
• Log analysis tools
• Exploitation tools
• Footprinting tools (e.g., Maltego, FOCA, Recon-ng)
• Network discovery tools (e.g., Network Topology Mapper)
• Enumeration tools (e.g., SuperScan, Hyena, NetScanTools Pro)
• Steganography detection tools
• Malware detection tools
• DoS/DDoS protection tools
• Patch management tool (e.g., MBSA)
• Webserver security tools
• Web application security tools (e.g., Acunetix WVS)
• Web application firewall (e.g., dotDefender)
• SQL injection detection tools (e.g., IBM Security AppScan)
• Wireless and Bluetooth security tools
• Android, iOS, Windows Phone OS, and BlackBerry device security tools
• MDM Solutions
• Mobile Protection Tools
• Intrusion Detection Tools (e.g., Snort)
• Hardware and software firewalls (e.g., Comodo Firewall)
• Honeypot tools (e.g., KFSenser)
• IDS/Firewall evasion tools (e.g., Traffic IQ Professional)
• Packet fragment generators
• Honeypot Detection Tools
• Cloud security tools (e.g., Core CloudInspect)
• Cryptography tools (e.g., Advanced Encryption Package)
• Cryptography toolkit (e.g., OpenSSL)
• Disk encryption tools, and
• Cryptanalysis tool (e.g., CrypTool)

Procedures and Methodology

• Cryptography
• Public Key Infrastructure (PKI)
• Digital Signature and Pretty Good Privacy (PGP)
• Security Architecture (SA)
• Service oriented architecture
• Information security incident
• N-tier application design
• TCP/IP networking (e.g., network routing) ,and
• Security testing methodology

For a more complete curriculum, download the latest CEH exam objectives.

Now, let’s look at the…

Pre-requisites for the CEH Certification

In order to become eligible for the CEH exam, you have two options.

You can either complete the official EC-Council training, or submit details of your experience if you have at least 2 years of experience in IT security.

The training, which costs $850, can be completed at an Accredited Training Center, via the iClass platform, or at an approved academic institution.

If you have some experience in cybersecurity, information security, network security, or even a relevant degree, you should use the second option. The application fee is $100 which is non-refundable.

How to Prepare for the Certified Ethical Hacker Certification Exam

To prepare for the CEH certification, there are several options available.

Self-Study Resources

If you are self-driven you can use self-study resources to prepare for the CEH exam. These resources include books, videos, study guides, and practice questions.

EC-Council offers a self-learning pack to prepare for the exam. The pack includes training modules, official e-courseware, iLabs, Certificate of Completion and an exam voucher.

The pack costs around $1900 US dollars. Generally, you can find much cheaper options to prepare for the CEH exam.

Books

CEH exam prep books provide in-depth explanation of the concepts you need to cover to pass the exam.

These books are usually based on the CEH exam objectives, so you won’t have to worry about missing anything important.

If you don’t have a lot of background in hacking, cybersecurity, or network security, you should use books to prepare, because books give you in-depth explanations.

There are many good CEH certification prep books available.

A good one is the CEH Certified Ethical Hacker All-in-One Exam Guide, which includes theory, practice questions, performance-based questions and their answers based on exam objectives.

If you don’t have much time, or you don’t prefer books for learning, there are plenty of other options which you can use to prepare for the CEH certification exam.

Video Training

Videos make it easy to understand difficult concepts. Most people say they retain and remember information much better using videos.

YouTube is full of CEH video training. To make sure you understand every concept in depth, print out the CEH exam objectives and search for each one on YouTube.  This might take a bit more effort but it’s free.

Instructor-Led Training

If you think self-study isn’t for you, you can use instructor-led training to prepare for the CEH exam.

You can learn directly from hacking experts, ask questions, and seek help in solving complex questions which you find challenging.

EC-Council offers instructor-led training online, but it’s quite expensive. For example, one instructor-led training program for CEH offered by EC-Council costs over $3000 US dollars.

Practice Tests

Answering 125 questions in a limited amount of time is not easy.

Doing practice tests before sitting in the CEH exam will give you confidence.

One of the most famous practice tests for CEH is offered by Boson. Boson practice tests, though paid, offer a lot of value.

Go Certify also offers many free practice tests for the CEH exam.

Practice Labs

The CEH exam has a lot of practical questions where you are tested based on your ability to apply real world concepts.

Practice labs help you to think critically, and aid you in remembering key concepts and how to apply them in a limited amount of time.

EC-Council has a practice labs bundle which includes lab questions and answers.

You can also buy practice labs for CEH offered by Boson.

Now, let’s look at…

What Jobs you can get with a CEH Certification?

CEH certification makes you eligible for a variety of roles in cybersecurity.

Companies have important data that they want to secure from hackers.

This means that the demand for ethical hackers who are able to find vulnerabilities and provide those companies with solutions to protect against these vulnerabilities, is rising.

