If you are at the point where you’re asking, ‘Is CEH hard to pass?’ chances are that you are familiar with what an ethical hacker does and how important the CEH certification can be to someone looking to become one. Right now, you are looking for some reassurance that any time and money invested in training and certification is worth it. So, while we can’t predict if you will pass, we can give you a sense of what you need to do to get your CEH accreditation and what to expect from the exam.
What is an Ethical Hacker?
If you’re not clear on what a certified ethical hacker is, or does, you may want to check out our article How to Become a Certified Ethical Hacker. But to summarize, an ethical hacker uses the same tools and techniques a criminal hacker does to break into computer networks. The difference is that an ethical hacker is paid by the organization they are breaking into, so the organization can fix gaps in their cybersecurity before a criminal can find them.
If you’re looking for a job with a future it’s worth noting that with the large number of government agencies, corporations and military installations based around us in Maryland, we are seeing growing demand for ethical hackers.
What are the Requirements to Become a Certified Ethical Hacker?
There are two requirements to becoming an EC-Council Certified Ethical Hacker - proof of experience working in the information security field and passing the CEH exam. You do not have to have passed other certifications to become a CEH, but typically candidates have gained some foundational certifications like CompTIA A+ before they consider becoming one.
To complete your CEH certification, EC-Council requires proof that you have some experience in the information security field. There are two ways to do this:
- 1. If you choose to self-study, or study with a non-accredited training school, you must submit an application to EC-Council, proving that you have at least two years’ experience working in the InfoSec field. Note that there is a fee for this.
- 2. Alternatively, you can take your training with an accredited EC-Council partner such as TrainACE. Taking your CEH with an accredited partner assures EC-Council that you have covered all the requirements to become a Certified Ethical Hacker.
The CEH Exam
The CEH exam is a four-hour test comprising of 125 multiple choice questions. The questions cover the full CEH syllabus, so your preparation for the exam needs to be focused and thorough. Be aware that the exam is designed to test your in-depth knowledge, so simply memorizing lists of questions and answers you might find on the internet is unlikely to help you pass the exam.
But is CEH Hard to Pass?
The CEH exam is made up of 125 multiple choice questions. You have four hours to complete the test and must successfully answer 70% of the questions to pass. The exam covers a wide range of topics throughout the CEH syllabus and often in considerable depth.
Ethical Hacking is a multidisciplinary occupation, to succeed in a CEH role you need to have at least a working knowledge of different areas within IT including hacking tools, programming, databases, networking, and IT security. The CEH exam will cover elements of all of these. If you are preparing for the CEH exam through self-guided materials, make sure you cover the whole curriculum for the exam version you intend to take.
In the past it was possible to find lists of CEH questions with answers on the internet. This enabled students to pass the test by memorizing specific answers without a sound understanding of the underlying skills. EC-Council became aware of this and changed the question formats to ensure the integrity of their CEH certification.
You should be aware that EC-Council sets questions that will test your practical knowledge of penetration testing techniques, vulnerability assignments, network security and incident response. These are the types of questions you will find difficult to answer if you are just learning from books. Ideally, you should take a training course that offers hands-on experience working with the tools and techniques you will be tested on. This will make the exam feel much easier.
You should also be prepared to encounter questions that are intentionally set to trip you up. Students have reported that they have been asked several very similar looking questions in an exam, which can leave unprepared candidates second-guessing their answers.
In practice, students typically find that there is plenty of time to answer all 125 questions during the four-hour exam and that with proper preparation, the test is thorough but not overly hard to pass. You will need to pay careful attention to each question, and answer what is being asked. Given the length of the exam, some students find that the hardest part of the exam is keeping focused on the questions over a long period of time.
How to Get Your CEH Training and Certification
If you’re ready to get started with CEH, a quick search on the internet will give you a wide range of options when it comes to preparing for the exam. Your choices will range from free YouTube videos, through to more costly, in-person, instructor-led classes. The quality and support that comes with each training course varies a lot, but for the most part you will get what you pay for.
If cost is a big issue and you have time, then look at free, or low-cost, self-guided options. You will have to assess the quality of the materials provided to make sure they are up to date and cover the entire CEH curriculum. Generally, these options come with little to no customer service, so it’s down to you to break through road-blocks in your training. You will also find that this approach will take you longer than using a well-structured, in-person program.
If time is of the essence and you have the budget for it, in-person boot camps tend to have the best outcomes. With these instructor-led classes, you are much more likely to get up-to-date tuition and immediate feedback on your progress. The boot camp format will also encourage you to stay focused and on-track, ultimately getting your CEH certification much faster.
It’s worth noting that if you choose an EC-Council accredited training school, you do not have to go through the additional cost and effort of proving you have two years information security work experience.
Is CEH Worth It?
CEH is one of the more expensive certifications to get, so before you spend a lot of time and money on it, it is reasonable to ask yourself how hard it is to pass, and is it worth it?
In our experience, students tell us that, having studied with an experienced instructor, the CEH test is relatively painless. It’s a long test and requires candidates to focus carefully on what is being asked, but most of our students pass first time.
Our students tell us that they found the CEH certification beneficial to their careers both financially and from the perspective of their skills development. To become a successful ethical hacker, you must prove that you have a wide range of technical and social skills. Taking CEH training pushes you to explore topics and skills you might not have explored otherwise but are often incredibly useful throughout your career.
TrainACE offers CEH boot camps at its offices in Greenbelt, MD and live-online. In addition to providing high-quality instruction, we offer a free class re-take and exam voucher for CEH, should you fail the first time.