Learn What to Study for the CEH V9 Examination

The most effective way to prevent hacking is to think like a hacker. For this reason, counter-hacking and hacking are closely aligned practices. The CEH (Certified Ethical Hacker) program, administered by the EC-Council (International Council of Electronic Commerce Consultants), recognizes and embraces this principle. Indeed, in an attempt to prepare IT professionals to prevent and respond to hacking events, the CEH program introduces candidates to the tools and techniques required to think and act just like a hacker.

There are two steps involved in gaining the CEH designation. First, candidates must complete a 40-hour course, which can usually be completed in five days, that introduces them to hacking tools and techniques and puts them into the “hacking mindset.” Second, at the conclusion of the course, candidates must take and pass the CEH exam.

The exam measures candidates’ competency in the following 18 domains of knowledge:

1) Introduction to Ethical Hacking
2) Footprinting and Reconnaissance
3) Scanning Networks
4) Enumeration
5) System Hacking
6) Malware Threats
7) Sniffing
8) Social Engineering
9) Denial of Service
10) Session Hijacking
11) Hacking Webservers
12) Hacking Web Applications
13) SQL Injection
14) Hacking Wireless Networks
15) Hacking Mobile Platforms
16) Evading IDS, Firewalls, and Honeypots
17) Cloud Computing
18) Cryptography

Rather than structure the exam in relation to these 18 domains of knowledge, the CEH exam is structured in relation to only 7 content areas and each area is weighted differently:

1) Background (4%)
2) Analysis/Assessment (13%)
3) Security (25%)
4) Tools/Systems/Programs (32%)
5) Procedures/Methodology (20%)
6) Regulation/Policy (4%)
7) Ethics (2%)

The computer-based and closed-book exam consists of 125 multiple-choice questions. Candidates have 4 hours to complete the exam, and 70% is considered a passing score. This means that in order to pass, candidates must answer at least 88 questions correctly. The exam can be completed at either an EC-Council Exam Center or a Pearson VUE Testing Center. Below, we offer an exam blueprint and tips on how to prepare for the CEH exam.

Content Area 1: Background (4%)

Content Area 1, which only consists of 5 questions, tests candidates’ knowledge of different types of software, hardware and systems that are vulnerable to hackers, including the following:

• Webtechnologies (e.g., web 2.0, Skype)
• Networking technologies (e.g., hardware, infrastructure)
• Systems technologies
• Communication protocols
• Malware operations
• Mobile technologies (e.g., smartphones)
• Telecommunication technologies
• Backups and archiving (e.g., local, network)

Content Area 2: Analysis/Assessment (13%)

The second content area on the CEH exam consists of 16 questions and focuses on analysis and assessment of information systems (e.g., what factors contribute to system vulnerability and what techniques can be used to identify these factors). Specific questions include those assessing candidates’ knowledge of:

• Data analysis
• Systems analysis
• Risk assessment
• Technical assessment

Content Area 3: Security (25%)

The second largest section on the CEH exam focuses on security. Consisting of 31 questions, this area probes test takers’ knowledge of security issues in relation to the following subfields:

• Systems security controls
• Application/fileserver
• Cryptography
• Firewalls
• Physical security
• Threat modeling
• Network security
• Verification procedures (e.g., false positive/negative validation)
• Vulnerability scanners
• Social engineering (human factors manipulation)
• Security policy implications
• Privacy/confidentiality (with regard to engagement)
• Biometrics
• Wireless access technology (e.g., networking, RFID, Blue tooth)
• Trusted networks
• Vulnerabilities

Content Area 4: Tools/Systems/Programs (32%)

Content Area 4 is the most heavily weighted section on the CEH exam and consists of 40 questions. Under this content area, test takers need to be prepared to showcase their expertise on the tools, systems and programs used by hackers and ethical hackers alike. For this part of the exam, a background in programming languages, such as C ++ and Java, and scripting languages, such as PHP, and a familiarity with different operating systems and network architectures is of great benefit. Specifically, CEH candidates should be prepared to respond to questions on the following areas of knowledge:

• Network/host based intrusion
• Network/wireless sniffers (e.g., WireShark, Airsnort)
• Cryptography techniques (e.g., IPsec, SSL, PGP)
• Access control mechanisms (e.g., smart cards)
• Programming languages (e.g. C++, Java, C#, C)
• Scripting languages (e.g., PHP, JavaScript)
• Network topologies
• Boundary protection appliances (e.g., DMZ)
• Subnetting
• Port scanning (e.g., NMAP)
• Domain name system (DNS)
• Routers/modems/switches
• Vulnerability scanner (e.g., Nessus, Retina)
• Vulnerability management and protection systems (e.g., Foundstone, Ecora)
• Operating environments (e.g., Linux, Windows, Mac)
• Antivirus systems and programs
• Log analysis tools
• Security models
• Exploitation tools
• Database structures

Content Area 5: Procedures/Methodology (20%)

Content Area 5 focuses on procedures and methodologies and is comprised of 15 questions. For this part of the exam, candidates must possess a familiarity with different types of information architectures and security testing methods. Specific questions focus on the following topics:

• Cryptography
• Public key infrastructure (PKI)
• Security Architecture (SA)
• Service Oriented Architecture (SOA)
• Information security incident management
• N-tier application design
• TCP/IP networking (e.g., network routing)
• Security testing methodology

Content Area 6: Regulation/Policy (4%)

Content Area 6 is comprised of 5 questions on regulation and policy issues. Specific questions may focus on security policies or compliance regulations, such as PCI (Payment Card Industry) compliance.

Content Area 7: Ethics (2%)

The final content area on the CEH exam focuses on ethics. Comprised of only 3 questions, this part of the exam tests candidates’ knowledge of the professional codes of conduct, including the EC-Council’s own code of ethics, and the appropriateness of hacking activities in different contexts (e.g., when there is a strong reason to conclude that hacking is necessary and bound to serve the common good).