Courseiva

EC-Council · Official Blueprint · Last reviewed May 2026

CEH Exam Domains & Blueprint

The official EC-Council CEH exam covers 6 domains. Domain weights tell you exactly how much of the exam each topic represents — and where to invest your study time.

Exam OverviewPractice TestStudy GuideSample QuestionsExam Domains

CEH Domain Weight Summary

#DomainWeightQuestions
1Information Security Fundamentals and Ethics
%
2Reconnaissance and Footprinting
%
3Scanning, Enumeration, and Vulnerability Analysis
%
4System Hacking and Malware
%
5Network and Application Attacks
%
6Cryptography, Cloud, and IoT Security
%

Detailed Domain Breakdown

%

Domain 1: Information Security Fundamentals and Ethics

AAA, access control lists (standard and extended), port security, DHCP snooping, Dynamic ARP Inspection, and VPN overview.

%

Domain 2: Reconnaissance and Footprinting

Covers the topics, concepts, and applied skills examined under the Reconnaissance and Footprinting domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.

%

Domain 3: Scanning, Enumeration, and Vulnerability Analysis

Covers the topics, concepts, and applied skills examined under the Scanning, Enumeration, and Vulnerability Analysis domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.

%

Domain 4: System Hacking and Malware

Covers the topics, concepts, and applied skills examined under the System Hacking and Malware domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.

%

Domain 5: Network and Application Attacks

Covers the topics, concepts, and applied skills examined under the Network and Application Attacks domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.

%

Domain 6: Cryptography, Cloud, and IoT Security

Covers the topics, concepts, and applied skills examined under the Cryptography, Cloud, and IoT Security domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.

How to Use Domain Weights in Your Study Plan

The heaviest domain on the CEH is "Information Security Fundamentals and Ethics" at null%. Start here and return to it regularly.

Allocate study time proportional to domain weight — a 25% domain deserves roughly 25% of your prep hours.

Never skip a low-weight domain. A 10% domain still represents 5–7 exam questions — enough to make the difference between pass and fail.

Use Courseiva domain analytics to track your accuracy per domain automatically. The system routes extra questions to your weak areas.

Practice every CEH domain

Courseiva tracks your accuracy per domain automatically and routes you toward your weakest areas — no manual configuration needed.

Free Practice TestStart Practising

CEH Concept Guides

CEH Ethical Hacking

The CEH (Certified Ethical Hacker) from EC-Council teaches you to think and act like an attacker — within the boundaries of a legal authorisation.

Related Exam Domains

PT0-002

CompTIA PenTest+

CS0-003

CompTIA CySA+

SY0-701

CompTIA Security+

200-201

CyberOps Associate