CEHCertified Ethical Hacker
Think like a hacker to defend like a pro
Exam details independently verified January 2026
About this certification
The CEH teaches and validates the ability to find and exploit security vulnerabilities using the same techniques as malicious hackers — but legally and ethically. It covers penetration testing, social engineering, web app hacking, session hijacking, and cryptography.
MyCertPath verdict
More résumé keyword than skill validation. EC-Council's CEH is widely required by HR filters and certain federal roles, but practitioners generally treat it as a baseline that doesn't prove hands-on penetration-testing ability. If your goal is actually doing the job, plan to follow CEH with OSCP.
What it actually tests
125 multiple-choice questions over four hours. The exam is heavy on tool names, default ports, and attack-methodology terminology — and lighter on actually exploiting anything. The optional CEH Master practical is a separate, more demanding hands-on assessment; without it, the credential reads as recognition-only.
Common traps
Things candidates underestimate or get wrong on this exam.
- Confusing CEH with hands-on skill — the multiple-choice exam is mostly recognition.
- Skipping the CEH Master practical if you want real credibility.
- Not budgeting the renewal burden — EC-Council requires ECE credits to maintain.
What you'll validate
- ✓Penetration testing methodology
- ✓Reconnaissance and footprinting
- ✓Network scanning
- ✓Session hijacking
- ✓Social engineering
- ✓Web application hacking
- ✓Malware analysis
Pros & Cons
Advantages
- +Industry-recognized ethical hacking credential
- +Practical offensive security skills
- +Strong demand in penetration testing market
Disadvantages
- −Expensive
- −Some argue it's more theoretical than OSCP
- −EC-Council's reputation has occasional controversy
Who it's for
Best for
- →Security professionals moving into offensive security
- →Penetration testers seeking a recognized credential
Not ideal for
- ×Pure defenders (use Security+ or CISSP instead)
- ×Those without security fundamentals
Career paths this unlocks
Study Resources
Affiliate links — we may earn a commissionTop picks for CEH
Register for the exam
Official exams through EC-Council or authorized partners; iLearn self-study bundles include exam
More places to study
Most popular cert prep courses, often on sale for $14.99
Highest-rated practice exams for AWS, Azure, and GCP
University-backed courses from Google, IBM, DeepLearning.AI
Practice tests and hands-on labs for 30+ cert tracks
Official study guides and exam prep books
Hands-on cloud sandboxes and cert prep subscriptions
1-month free trial — includes 21,000+ cert prep courses
MyCertPath earns a commission when you purchase through these links — at no extra cost to you. We only recommend resources we'd stand behind.
Jobs for CEH holders
CEH holders report $10k–$30k+ salary uplift on average.
LinkedIn Jobs
Updated daily
Indeed
Dice (tech roles)
Tech-focused job board
CyberSeek (cyber only)
NIST-backed supply/demand tool
Job links open external sites. Search results are live and not curated by MyCertPath.
Quick Facts
- Exam Cost
- $950 (Includes training materials when taken via EC-Council)
- Exam Duration
- 240 minutes
- Questions
- ~125
- Passing Score
- 70% (varies by form)
- Exam Format
- Multiple Choice
- Study Time
- ~150 hours
- Validity
- 3 years
- Salary Impact
- Strong ($10k–$30k+ uplift reported)
- Last Verified
- January 2026
Prerequisites
- !2 years of IT security experience, or EC-Council training
Provider
EC-Council
Ethical hacking and offensive security credentials
Actyra Training
Custom eLearning built on the science of how people actually learn
Actyra designs and builds cert-prep training programs for enterprise teams — custom courseware grounded in cognitive science.
Talk to a training expert →