Certified Ethical Hacker
This article needs additional citations for verification. (January 2016) (Learn how and when to remove this template message)
Certified Ethical Hacker (CEH) is a qualification obtained by demonstrating knowledge of assessing the security of computer systems, answering multiple choice questions regarding penetration testing techniques. The code for the CEH exam is 312-50. Although the certification (and course) is referred to Version 10, the exam has not changed since v8, hence the exam code as remained as 312-50. This certification has now been made a baseline with a progression to the CEH (Practical), a test of penetration testing skills in a lab environment where the candidate must demostrate the ability to apply techniques and use penetration testing tools to compromise various simulated system within a virtual environment.
Penetration tests are employed by organizations that hire certified ethical hackers to penetrate networks and computer systems with the purpose of finding and fixing security vulnerabilities. The EC-Council offers another certification, known as Certified Network Defense Architect (CNDA). This certification is designed for United States Government agencies and is available only to members of selected agencies including some private government contractors, primarily in compliance to DOD Directive 8570.01-M.
Certification is achieved by taking the CEH examination after having either attended training at an Accredited Training Center (ATC), or completed through self-study. If a candidate opts for self-study, an application must be filled out and proof submitted of two years of relevant information security work experience. Those without the required two years of information security related work experience can request consideration of educational background. The current version of the CEH is V10 which uses the EC-Council's exam 312-50, as the earlier versions did. Although the new version V10 has recently been launched, this exam has 125 multiple-choice questions, with a 4-hour time limit, The test delivery will be web based, via Prometric prime. The exam code varies at different testing centers. The 312-50 exam will be proctored at Accredited Training Centers (ATC). The earlier v7 had 150 multiple-choice questions and a four-hour time limit. The version 7 and version 8 exams cost US$500 for the actual test and $100 as a non-refundable fee for registration. Prices apply in the United States (prices in other countries may be different), and is administered via computer at an EC-Council Accredited Training Center, Pearson VUE, or Prometric testing center (in the United States). The V9 was released with very few changes in its modules.
The EC-Council and various ATCs (Accredited Training Center) administer the CEH examination.
Members holding the CEH/CNDA designation (as well as other EC-Council certifications) must seek re-certification under this program every three years, for a minimum of 120 credits.
The CEH certification has drawn criticism since inception due to higher than average preparation costs, low-tech exam registration procedures, and limited technical content within the exam itself. Some computer security professionals have objected to the term "ethical hacker" as a "contradiction in terms". Part of the controversy may arise from the older, less stigmatized, definition of hacker, which has since become synonymous with the computer criminal. According to the EC-Council, there has been an increase of careers where CEH and other ethical hacking certifications are preferred or required. The US government accepts this association and requires CEH accreditation for some jobs, per DoD 8570.01-M guidelines.
- "Certified Ethical Hacking v9 (CEH v10) Certification and Training Course" (PDF). www.eccouncil.org. Retrieved 2016-09-27.
- "Ethical Hacking, Undergraduate Program, Abertay University". www.abertay.ac.uk. Retrieved 2016-03-28.
- "Certified Network Defense Architect - EC-Council". eccouncil.org. Archived from the original on 2012-06-12.
- "Global sites - EC-Council". eccouncil.org. Archived from the original on 2014-07-27.
- "CEH: Certified Ethical Hacking course from EC-Council". eccouncil.org. Archived from the original on 2012-10-06.
- "Archived copy". Archived from the original on 2012-06-10. Retrieved 2012-05-27.
- Ethical Hacking and Countermeasures (312-50) Exam. "CEH v9 Exam (312-50)" (PDF). Retrieved 2016-09-27.
- "Certified Ethical Hacking (CEH) — What You Need to Know - Cybrary". Cybrary. 2017-11-21. Retrieved 2017-11-22.
- D'Ottavi, Alberto (February 3, 2003). "Interview: Father of the Firewall". Archived from the original on March 23, 2008. Retrieved June 6, 2008.
- "Archived copy". Archived from the original on 2009-01-13. Retrieved 2009-01-30.
- "Certification - CEH,CHFI, ECSA, LPT, ENSA, ECSP, ECVP, EDRP, CNDA, ECIH, ECSS". eccouncil.org.
- "Despite Economy, IT Security Salaries Are On The Rise". Dark Reading.
- "How to Become a Certified Ethical Hacker". esecurityplanet.com.
- "DoD Approved 8570 Baseline Certifications". disa.mil.
- Walker, Matt; CEH Certified Ethical Hacker All-In-One Exam Guide, The McGraw-Hill Companies, 2011. ISBN 978-0-07-177229-7
- Oriyano, Sean-Philip; CEH: Certified Ethical Hacker Version 8 Study Guide, Sybex Publishing, 2014. ISBN 978-1-118-64767-7
- Gregg, Michael; Certified Ethical Hacker Exam Prep, Que Publishing, 2006. ISBN 978-0-7897-3531-7
- DeFino, Steven; Greenblatt, Larry; Official Certified Ethical Hacker Review Guide: for Version 7.1 (EC-Council Certified Ethical Hacker (Ceh)), Delmar Cengage Learning, March 2, 2012. ISBN 978-1-1332-8291-4