Certified Ethical Hacker (CEH v11)


This course includes
Hand-on Lab
AI Tutor (Add-on)

Get hands-on experience in Ethical hacking basics with the Certified Ethical Hacker course and lab. The course provides a vivid introduction to the technical foundations of hacking, social engineering, malware threats, and vulnerability analysis with clear and approachable lesson flowcharts, and other tools. It illustrates how to look after web server hacking, web applications, and database attacks. The Certified Ethical Hacker course will assist you in dealing with Cryptographic attacks and defense concepts.

Here's what you will get

The Certified Ethical Hacker (CEH) exam determines the knowledge of the candidate as an effective ethical hacker. It recognizes the importance of identifying security issues to get them resolved. It will teach you the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.


16+ Lessons | 332+ Exercises | 225+ Quizzes | 299+ Flashcards | 150+ Glossary of terms


125+ Pre Assessment Questions | 2+ Full Length Tests | 125+ Post Assessment Questions | 250+ Practice Test Questions

Hand on lab

47+ LiveLab | 48+ Video tutorials | 01:36+ Hours

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • What Is a CEH?
  • About EC-Council
  • Using This Course
  • Objective Map
  • Let's Get Started!

Lessons 2: Ethical Hacking

  • Overview of Ethics
  • Overview of Ethical Hacking
  • Methodologies
  • Methodology of Ethical Hacking
  • Summary

Lessons 3: Networking Foundations

  • Communications Models
  • Topologies
  • Physical Networking
  • IP
  • TCP
  • UDP
  • Internet Control Message Protocol
  • Network Architectures
  • Cloud Computing
  • Summary

Lessons 4: Security Foundations

  • The Triad
  • Risk
  • Policies, Standards, and Procedures
  • Organizing Your Protections
  • Security Technology
  • Being Prepared
  • Summary

Lessons 5: Footprinting and Reconnaissance

  • Open Source Intelligence
  • Domain Name System
  • Passive Reconnaissance
  • Website Intelligence
  • Technology Intelligence
  • Summary

Lessons 6: Scanning Networks

  • Ping Sweeps
  • Port Scanning
  • Vulnerability Scanning
  • Packet Crafting and Manipulation
  • Evasion Techniques
  • Protecting and Detecting
  • Summary

Lessons 7: Enumeration

  • Service Enumeration
  • Remote Procedure Calls
  • Server Message Block
  • Simple Network Management Protocol
  • Simple Mail Transfer Protocol
  • Web-Based Enumeration
  • Summary

Lessons 8: System Hacking

  • Searching for Exploits
  • System Compromise
  • Gathering Passwords
  • Password Cracking
  • Client-Side Vulnerabilities
  • Living Off the Land
  • Fuzzing
  • Post Exploitation
  • Summary

Lessons 9: Malware

  • Malware Types
  • Malware Analysis
  • Creating Malware
  • Malware Infrastructure
  • Antivirus Solutions
  • Persistence
  • Summary

Lessons 10: Sniffing

  • Packet Capture
  • Packet Analysis
  • Spoofing Attacks
  • Summary

Lessons 11: Social Engineering

  • Social Engineering
  • Physical Social Engineering
  • Phishing Attacks
  • Website Attacks
  • Wireless Social Engineering
  • Automating Social Engineering
  • Summary

Lessons 12: Wireless Security

  • Wi-Fi
  • Bluetooth
  • Mobile Devices
  • Summary

Lessons 13: Attack and Defense

  • Web Application Attacks
  • Denial-of-Service Attacks
  • Application Exploitation
  • Lateral Movement
  • Defense in Depth/Defense in Breadth
  • Defensible Network Architecture
  • Summary

Lessons 14: Cryptography

  • Basic Encryption
  • Symmetric Key Cryptography
  • Asymmetric Key Cryptography
  • Certificate Authorities and Key Management
  • Cryptographic Hashing
  • PGP and S/MIME
  • Disk and File Encryption
  • Summary

Lessons 15: Security Architecture and Design

  • Data Classification
  • Security Models
  • Application Architecture
  • Security Architecture
  • Summary

Lessons 16: Cloud Computing and the Internet of Things

  • Cloud Computing Overview
  • Cloud Architectures and Deployment
  • Common Cloud Threats
  • Internet of Things
  • Operational Technology
  • Summary

Hands-on LAB Activities

Security Foundations

  • Creating a Personal Linux Firewall Using iptables
  • Viewing Syslog for Monitoring Logs
  • Configuring Audit Policies in Windows
  • Using Event Viewer

Footprinting and Reconnaissance

  • Using the whois Program
  • Using the theHarvester Tool
  • Using Maltego to Gather Information
  • Using Recon-ng to Gather Information
  • Using ipconfig to Perform Reconnaissance
  • Using dnsrecon to Perform Enumeration
  • Performing Zone Transfer Using dig
  • Using nslookup
  • Using the host Program
  • Mirroring Sites with HTTrack

Scanning Networks

  • Using the fping Command
  • Using the Zenmap Tool
  • Scanning a Port Using nmap
  • Using the masscan Command
  • Performing Vulnerability Scanning Using OpenVAS
  • Conducting Vulnerability Scanning Using Nessus
  • Using the hping Program


  • Using the Metasploit SunRPC Scanner
  • Using nmap Scripts for Enumerating Users
  • Enumerating Data Using enum4linux

System Hacking

  • Searching Exploits Using searchsploit
  • Grabbing a Screenshot of a Target Machine Using Metasploit
  • Using Rainbow Tables to Crack Passwords
  • Cracking Windows Passwords
  • Cracking a Linux Password Using John the Ripper
  • Exploiting Windows 7 Using Metasploit


  • Observing an MD5-Generated Hash Value
  • Using the msfvenom Program
  • Scanning Malware Using Antivirus


  • Capturing Network Packets Using tcpdump
  • Capturing Packets Using Wireshark
  • Performing ARP Spoofing

Social Engineering

  • Detecting a Phishing Site Using Netcraft
  • Using SET Tool to Plan an Attack

Attack and Defense

  • Exploiting a Website Using SQL Injection
  • Attacking a Website Using XSS Injection
  • Simulating a DoS Attack
  • Defending Against a Buffer Overflow Attack


  • Performing Symmetric Encryption
  • Examining Asymmetric Encryption
  • Using OpenSSL to Create a Public/Private Key Pair
  • Observing an SHA-Generated Hash Value
  • Creating PGP Certification

Exam FAQs

Hold a CEH certification of version 1 to 7. Or have a minimum of 2 years work experience in InfoSec domain. Or have attended an official EC-Council training.

USD 1414.82

ECC Exam and Pearson VUE

Multiple choice questions

The exam contains 125 questions.

240 minutes

This depends on the exam.

Here is the retake policy: If a candidate is not able to pass the exam on the first attempt, no cooling or waiting period is required to attempt the exam for the second time (1st retake). If a candidate is not able to pass the second attempt (1st retake), a waiting period of 14 days is required prior to attempting the exam for the third time (2nd retake). If a candidate is not able to pass the third attempt (2nd retake), a waiting period of 14 days is required prior to attempting the exam for the fourth time (3rd retake). If a candidate is not able to pass the fourth attempt (3rd retake), a waiting period of 14 days is required prior to attempting the exam for the fifth time (4th retake). A candidate is not allowed to take a given exam more than five times in 12-months (1 year) period and a waiting period of 12-months will be imposed before being allowed to attempt the exam for the sixth time (5th retake). Candidates who pass the exam are not allowed to attempt the same version of the exam for the second time.

Three years