Penetration Testing Certification: How To Get & Why Go For It


ScienceSoft’s certified ethical hacker Uladzislau Murashka dwells on CEH certification
By Uladzislau Murashka, Certified Ethical Hacker, ScienceSoft

As cybersecurity threats grow in sophistication, a need for advanced approaches to penetration testing grows as well. At the same time, security professionals capable of implementing these approaches are in short supply. So, thousands of companies hunt for them, ready to pay quite a sum for qualified penetration testing services.

CEH certification has gained a distinguished reputation for being an indicator of a pentester’s proficiency. Let’s find out what stands behind these three letters: CEH.

CEH (Certified Ethical Hacker) is an advanced penetration testing certification issued by the International Council of Electronic Commerce Consultants (EC-Council), an internationally recognized professional certification body. InfoSec Institute acknowledged this credential as number one among top security certifications in 2017, as it gives a recognized validation that a pentester complies with the standards of information security in ethical hacking measures.

CEH Certification Path

What is tested?
Prospective certificate holders are tested in the following knowledge areas:
• System Development & Management
• System Analysis & Audits
• Security Testing/Vulnerabilities
• Reporting
• Mitigation
• Ethics

A pentester has two options on how to prepare for a CEH examination: official training and self-study.

EC-Council offers instructor-led and online training sessions. The instructor-led training is conducted in accredited training centers, and the online version is based on the iClass platform. The five-day course includes 18 modules covering 270 attack scenarios and costs either $850 (for US citizens) or $885 (for international students). After the course, an applicant continues self-education with access to EC-Council laboratories. The overall preparation for CEH certification lasts for one year since the enrollment.

To take CEH examination without attending a dedicated training session, the candidate should have 2+ years of information security-related experience and relevant educational background. In addition, such candidates are required to pay a non-refundable application fee of $100.

The CEH penetration testing certification exam lasts for four hours, during which candidates answer 125 multiple-choice questions. They have to demonstrate a wide range of skills, which include not only different types of web application and network penetration testing, but also social engineering, cryptography, malware threats, cloud computing, mobile platforms hacking, and more.

The pass mark for the exam is 70%. Successful candidates have issued a CEH credential, and receive a CEH welcome kit within 4-8 weeks after the exam completion date. The kit includes a hard copy of an EC-Council certificate and a welcome letter from EC-Council. Digital versions are available on the Aspen portal.

A sample of CEH certificate

A sample of exam transcript


The CEH credential is valid for three years. However, in order to keep the certificate updated and have the ability to renew it later, a certificate holder has to achieve 120 credits per certification within the three-year period. Credits can be gained by attending conferences, writing research papers, reading materials on related subjects and attending webinars.

Fee policy
CEH penetration testing certification requires an $80 annual membership fee. This makes the certificate holders eligible to the following benefits:
• Continued support from the EC-Council community.
• One free certification voucher.
• Exclusive discounts on EC-Council events, certification programs, and materials.

Why become an ethical hacker?

The terms penetration testing and ethical hacking are often interchangeable; however, there is a difference. The former is a more narrow term for the process of finding vulnerabilities in a target IT system. Penetration testers should be skilled in a specific area (for example, network penetration testing) and are not required to possess any formal proficiency credentials. Ethical hacking, in its turn, can be called advanced penetration testing. It encompasses application and network penetration testing, together with DDoS testing and social engineering. Ethical hackers should possess CEH certification, while penetration testers are not required to have any certificates.

It pays to be a certified ethical hacker for several reasons:

  • To get a better salary. According to the InfoSec Institute, the average payout to a Certified Ethical Hacker in the US is $71,331 per year (non-certified pentesters are paid $50,000 a year on average) and reaches $132,322.
  • To be highly valued on the professional market. Customers consider CEH certification among the key factors in their hiring decisions.
  • To discover more career opportunities. A certified ethical hacker is not limited to penetration testing and may take on the roles of a security engineer, application security manager, IT security administrator, information security consultant, security compliance engineer, and network security analyst.

What’s next?
The CEH penetration testing certification alone is sufficient to validate a pentester’s skills, no matter whether it is application and network penetration testing, vulnerability assessment, DDoS testing or social engineering. Besides, it may serve as a foundation for advanced EC-Council certification programs. So, if you are looking for further opportunities in the information security domain, it’s worth considering the following certification programs:
• Advanced penetration testing
• Licensed penetration tester
• Advanced securing windows infrastructure
• Advanced mobile forensics & security
• Advanced hacking & hardening of corporate web apps
• Advanced network defense.
For more information, visit the official website of EC-Council.

About the Author
Uladzislau Murashka is thrilled to be a guest writer to CDM, is a Certified Ethical Hacker at ScienceSoft with 5+ years of experience in penetration testing. Uladzislau’s spheres of competence include reverse engineering, black box, white box and gray box penetration testing of web and mobile applications, bug hunting and research work in the area of Information Security. Uladzislau can be reached online on LinkedIn and at our company website