CEH Certification : Certified Ethical Hacker

What is CEH Certified Ethical Hacker ?

The CEH (Certified Ethical Hacker) certification is an international recognition attesting to the mastery, by cybersecurity professionals, of ethical penetration tests on various systems and networks, in compliance with the standards and codes of conduct of the field.

Issued by the EC-Council, a non-profit organization specializing in cybersecurity training and founded after the September 11, 2001 attacks in the United States, it enjoys the recognition of prestigious entities such as the Department of Defense of the United States-United, the National Agency for the Security of Information Systems in France, and complies with the ISO/IEC 17024 standard.

It encompasses a wide range of ethical hacker skills and techniques, including vulnerability analysis, network sniffing, system hacking, password cracking, phishing, denial of service, web and mobile hacking, IoT and cloud hacking, malware analysis, IDS evasion, encryption, and reporting.

To obtain the CEH, candidates must pass a written exam of 125 multiple-choice questions over 4 hours, obtaining a minimum of 70%. A 6-hour practical exam, consisting of 20 scenarios drawn from concrete situations, also validates practical skills in ethical penetration tests.

Intended for those wishing to deepen their knowledge and skills in ethical hacking, cybersecurity certification is for network administrators, security analysts, auditors, consultants, engineers, or security architects wishing to stand out in the cybersecurity sector.

Which organizations offer CEH certification ?

The CEH certification is granted by the EC-Council, a non-profit entity engaged in cybersecurity training and education, created after the events of September 11, 2001 in the United States. This certification is recognized worldwide by various institutions, including the US Department of Defense, the National Agency for the Security of Information Systems in France, and ISO/IEC 17024.

To obtain the CEH certification, it is necessary to register via a training center accredited by the EC-Council, called ATC (Accredited Training Center). In France, several organizations offer CEH training, including:

Oo2 Training & Consulting

This entity offers an intensive 5-day training on the CEH v12 version, encompassing the 5 phases of ethical hacking and the 20 modules of the official program of the EC-Council. Participants also have access to hands-on labs, the necessary technical tools, and the certification exam.

CERTyou

Offering 4-day training on the CEH v11 version, CERTyou complies with the EC-Council reference framework and prepares candidates for the theoretical and practical exam. Registration includes access to the e-learning platform, official course materials, and the certification exam.

Alphorm

Alphorm provides online training for CEH v9. This training is divided into 4 parts, each corresponding to a level of difficulty of the hacking tests. It provides the essential knowledge and skills to pass the certification exam.

Akaoma

Akaoma offers a 5-day training program for the CEH v11 version, following the official EC-Council curriculum and covering the 20 modules of the curriculum. Participants have access to virtual labs, hacking tools, and the certification exam.

Global Knowledge

Global Knowledge offers intensive 5-day training to obtain the CEH v11 certification, following the guidelines of the EC-Council. This training is structured around the 20 essential modules and includes access to practical laboratories, official manuals and final certification evaluation.

What are the specific CEH certification requirements for my industry ?

The CEH certification is designed for cybersecurity professionals who want to improve their ethical hacking and penetration testing skills. However, some specific requirements may vary depending on your industry to obtain this certification.

Let’s look at some examples :

Public sector

In the public sector, it is important to be aware of the regulations and standards specific to the security of information systems. In France, ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information) includes CEH certification among the qualifications recommended for security auditors. In the United States, it is required to follow the guidelines of the DoD (Department of Defense), which also recognizes this certification for cybersecurity professionals.

Private sector

Working in the private sector, meeting customers' IT security requirements is paramount. Security consultants, for example, need to be able to perform ethical penetration tests, within established authorizations and contracts. CEH certification validates your expertise and credibility in this field. It provides you with access to advanced tools and techniques for penetration testing aligned with international standards such as ISO/IEC 27001 or NIST SP 800-115.

Training sector

For professionals in the training sector, it is imperative to be able to effectively share their knowledge in ethical hacking. Cybersecurity trainers, for example, need to be able to offer quality lessons on ethical hacking concepts and methodologies. The CEH certification attests to your level of expertise and pedagogy.

In addition, it offers access to official resources and educational tools, such as virtual labs, hacking tools and hacking challenges.

What are the steps to obtain CEH certification ?

The CEH (Certified Ethical Hacker) certification validates skills in ethical hacking and penetration testing, being a global reference in cybersecurity. Here are the key steps to acquire it :

Check the prerequisites and eligibility conditions

CEH candidates must be of age and meet one of the following criteria :

• At least two years of experience in computer security, with proof of experience submitted to the EC-Council.  
• Participate in formal CEH training at an EC-Council (ATC) approved centre, without proof of previous experience.

