Here's What You Need to Know to Get Your Certified Ethical Hacker (CEH) Credential

Ethical hacker using magnifying glass to look at code

Ethical hacking — that's a phrase that's sure to raise some eyebrows. After all, hackers are most often associated with criminal computer activity. How can someone primarily engaged in breaking into information systems act in an ethical manner?


In reality, the term ethical hacking describes individuals who use the same skills as malicious "black hat" hackers, but who work to promote the common good. Ethical hackers, or "white hat" hackers, test the security of systems belonging to their employers or clients to help build in stronger security measures.


As with many technical specialties, a certification program exists to help ethical hackers demonstrate that they possess the basic knowledge needed to succeed in the field. The Certified Ethical Hacker (CEH) program fills this need for white hat hackers. Companies seeking to hire employees or consultants to perform penetration tests may use the CEH credential to screen candidates and ensure that they are well prepared to test system security in a manner that is both technically competent and ethical.


Why would you want to become an ethical hacker? It's a very hot career field! Demand for information security specialists is high and individuals with an average level of experience easily command six-figure salaries. In a 2014 TechTarget salary survey, information security professionals reported earning an average of $112,372. Penetration testers with experience and certifications should expect high demand for their talents in the workforce. Earning the CEH credential is a great way to punch your entry ticket for this profession.


Getting Started: The CEH


The CEH program, administered by the information security industry group EC-Council, is an entry level certification targeted at penetration testers with little or no experience. If you don't have experience in information security, then the easiest path to the exam is taking an official EC-Council training program.


You may do this through in-person training, computer-based training, online programs or a certified academic course. Individuals who successfully complete any of these training programs are automatically eligible to sit for the CEH examination.


If you prefer not to take one of the official CEH training programs, you'll need to go through a bit of a bureaucratic process before you may sit for the exam. You must fill out paperwork and prove to the EC-Council that you have at least two years of information security experience and an educational background that "reflects specialization in information security." You'll also have to pay a $100 eligibility application fee before being allowed to purchase an exam voucher.


Once you've met the basic exam eligibility requirements, you'll register through Prometric or VUE to take the CEH exam at a local testing center. When you arrive at the test center, you'll sit at a computer workstation and take the multiple-choice exam online.


After you complete the exam, you'll immediately receive your exam results. The exam itself consists of 125 multiple-choice questions and you must answer at least 88 of them correctly to achieve the passing score of 70 percent. You will have four hours to complete the exam, giving you an average of a little under two minutes for each question.


What's Covered on the CEH Test?


The CEH exam follows a seven-part outline and includes a specific number of questions covering each section on the outline. This is very helpful when preparing for the exam, making it easy to spend the majority of your time focusing on the exam material that drives the largest number of CEH questions. The seven sections of the CEH exam are:


? Section I: Background (5 questions)

? Section II: Analysis/Assessment (16 questions)

? Section III: Security (31 questions)

? Section IV: Tools, Systems and Programs (40 questions)

? Section V: Procedures and Methodology (25 questions)

? Section VI: Regulation and Policy (5 questions)

? Section VII: Ethics (3 questions)


It's easy to deduce from this outline that you should spend the majority of your time focused on sections 2, 3, 4 and 5! Spending significant time on the background, regulation and policy, or ethics section would not be a wise investment of your limited study energy.


The first section, background material, covers some of the basic IT knowledge that you'll need to be successful as an ethical hacker. You'll need to demonstrate knowledge of networking and communications technology, web-based systems, smartphones, backups and archiving.


These topics may not seem directly related to ethical hacking, but they are required knowledge for anyone seeking to perform a penetration test. After all, the best intruders have an intimate understanding of the systems they're seeking to penetrate!


Strong analytic skills separate the very best security professionals from the rest of the pack and the second section of the CEH exam dives into these skills. Test takers will face 16 questions that explore data analysis, systems analysis, risk assessments and technical assessment methods. Knowledge of these topics helps ethical hackers develop an understanding of their attack target and forms the basis of vulnerability assessments that inform the selection of appropriate attack techniques.


The third section moves into the heart of the matter with 31 questions covering a variety of information security topics. In this section, test takers must demonstrate understanding of system security controls, including file system security, cryptography, vulnerability scanning and authentication.


This section also covers a wide variety of network security topics including firewalls, wireless networking, trusted networks and threat modeling. The section rounds out with a healthy dose of other security topics including physical security, social engineering, policy, privacy and biometrics.


The fourth section of the exam dives even deeper into security topics with an in-depth exploration of tools, systems and programs. Security technologies appear prominently in this section including intrusion detection, access controls, network sniffers, security appliances, vulnerability scanning, antivirus software and log analysis tools.


This section also covers application development including programming and scripting languages and database structure. It also continues the exploration of network topics that began in section one with in-depth coverage of subnetting, DNS and network gear. This section is the longest section on the exam, with 40 questions that make up 32 percent of the material.


Section five covers the procedures and methodology of information security professionals. It includes questions relating to cryptography and the public key infrastructure (PKI). Architectural questions figure prominently with coverage of security architectures and service-oriented architecture (SOA). This category also includes security incident management, n-tier application design, TCP/IP network routing and security testing methodologies. Does that sound like a hodge-podge of topics? It is — you'll want to be ready for anything here.


The final two sections of the exam are short, quick-hit sections that you should be able to study for fairly quickly. Section six includes five questions covering security policies and compliance regulations, with a particular focus on the Payment Card Industry Data Security Standard (PCI DSS). The final section contains three ethics questions on the professional code of conduct and the appropriateness of using hacking tools and techniques in various circumstances.


While that sounds like a ton of material, earning the CEH credential is certainly an achievable task for anyone interested in information security. If you've been in the field for a while, you'll probably find that you can draw upon your experience for a significant portion of the questions and only need to brush up on the areas outside of your professional expertise. If you're new to the field, you'll want to either take a hands-on class or go through a rigorous self-study program. Either way, good luck earning your CEH credential!


Would you like more insight into the history of hacking? Check out Calvin's other articles about historical hackery:
About the Author

Mike Chapple is Senior Director for IT Service Delivery at the University of Notre Dame. Mike is CISSP certified and holds bachelor’s and doctoral degrees in computer science and engineering from Notre Dame, with a master’s degree in computer science from the University of Idaho and an MBA from Auburn University.