Certified Ethical Hacker

What Does Certified Ethical Hacker Mean?

A certified ethical hacker (CEH) is a credentialed information and communication technology (ICT) professional who specializes in legally identifying security vulnerabilities from a malicious hacker's perspective.


CEH credentials are issued by the International Council of E-Commerce Consultants (EC-Council). The goal of this vendor-neutral professional certification — which the council has branded C|EH — is to promote the concept of ethical hacking as a self-regulating profession that is strictly governed by standards.

Candidates for C|EH certification are required to pass a 125-question, multiple-choice exam that takes four hours and tests basic knowledge in the following areas:

  • Overview of information security (INFOSEC)
  • Overview of ethical hacking
  • Attack surface reconnaissance techniques
  • Attack vector strategies, techniques and phases
  • Cloud computing
  • Cryptography
  • Preventative countermeasures

C|EH certificates are valid for three years. To renew credentials, certificate holders have to earn 120 continuing education credits within a period of three years, with a minimum of 30 credits per year.

Techopedia Explains Certified Ethical Hacker

C|EH certificates support the National Initiative for Cybersecurity Education (NICE) framework and are accredited by ANSI (American National Standards Institute), a private non-profit organization that oversees the development of voluntary standards in the United States.

To qualify for the CEH exam, applicants need a minimum of two years work experience in information security. Applicants who have a strong background in core IT concepts such as networking or IT operations can waive this requirement by completing an official EC-Council training course.


Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.