According to the U.S. labor department statistics, jobs in the information security sector are estimated to increase by 32% through 2028, faster than the average of all occupations.

With a CEH certification, you can apply for the following jobs:

• Security Analyst
• Information Security Engineer
• Cybersecurity Incident Responder
• Vulnerability Analyst
• Cybersecurity Expert
• Cyber Threat Analyst
• Forensics Expert
• Systems Administrator
• Information Security Analyst, and
• Technical Security Specialist

It’s important to note that companies like candidates who have experience.

In addition to gaining the CEH certification you should also look for opportunities to get practical experience.

Now, let’s talk about how much money you can make with the…

Certified Ethical Hacker Certification

There’s a strong demand for cybersecurity professionals with CEH certification, and there is no shortage of jobs for competent ethical hackers

According to PayScale, the average salary for CEH certification holders is around $92,166 US dollars.  Companies hire CEH holders for roles like Cyber Security Analyst ($85,000), Information Security Analyst ($79,000) and Cybersecurity Engineer ($105,000).

Let’s see what other people think about this certification.  Here are a few…

Observations from Successful CEH Certification Holders in the Industry

Some of the best advice comes from people in the industry who have the CEH certification.

Here is some of the most useful feedback we gathered.

Here’s a comment from Reddit user “richwny15”

I studied for about 3 months. My job paid for an iClass which crammed the CEH textbook into a 5 day course. This class was the least helpful in my experience. The instructor was just reading off of powerpoint slides and all his real world examples came from when he used to work in the IT Security field back in the 80’s and 90’s. After this course I found this sub and it was super helpful in deciding what resources to use to study moving forward.

Boson Exams – Most helpful, please read the explanation of the answers as well as why the other answers are wrong. I took exams based on the categories to find which domains I was most weak in did not take the letter exams until I felt comfortable in every category.

Matt Walker’s CEH Certified Ethical Hacker All-in-One Exam Guide – Super helpful, I mostly used u/scottymcraig github repo which outlines every chapter beautifully and used the book for the practice exams and to references concepts that weren’t sticking right away.

CEH Pocketprep – Helpful, if you have no prior certs, or just need a refresher this will get the basics embedded into your brain again.

https://www.reddit.com/r/CEH/comments/f6ceth/passed_cehv10_2182020/

Here’s a comment from Reddit user “mrmojo4269”

Sub-netting : You will get your ass kicked if ya don’t know sub-netting .I have been using a calculator for the last 20 years , I was in mortal fear of having to do it form scratch.. This 7 part YouTube tutorial had me sorted in an hour , with no binary required , it is the keys to the kingdom and had me doing sub-netting in my head in under a min with no binary!

https://www.youtube.com/watch?v=BWZ-MHIhqjM&list=PLIFyRwBY_4bQUE4IB5c4VPRyDoLgOdExE

https://www.reddit.com/r/CEH/comments/ehji66/just_passed_the_ceh_v10_12302020_post_exam_write/

Here’s a comment from Reddit user “KelsWill”

I cannot tell you the exact questions but here are some of my suggestions to focus on:

Banner Grabbing. Understand what it looks like in action and how to conduct it.

Ports, Ports, Ports!!!! Know your ports. You can use process of elimination to figure out a few ports.

Know the TCP three-way handshake process and what attacks takes advantage of it

Nslookup and zone transfers

The different types of Hackers

Encryption. There are less Asymmetric encryption algorithms than there are Symmetric. So remember Asymmetric and the basic of DES and AES.

Nmap and Hping switches. Know what each switch does.

Know the difference between XSS, CSRF, SQLi, Clickjacking etc. Know how to identify them in script and know the theory behind each.

Know what an IDS is, how to use it, and how to defeat it.

Know Bluetooth attacks

The Hackers Methodology. Know it by heart.

How to conduct a sniffing attack and how to defeat it.

Learn the various tools. The AIO is a solid reference for all the tools.

Learn how to read a firewall log. You need to know how to setup the rules correctly. Not hands on but being able to look at a log and figure out what is going through the network.

Know the different virus types and other attacks like RUDY, smurf, fraggle, etc.

https://www.reddit.com/r/CEH/comments/g87nuv/my_ceh_guide/

The Truth About CEH

CEH certification validates your skills in hacking, vulnerability testing, cybersecurity, information security and networking. Having this certification will help you get the attention of recruiters.

However, you should not rely solely on the CEH certification. Your first priority after getting the CEH certification is to gain experience.

To advance in your cybersecurity career you should complement CEH with more advanced IT security certifications.

Is the CEH Certification for You?

If you have a passion for hacking and protecting IT systems from being breached, then the CEH certification is for you.

If you want a dynamic well-paying job with solid future prospects then you need to get the CEH certification.

So, is CEH certification worth it?

CEH is definitely worth the time and effort, and even more so when you  complement it with more advanced certifications.