Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsCEHStudy Guide

EC-Council · 2026 Edition

CEH Study Guide — How to Pass Certified Ethical Hacker

A complete preparation guide written by EC-Council-certified engineers. Covers the exam format,all 13 blueprint domains, a week-by-week study plan, and proven tips for passing first time.

2–4 months

Prep time

Intermediate

Difficulty

125

Exam questions

700/1000

Pass mark

Exam OverviewPractice TestExam DomainsSample QuestionsStudy Guide

On this page

  1. 1. CEH Exam at a Glance
  2. 2. Why Earn the CEH?
  3. 3. Exam Domains & Weights
  4. 4. Study Plan
  5. 5. Exam Tips
  6. 6. Practice Questions

CEH Exam at a Glance

Exam code

CEH

Full name

Certified Ethical Hacker

Vendor

EC-Council

Duration

240 minutes

Questions

125 items

Passing score

700/1000 (scaled)

Domains covered

13 blueprint domains

Recommended experience

2 years of work experience in information security or completion of EC-Council's official CEH training

Typical prep time

2–4 months

Why Earn the CEH?

CEH is the world's most widely recognised ethical hacking credential. It validates knowledge of offensive security techniques used by hackers and is required or preferred for penetration tester, red team analyst, and security consultant roles.

Job roles this opens

Ethical HackerPenetration TesterRed Team AnalystSecurity ConsultantVulnerability Analyst

CEH Exam Domains

Domain percentage weights are not currently available for this exam. The checklist below is still useful for planning your study.

Footprinting, Reconnaissance and Scanning
Enumeration and System Hacking
Malware, Social Engineering and Network Attacks
Web Application and Injection Attacks
Introduction to Ethical Hacking
Scanning Networks and Enumeration
Vulnerability Analysis and System Hacking
Advanced Topics: Wireless, Cloud, IoT, Cryptography
Footprinting and Reconnaissance
Network and Web Application Attacks
Wireless, IoT and Cloud Security
Cryptography and Malware Analysis
Social Engineering and Physical Security

Detailed domain breakdown with subtopics →

CEH Study Plan

Weeks 1–3

Reconnaissance and Scanning: footprinting, passive/active recon, network scanning, enumeration

Tip: The CEH exam tests tools by name and phase. Know: Maltego and theHarvester (passive OSINT), Nmap (active scanning — know key flags: -sS SYN scan, -sV version detection, -O OS fingerprinting, -A all detection, -p port range), Nessus (vulnerability scanning), and Metasploit (exploitation framework).

Weeks 4–6

System Hacking and Malware: access, privilege escalation, persistence, malware types

Tip: System hacking phases on CEH: gaining access → escalating privileges → maintaining access → clearing logs. Know the techniques at each phase: password cracking (rainbow tables, brute force, dictionary attacks), privilege escalation (kernel exploits, SUID abuse), backdoors (netcat listeners, Meterpreter), and log clearing (Metasploit clearev, manual log deletion).

Weeks 7–9

Network Attacks: sniffing, DoS/DDoS, session hijacking, social engineering, web attacks

Tip: Web application attacks are tested in depth: SQL injection (know UNION-based, blind, and time-based blind SQLi), XSS (reflected, stored, DOM-based), CSRF, file inclusion (LFI, RFI), command injection, and IDOR. Know what OWASP is and that the OWASP Top 10 is the CEH web attack reference.

Weeks 10–14

Advanced Topics: wireless attacks, IoT hacking, cloud hacking, cryptography, mobile

Tip: Wireless attack techniques: WPA2 handshake capture (deauthenticate a client, capture 4-way handshake, crack offline with aircrack-ng), evil twin AP (rogue AP with same SSID as legitimate network), and WPS PIN attack (reaver). Know the attack type and the tool used for each.

CEH Exam Tips

CEHv12 exam: 125 questions, 4 hours, 70% passing score (varies by exam form). The exam is available in both knowledge-based (multiple choice) and practical (6-hour live lab) formats. Check which format your voucher covers.

Know the hacking methodology phases in order: Reconnaissance → Scanning → Gaining Access → Maintaining Access → Clearing Tracks. CEH questions describe an activity and ask which phase it belongs to.

The CEH knowledge exam tests tool recognition, not tool operation. Know what each tool does and what phase it is used in — you will not type commands in the knowledge exam but must identify correct tool usage from descriptions.

Google hacking (Google dorking) is a CEH topic: know common dork operators — site: (restrict to a domain), filetype: (find specific file types), intitle: (search page titles), inurl: (search URLs). Exam questions give a dork string and ask what it finds or give a target and ask which dork would find specific information.

Cryptography on CEH: know the algorithm families — symmetric (AES, DES, 3DES, Blowfish), asymmetric (RSA, ECC, Diffie-Hellman), hashing (MD5, SHA-1, SHA-256), and message authentication codes (HMAC). Know the key lengths considered secure: AES-256, RSA-2048+, SHA-256+.

Ready to practice CEH?

Apply everything in this guide with adaptive practice questions, detailed answer explanations, and domain analytics.

Free Practice TestStart Practising

CEH concept guides

Deep-dive explanations of the key topics tested on CEH — with exam key points and common misconceptions.

CEH Ethical Hacking

The CEH (Certified Ethical Hacker) from EC-Council teaches you to think and act like an attacker — within the boundaries of a legal authorisation.

Related Study Guides

PT0-002

CompTIA PenTest+

CS0-003

CompTIA CySA+

SY0-701

CompTIA Security+

200-201

CyberOps Associate