It is well recognised by HR and meets some compliance baselines. Among hands-on practitioners, opinions vary, and practical offensive certifications are often rated more highly for red-team work.

Do I need experience or training for CEH?

Yes. You either take official EC-Council training or apply for eligibility with two years of security experience.

How is CEH maintained?

Through EC-Council Continuing Education (ECE) credits over a three-year cycle.

Cybersecurity

Certified Ethical Hacker (CEH)

Certified Ethical Hacker

By The Exam Atlas Editorial Team · Verified 2026-05-29

Quick facts

Provider	EC-Council
Exam code	312-50
Level	intermediate
Format	Multiple choice (with an optional practical exam)
Questions	125 questions
Duration	4 hours
Passing score	Cut score varies by exam form (roughly 60–85%)
Exam fee	$1199 (plus eligibility / training)
Validity	3 years (ECE credits)
Languages	EN

Overview

The Certified Ethical Hacker (CEH) covers the tools and techniques of offensive security from a defender's standpoint: reconnaissance, scanning, exploitation, web and wireless attacks, and more. It is broad and knowledge-based, with an optional hands-on practical exam.

CEH is well recognised by HR and meets some government baselines, which is its main strength. Practitioners often debate its depth versus hands-on alternatives, so weigh it against more practical offensive certifications if a red-team role is your goal.

Who it is for

People entering penetration testing or red-team work
Analysts who want structured offensive-security knowledge
Roles where CEH is named as a baseline requirement

Who it is not for

Beginners without networking/security fundamentals (do Security+ or Network+ first).
Budget-conscious learners — CEH is among the most expensive certs here, with eligibility/training costs on top.
Those who want defensive/blue-team focus rather than offensive.

Exam structure

Reconnaissance and scanning	Footprinting, enumeration, vulnerability analysis
System and network hacking	Gaining and maintaining access
Web, application and wireless attacks	Common exploitation techniques
Cloud, IoT and cryptography	Emerging and supporting areas

Realistic study time

Security background 60-90 hours over 2-3 months
New to offensive security 120-160 hours

Bars show relative effort, not a guarantee. Your time depends on background and study method.

What it really costs

Exam fee	~US$1,199 — plus eligibility/application
Official training	Often US$1,000+ — or prove experience to skip
Retake	Additional voucher fee
Renewal	ECE credits over 3 years

Fees change and vary by region. Confirm the current amount on the official site before you register.

Is it worth it?

Worth it where CEH is explicitly required or HR-recognised, especially for government-adjacent roles. If your goal is a hands-on penetration-testing job, many practitioners value performance-based offensive certifications more, so compare before committing.

What to do next

CEH proves breadth of offensive concepts; hands-on roles often value practical labs more. Compare with Security+ for a cheaper entry, or move toward CISSP for seniority.

FAQ

Is CEH respected?: It is well recognised by HR and meets some compliance baselines. Among hands-on practitioners, opinions vary, and practical offensive certifications are often rated more highly for red-team work.
Do I need experience or training for CEH?: Yes. You either take official EC-Council training or apply for eligibility with two years of security experience.
How is CEH maintained?: Through EC-Council Continuing Education (ECE) credits over a three-year cycle.