CEH
EC-Council CEH v13
The EC-Council Certified Ethical Hacker (CEH v13) is one of the most recognized offensive security certifications globally, covering hacking tools, techniques, and methodology across 20 domains — from footprinting and reconnaissance through advanced persistent threats, IoT hacking, cloud security, and AI-powered ethical hacking. CEH v13 added AI integration throughout the curriculum, making it the most comprehensive version to date.
CEH Exam Overview
| Detail | Information |
|---|---|
| Full Name | EC-Council CEH v13 |
| Governing Body | EC-Council |
| Number of Questions | 125 |
| Time Limit | 4 hours |
| Passing Score | 70% |
| Exam Fee | $950 USD (includes EC-Council training) |
| Category | IT Certifications |
| C3RT App Available On | iPhone, iPad, and Mac |
| Official Source | EC-Council official website ↗ |
CEH Content Areas and Domains
Domain areas are sourced from the EC-Council content outline.
Topics Covered
- ✓ Ethical Hacking Introduction & Footprinting — hacking phases, OSINT, passive reconnaissance, active footprinting
- ✓ Scanning & Enumeration — Nmap, banner grabbing, service enumeration, vulnerability scanners
- ✓ Vulnerability Analysis & System Hacking — password cracking, privilege escalation, maintaining access, covering tracks
- ✓ Malware Threats & Sniffing — trojans, ransomware, rootkits, packet sniffing, ARP poisoning
- ✓ Social Engineering & DoS — phishing, vishing, smishing, DDoS types and tools
- ✓ Session Hijacking & Evading IDS/Firewalls — TCP session hijacking, IDS/WAF evasion techniques
- ✓ Web Application & SQL Injection Hacking — OWASP Top 10, SQLi types, XSS, CSRF, web server attacks
- ✓ Cryptography — encryption algorithms, PKI, SSL/TLS, steganography, cryptanalysis
How C3RT Helps You Pass the CEH
Adaptive Practice
Questions adapt to your weak areas automatically so every study session on the CEH is time well spent.
Diagnostic Mocks
Full-length mock exams timed to the real CEH format with detailed score breakdowns by topic.
Mistake Bank
Every wrong answer is saved for targeted re-drill. The system resurfaces your mistakes until they stick.
Native on iOS & Mac
Built with SwiftUI, not a web wrapper. Instant load, offline support, hardware-speed rendering.
CEH Frequently Asked Questions
What does CEH stand for?
CEH stands for EC-Council CEH v13. It is administered by EC-Council.
Who administers the CEH?
The EC-Council CEH v13 (CEH) is administered by EC-Council. For official information, visit the EC-Council website.
How many questions is the CEH?
The CEH consists of 125 questions. Candidates are given 4 hours to complete the exam.
What is the passing score for the CEH?
The passing score for the CEH is 70%, as set by EC-Council. Scoring methodology and passing standards may be updated periodically. Always verify current requirements with the governing body.
How much does the CEH exam cost?
The CEH exam fee is $950 USD (includes EC-Council training). This fee is set by EC-Council and may vary by testing centre, region, or membership status. Additional fees for registration or rescheduling may apply.
Is CEH recognized by employers for penetration testing roles?
CEH has moderate recognition — it is widely known as a certification name and appears in many job postings, particularly in compliance-heavy environments (government, defense, banking). However, technical practitioners often consider GPEN, OSCP, or PNPT to be more rigorous demonstrations of hands-on pen testing ability. CEH is strongest as a resume credential; OSCP is strongest as a proof of practical skill.
What is new in CEH v13?
CEH v13 (2024) added AI integration throughout all modules — covering AI-powered attack tools, using AI for reconnaissance and vulnerability scanning, AI-generated malware, deepfakes in social engineering, and AI-powered defense. It also added new coverage of OT/ICS security, 5G network attacks, advanced supply chain attacks, and quantum cryptography fundamentals.
Does CEH require EC-Council training?
CEH has two paths: (1) attend an EC-Council accredited training course, which includes exam eligibility, or (2) apply with 2 years of cybersecurity work experience to take the exam without training by paying a $100 eligibility fee. The exam cost (~$950) is separate from training. The first path bundles training and exam; the experience path is more cost-effective for practitioners.
What is the CEH Practical exam?
CEH Practical is a separate 6-hour hands-on exam where candidates must demonstrate ethical hacking skills on a live environment — completing real attacks across 20 challenge scenarios. Passing both CEH (knowledge) and CEH Practical (skills) earns the CEH Master designation. CEH Practical is closer to OSCP in format and is a more credible demonstration of hands-on capability.
How difficult is the EC-Council CEH exam?
The EC-Council Certified Ethical Hacker (CEH v13) is considered intermediate in difficulty, covering ethical hacking phases, attack techniques, tools, and penetration testing methodologies. Pass rates are not officially published. Most candidates with 2+ years of networking and security experience and 2–3 months of study pass on the first attempt. The exam is knowledge-based rather than primarily hands-on.
What are the eligibility requirements for EC-Council CEH?
You must either complete official EC-Council training (no experience required) or have at least two years of documented information security experience (in which case you can apply to take the exam directly). EC-Council charges an eligibility application fee for the experience-based path. CEH is one of the few certifications where official vendor training can substitute for experience requirements.
How long should I study for EC-Council CEH?
Most candidates need 2–4 months of preparation. Official EC-Council courseware is comprehensive but expensive; many candidates use third-party study guides and video courses alongside free resources covering hacking tools and methodologies. Hands-on practice with tools like Metasploit, Nmap, and Wireshark is helpful for the practical components.
What career value does EC-Council CEH provide?
CEH is internationally recognized and is one of the most widely listed ethical hacking credentials in job postings, particularly in the Middle East, Southeast Asia, and among defense contractors. Penetration testers and ethical hackers with CEH typically earn $70,000–$110,000+. It is DoD 8570-approved for CSSP Analyst and Infrastructure Support roles.
What is the EC-Council CEH retake policy?
EC-Council allows retakes with a fee for each attempt. Specific waiting periods may apply; candidates should confirm current policies with EC-Council directly, as retake terms can vary by testing method (proctored vs. online).
How long is the EC-Council CEH credential valid?
CEH is valid for three years. Renewal requires earning 120 ECE (EC-Council Continuing Education) credits over the three-year cycle and paying the annual maintenance fee.
What continuing education is required for EC-Council CEH renewal?
Renewal requires 120 ECE credits over three years (40 per year). ECE can be earned through approved training courses, security research, conference attendance, and professional activities. Alternatively, retaking the CEH exam renews the credential.
How does EC-Council CEH compare to CompTIA PenTest+?
Both cover ethical hacking and penetration testing, but they differ in some important ways. CEH is older, more internationally recognized, and has a stronger brand presence in certain markets (particularly Middle East and Asia). PenTest+ is DoD 8570-approved and generally considered more performance-based with simulation questions. CEH requires documented experience or official training; PenTest+ has no prerequisites. Many organizations accept either credential, but specific job postings will list which one is preferred.
C3RT is a native iOS and macOS exam preparation platform covering the EC-Council CEH v13 (CEH), a IT Certifications certification, administered by EC-Council. C3RT is not affiliated with or endorsed by EC-Council. Certification names and trademarks are the property of their respective organisations. For official exam registration, eligibility requirements, and content outlines, visit the EC-Council official website ↗ .