EC-Council · Official Blueprint · Last reviewed May 2026
The official EC-Council CEH exam covers 13 domains. The vendor does not publish percentage weights for these domains — treat each as an equal part of the exam blueprint.
Covers the topics, concepts, and applied skills examined under the Footprinting, Reconnaissance and Scanning domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Footprinting, Reconnaissance and Scanning questionsCovers the topics, concepts, and applied skills examined under the Enumeration and System Hacking domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Enumeration and System Hacking questionsCovers the topics, concepts, and applied skills examined under the Malware, Social Engineering and Network Attacks domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Malware, Social Engineering and Network Attacks questionsCovers the topics, concepts, and applied skills examined under the Web Application and Injection Attacks domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Web Application and Injection Attacks questionsCovers the topics, concepts, and applied skills examined under the Introduction to Ethical Hacking domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Introduction to Ethical Hacking questionsCovers the topics, concepts, and applied skills examined under the Scanning Networks and Enumeration domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Scanning Networks and Enumeration questionsCovers the topics, concepts, and applied skills examined under the Vulnerability Analysis and System Hacking domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Vulnerability Analysis and System Hacking questionsCovers the topics, concepts, and applied skills examined under the Advanced Topics: Wireless, Cloud, IoT, Cryptography domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Advanced Topics: Wireless, Cloud, IoT, Cryptography questionsCovers the topics, concepts, and applied skills examined under the Footprinting and Reconnaissance domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Footprinting and Reconnaissance questionsCovers the topics, concepts, and applied skills examined under the Network and Web Application Attacks domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Network and Web Application Attacks questionsCovers the topics, concepts, and applied skills examined under the Wireless, IoT and Cloud Security domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Wireless, IoT and Cloud Security questionsCovers the topics, concepts, and applied skills examined under the Cryptography and Malware Analysis domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Cryptography and Malware Analysis questionsCovers the topics, concepts, and applied skills examined under the Social Engineering and Physical Security domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Social Engineering and Physical Security questionsThe vendor does not currently publish percentage weights for these domains, so Courseiva does not rank them by weight.
Work through each domain systematically — cover fundamentals first, then applied and scenario-based topics.
Never skip a domain regardless of perceived importance. Full coverage is required to pass.
Use Courseiva domain analytics to track your accuracy per domain and route extra questions to your weak areas.
Courseiva tracks your accuracy per domain automatically and routes you toward your weakest areas — no manual configuration needed.