The Certified Ethical Hacker (C|EH) certification is one of the oldest cybersecurity certifications. As a result, it has a sizable market share, although recent social media boycotts may change that in the future. It is difficult to mention the EC Council company without mentioning the substantial controversy surrounding their alleged practices. Many information security practitioners have noted incorrect, outdated, or plagiarized material.
C|EH covers the basic fundamentals associated with offensive security. Offensive security professionals work in red team environments and specialize in attacking computer systems, gaining access to networks, applications, databases, and critical data on secured systems. They understand attack strategies, use creative attack vectors, and mimic malicious hackers’ skills but operate with system owners’ permission. C|EH is a multiple-choice examination that does not generally require practical knowledge. There is also a lesser-known C|EH practical examination for a certification of the same name. Finishing the multiple choice and practical exam results in a stackable certification called C|EH: Master.
C|EH v12 is the latest version of the certification and includes training, hands-on learning labs, cyber ranges for practice, certification assessments, and cyber competition options. It claims to equip aspiring cybersecurity professionals with the tactics, techniques, and procedures to become ethical hackers capable of identifying vulnerabilities in various target systems. The training program comprises 20 modules covering reconnaissance, scanning, gaining access, maintaining access, and covering tracks.
What’s New in C|EH v12:
- The certification program follows a new learning framework: Learn, Certify, Engage, and Compete.
- It includes a practice range for hands-on learning.
- The Hackerverse offers opportunities for ethical hackers to enhance their careers through challenges and competitions.
- The program covers a wide range of topics, including web application threats, mobile platform attacks, IoT hacking, cloud computing, and more.
- The certification exam consists of two parts: a knowledge exam and a practical exam. The knowledge exam is the most common certification by a huge margin.
- Successful candidates can achieve the C|EH Master designation by completing both exams.
C|EH v12 claims to offer a practical approach to ethical hacking, preparing professionals for the challenges of the cybersecurity field. The certification is recognized by Human Resources due to its relative age compared to other certifications.
By now, most people know this certification has a checkered past. They may have seen a meme on social media or maybe just heard about it by reputation. I went into this cert expecting all of that. It was free from work so I figured why not.
The entire experience was extremely frustrating. I had to memorize material that I knew to be incorrect so that I could write the exam "the EC Council way". Even my study material pointed out that certain information was wrong but that EC Council would mark the correct answer as wrong. Even the book made fun of the cert some with a lot of tongue-in-cheek references to the EC Council's obsession with dumpster diving.
I really can't say to avoid this cert as much as possible.
Registering for the exam and getting it scheduled felt like I was getting scammed. Now that my cert is expiring/expired, I get constant requests to pay yearly fees from EC Council despite repeatedly asking them to stop contacting me. Overall the experience just left a really bad taste in my mouth.. to say nothing of the reputation of the cert and company within the greater infosec community.
AVOID
Difficulty: 1 out of 5.
I first learned about the Certified Ethical Hacker (C|EH) certification through a colleague who expressed interest in taking the class. The concept of becoming a "Certified Ethical Hacker" intrigued me, but upon further investigation and consulting others, I discovered it wasn't as promising as it sounded. I enrolled in this course as part of my WGU Masters program and used the Matt Walker C|EH book for my studies. The book was eye-opening as it highlighted numerous flaws in the certification process and criticized EC-Council, the certifying body.
Much of the content taught in the C|EH course struck me as overly basic, impractical, and not aligned with industry security best practices. The focus seemed to be more on theoretical knowledge rather than real-world applications. Interestingly, many of the topics covered in C|EH overlapped with those in the Security+ certification. It felt like both certifications were at a similar level, with C|EH merely adding security tools without requiring practical usage. If you could memorize port numbers, definitions, and basic tool syntax, passing the exam was remarkably easy. To make matters worse, the exam itself contained numerous glaring grammatical errors, which proved to be quite distracting.
In conclusion, I cannot recommend this course to anyone. Despite my efforts to find value in every learning experience, this is one of the rare instances where I found none.
Editor note: The reviewer is reviewing the 2014 edition of the exam.
Difficulty: 1 out of 5
I first learned of the importance of certifying in the cybersecurity industry in 2012 while I was active duty. I needed to demonstrate, in some way, that I'd been around the cybersecurity industry. I wasn't going to stay active duty forever. In the Spring of 2013, I did four CompTIA certs. I felt like I had the opportunity, at that time but not before, to dig deeper into cybersecurity. I began studying & mostly reading for the CEH cert from EC-Council and the CISSP at that time. I took the CISSP in the Fall of 2013 and passed on my first attempt. I then focused heavily on CEH.
Other than reading the Certified Ethical Hacker v7 Practice Exams book by Matt Walker (2013), I did the following. I practiced all the problems more than once. I made a list in Excel of all the tools listed or mentioned in this book and other online resources and looked up each tool to get familiar with the tool at a very high, non-technical level. I learned to be able to recognize command lines for tools like Snort and NMAP and MetaSploit and tools like that. There were 200 tools in all, and at best I was able to say that Nessus was a vulnerability scanner and was able to answer questions listing tools, asking for which tool did what.
That set me up to be able to successfully pass the exam, and it's a bitter sweet feeling. I was proud of passing the CEH exam (this was also on my first try), but I feel the exam could have been better. If I remember correctly, there was never a time when the test taker had to use a command line to do any type of "hacking". I found the test to be mostly multiple-choice questions, which are easy for good test takers like me. I found the test to be mostly about recognizing tools, understanding methodologies, and being able to know which tool may be more appropriate than another, given a scenario.
So now I've been a CEH for going on 10 years. The EC-Council CPE process is awkward at best for someone like me and always has been. If I didn't have other certs with EC Council (I am also a CHFI), I would let CEH lapse because I hear that it's lost its value over the years. Has the test gotten any better? Can anyone answer this?