Certified ethical hacker

Certified Ethical Hacker (CEH) is a qualification given by EC-Council and obtained by demonstrating knowledge of assessing the security of computer systems by looking for vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system. This knowledge is assessed by answering multiple choice questions regarding various ethical hacking techniques and tools. The code for the CEH exam is 312–50. This certification has now been made a baseline with a progression to the CEH (Practical), launched in March 2018, a test of penetration testing skills in a lab environment where the candidate must demonstrate the ability to apply techniques and use penetration testing tools to compromise various simulated systems within a virtual environment.

Ethical hackers are employed by organizations to penetrate networks and computer systems with the purpose of finding and fixing security vulnerabilities. The EC-Council offers another certification, known as Certified Network Defense Architect (CNDA). This certification is designed for United States Government agencies and is available only to members of selected agencies including some private government contractors, primarily in compliance to DOD Directive 8570.01-M. It is also ANSI accredited and is recognized as a GCHQ Certified Training (GCT).

Examination
Certification is achieved by taking the CEH examination after having either attended training at an Accredited Training Center (ATC), or completed through EC-Council's learning portal, iClass. If a candidate opts to self-study, an application must be filled out and proof submitted of two years of relevant information security work experience. Those without the required two years of information security related work experience can request consideration of educational background. The current version of the CEH is V12, released in September 2022. The exam, which uses the same EC-Council exam code (312-50) as the earlier versions, has 125 multiple-choice questions and a 4-hour time limit.

The EC-Council and various ATCs administer the CEH examination.

Members holding the CEH/CNDA designation (as well as other EC-Council certifications) must seek re-certification under this program every three years, for a minimum of 120 credits.

Critical components
The CEH focuses on the latest malware attacks, the latest hacking tools, and the new emerging attack vectors in cyberspace. It includes hacking challenges at the end of every module and is built 100% in compliance to the NICE 2.0 Framework to ensure a systematic job role mapping.