Certified Ethical Hacker by EC-Council

This course covers ethical hacking phases, various attack vectors, and preventive countermeasures. You will learn how hackers think and how hackers act maliciously so you will know how to configure your security infrastructure and how to create a defense against attacks in the future.

The CEH course utilizes a systematic process that includes a hands-on environment to give you a view across each ethical hacking domain and methodology. The objective is to give you the skills and knowledge you need to achieve the CEH credential.

CEH continues to update and evolve to keep up with the latest operating systems, tools, tactics, exploits, and technologies.

Certified Ethical Hacker by EC-Council

Here are topics covered in this course:

• Introduction to Ethical Hacking
• Foot-printing and Reconnaissance
• Scanning Networks
• Enumeration
• Vulnerability Analsysis
• System Hacking
• Malware Threats
• Sniffing
• Social Engineering
• Denial-of-Service
• Session Hijacking
• Evading IDS, Firewalls, and Honeypots
• Hacking Web Servers
• Hacking Web Applications
• SQL Injection
• Hacking wireless Networks
• Hacking Mobile Platforms
• IoT and OT hacking
• Cloud Computing
• Cryptography

Certified Ethical Hacking by EC-Council

This course aims to cover these specific scenarios and topics:

• Information security controls, laws, and standards
• Webserver attacks and comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures for the same
• Various types of footprinting, footprinting tools, and countermeasures
• Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures
• Network scanning techniques and scanning countermeasures
• SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures
• Enumeration techniques and enumeration countermeasures
• Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems
• Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools
• System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities
• Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools
• Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures
• Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures
• Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing
• Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools
• Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures
• penetration testing, security audit, vulnerability assessment, and penetration testing roadmap
• DoS/DDos attack techniques and tools to audit a target and Dos/DDoS countermeasures
• Threats to IoT and OT platforms and defending IoT an OT devices
• Session hijacking techniques to discover network-level session management, authintication/authorization, and cryptographic weaknesses and countermeasures
• Cryptography ciphers, Public Key infrastructure (PKI), cryptography attacks, and cryptanalysis tools

Certified Ethical Hacker by EC-Council

Achieving the CEH Certification Credential

After taking an authorized course, candidates can attempt the CEH exam. Candidates that successfully pass the exam will receive their CEH certificate and membership privileges. After proving knowledge by achieving the CEH credential, candidates have the added option to proceed to attempt the CEH (Practical) exam to prove their skills and abilities. The CEH (Practical) is a 6-hour practical exam created by subject matter experts in the ethical hacking industry. The exam tests skills and abilities in a timed environment across major operating systems, databases, and networks. Candidates with both the CEH and CEH (Practical) certifications are designated as CEH Masters, having validated the full scope of their abilities.

Think You’re Ready?

Take the Quiz to test your readiness!

Certified Ethical Hacker by EC-Council

About the Certified Ethical Hacker Master

To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam was designed to give students a chance to prove they can execute the principals taught in the CEH course. The practical exam requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.

The CEH Practical does not contain simulations. Rather, you will be challenging a live range which was designed to mimic a corporate network through the use of live virtual machines, networks, and applications.

Successfully navigating and completing the challenges found in the CEH (Practical) Exam is the next step after attaining the Certified Ethical Hacker (CEH) certification. Successfully passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master.

Certified Ethical Hacker by EC-Council

CEH Master Credential Holders are proven to be able to:

• Demonstrate the understanding of attack vectors
• Perform network scanning to identify live and vulnerable machines in a network.
• Perform OS banner grabbing, service, and user enumeration.
• Perform system hacking, steganography, steganalysis attacks, and cover tracks.
• Identify and use viruses, computer worms, and malware to exploit systems.
• Perform packet sniffing.
• Conduct a variety of web server and web application attacks including directory traversal, parameter tampering, XSS, etc.
• Perform SQL injection attacks.
• Perform different types of cryptography attacks.
• Perform vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems etc.