Registration for specialized training or self-study

There are two ways to prepare for the CEH exam :

• Registration for a specialized course via an ATC, offering support, official course materials and an exam voucher.  
• Self-study with online resources, books and simulations, which requires more autonomy but offers greater flexibility.

Take the CEH exam at an accredited centre

The CEH exam consists of 125 multiple-choice questions, lasts 4 hours, and requires a score of at least 70% to be passed. It covers 20 core modules, including :

• Introduction to Ethical Hacking  
• Network recognition and scanning  
• Enumeration and attacks on systems  
• Malware and sniffing
• Social engineering and denial of service  
• Hi-jacking of sessions and attacks on web applications  
• SQL injection and attacks on wireless and mobile networks  
• ID evasionS, firewall and honeypots  
• Buffer overflow, cryptography  
• Cloud computing, IoT hacking  
• Artificial intelligence and machine learning

‍

Candidates register via the EC-Council website and choose an ECC to take the exam, available online or in person.

Obtaining certification after passing the exam

The CEH electronic certificate is issued after passing the exam, validating the skills in ethical hacking for three years. It is renewable through the accumulation of ECE credits, strengthening the professional profile, opening career opportunities in cybersecurity and integrating a global community of ethical hackers.

How much does a CEH certification cost ?

Obtaining a CEH (Certified Ethical Hacker) certification is an important recognition in the world of cybersecurity. It proves your ability to detect vulnerabilities in computer systems by "ethical hacking" methods. While this certification can boost your career, it also requires a considerable investment. Here is a breakdown of the costs associated with obtaining CEH certification.

• Examination fees : These cover the cost of participating in the CEH examination, administered by the EC-Council, the entity that awards the certification. These fees vary depending on the location and examination centre, typically between 950 and 1200 GBP. In addition, registration fees range from GBP 100 to GBP 150.
• Training fees : Preparing for this exam can be done in several ways. Attending formal training offered by an EC-Council-certified centre guarantees your eligibility for the exam and provides you with the necessary course materials. These courses cost on average between 2000 and 3000 GBP, depending on their duration and format. Online training is a cheaper, but potentially less comprehensive alternative. The cost of such preparation varies from 100 to 500 GBP, depending on the content and quality. Opting for self-directed learning is the cheapest, but most demanding option. The cost depends on the resources used, but allow at least GBP 50 to purchase the official exam guide.
• Renewal fee : The validity of the CEH certification is three years. To renew it, it is necessary to accumulate 120 continuing education credits (ECE) while participating in activities related to cybersecurity. An annual fee of GBP 85-120 is also required to maintain your EC-Council membership. In sum, the total cost of obtaining and maintaining CEH certification over three years generally ranges between 1500 and 4000 GBP. This represents a significant investment, but it can be profitable given the career prospects and salary benefits that certification brings.

How long does it take to get CEH certification ?

The CEH (Certified Ethical Hacker) certification is internationally recognized. It certifies that cybersecurity professionals have the skills to perform penetration tests and security audits in a legal and ethical manner. To obtain this certification, several key steps must be taken :

• It is essential to have a solid understanding of networks and operating systems, as well as practical experience in the field of computer security. Two years of information security experience is recommended.
• Candidates must enroll in specialized training or opt for an independent study. Many online resources provide customized learning, with platforms such as CyberInstitut at the top of the list.
• The CEH exam, which must be taken at an EC-Council approved centre, is four hours long and includes 125 multiple-choice questions addressing various aspects of cybersecurity.
• Certification is awarded after passing the exam with a minimum score of 70%. The time required to obtain the CEH certification depends on the candidate’s previous experience and skills. Nevertheless, several months of training and practice are usually required to adequately prepare for the exam.

Is there a renewal to be done regarding the CEH certification ?

The CEH (Certified Ethical Hacker) certification is an internationally recognized proof of advanced computer security skills, specifically in the field of ethical hacking. The goal of ethical hacking is to assess the security of systems and networks by adopting the same techniques used by malicious hackers, while remaining within the legal and ethical framework.

This proactive approach aims to identify and rectify security breaches before they can be exploited by cybercriminals.

To earn the CEH certification, candidates must participate in an intensive five-day training course comprising twenty modules and more than two hundred practical exercises. They must then pass a theoretical exam consisting of 125 multiple-choice questions, as well as a six-hour practical exam during which they must complete an ethical hacking operation on a real system.

The CEH certification remains valid for three years after its acquisition. To renew, holders must comply with the continuing education policy of the EC-Council (ECE), the organization that issues the certification. This policy requires 120 ECE credits over three years through training, research, or contributions to the ethical piracy community.

An annual payment of $80 is also required to maintain CEH certification status.