Certified Ethical Hacker by EC-Council

About the Exam

• Exam Title: Certified Ethical Hacker (Practical)
• Number of Practical Challenges: 20
• Duration: 6 hours
• Availability: Aspen – iLabs
• Test Format: iLabs Cyber Range
• Passing Score: 70%

How to Prepare for CEH (Practical)

While we strongly recommend that candidates take the CEH and pass the CEH exam, there are no predefined eligibility criteria for those interested in attempting the CEH (Practical) exam.

Exam Proctoring:

We know that traveling to an exam center can be difficult for many. We are pleased to announce that you can take the CEH (Practical) exam from the comfort of your home, but you need to be prepared to be proctored by a dedicated EC-Council Proctor certification team under strict supervision.

The exam dashboard code is valid for 3 months from the date of receipt. Should you require the exam dashboard code validity to be extended, kindly contact practicals@eccouncil.org before the expiry date. Only valid/ active codes can be extended. The exam needs to be scheduled a min 3 days prior to the desired exam date. Exam slots are subject to availability.

Exam Validity

The trust that the industry places in our credentials is very important to us. We see it as our duty to ensure that the holders of this credential are proven hands-on, ethical hackers who are able to perform in the real world to solve real-world challenges. As such, the CEH (Master) is designed as a hands-on exam that will test the skills of the ethical hacker BEYOND just their knowledge. This exam is a proctored, practical exam that can last up to 6 hours.

We know that traveling to an exam center can be difficult for many. We are pleased to announce that you can take the CEH (Practical) exam from the comfort of your home, but you need to be prepared to be proctored by a dedicated EC-Council Proctor certification team under strict supervision.

Certified Ethical Hacker by EC-Council

ANSI:

EC-Council is dedicated to working with the US Department of Defense to bring the highest standards of Training, Education and Certification to our military.

Independent Accreditation ensures Quality of Certification

EC-Council Certifications are developed to the highest standards and have achieved numerous accreditations including ANSI 17024 for:

C|ND – Certified Network Defender

C|EH – Certified Ethical Hacker

C|HFI – Certified Hacking Forensic Investigator

C|CISO – Certified Chief Information Security Officer

DoD:

DoD Directive 8570/ 8140

EC-Council’s Certified Ethical Hacker is an approved baseline certification for the following Cyber Security Service Provider sections:

CSSP Analyst  •  CSSP Auditor  •  CSSP Infrastructure Support  • CSSP Incident Responder

Information on DoD 8570 can be found at the following DISA website: https://public.cyber.mil/cwmp/dod-approved-8570-baseline-certifications/

Certification to Framework Mappings

A core component of EC-Council Certification development is the Job Task Analysis (JTA) Process we undertake before any certification is built. Major frameworks like the NICE/NIST Framework, NIST 800-171, GCHQ, and others contribute to content areas of each of our programs. As a result, EC-Council Certifications and Training programs are mapped to most major published Frameworks.

EC-Council Maps to the National Initiative for Cybersecurity Education Framework

Download the comprehensive mapping of EC-Council program sections to The Roles and their associated Knowledge, Skills and abilities.

Navy Cool:

EC-Council Cyber Security Certifications and the US NAVY

Six EC-Council Certifications are recognized by the United States Navy in over 100 Cyber Security Job roles, across 18 occupations. Ranging from Commander in Executive Cyberspace Leadership to Cyber Warfare Engineer, Special Agents, Incident Handlers, to Cryptologic Warfare Engineers, Cybersecurity careers with the US NAVY are exciting, holding an EC-Council certification provides great opportunity for advancement in a US NAVY career.

The decisions of Department of the NAVY to incorporate industry recognized certifications into the Cyber IT & Cyber Security Workforce Framework ensures as our service personnel advance their careers and eventually transition to civilian life, their skills and credentials are widely recognized by the Industries they will continue to work in as Veterans.

Certifications recognized, accepted, and often funded by the US NAVY include:

C|CISO, C|EH, E|CSA, C|HFI, E|CIH, and L|PT

Funding opportunities for career advancement are available for Active Duty NAVY personnel through the NAVY COOL program.

US NAVY approves EC-Council Certifications across 18 Occupations and over 100 Job roles