Certified Ethical Hacker (CEH v10 )


This course includes
Hands-On Labs

Start your prep for the EC-Council Certified Ethical Hacker exam with the CEH v10 course and lab. Lab simulates real-world, hardware, software, and command-line interface environments and can be mapped to any textbook, course, or training. The Certified Ethical Hacker certification course and lab cover CEH v10 exam objectives thoroughly and teach the principles of ethical hacking. Lessons and TestPrep will further prepare candidates for this certification exam with their interactive item types.

Here's what you will get

The Certified Ethical Hacker (CEH) certification validates the application knowledge of auditors, security officers, and site administrators to establish and govern the minimum standards of credentialing professional information security specialists in ethical hacking measures. Passing the CEH exam certifies that individuals have the specific network security discipline of ethical hacking from a vendor-neutral perspective.


15+ Lessons | 250+ Quizzes | 70+ Flashcards | 140+ Glossary of terms


100+ Pre Assessment Questions | 2+ Full Length Tests | 100+ Post Assessment Questions | 200+ Practice Test Questions

Hands-On Labs

38+ LiveLab | 38+ Video tutorials | 16+ Minutes

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • What Is a CEH?
  • About EC-Council
  • Using This Course
  • Objective Map
  • Let’s Get Started!

Lessons 2: Ethical Hacking

  • Overview of Ethics
  • Overview of Ethical Hacking
  • Methodology of Ethical Hacking
  • Summary

Lessons 3: Networking Foundations

  • Communications Models
  • Topologies
  • Physical Networking
  • IP
  • TCP
  • UDP
  • Internet Control Message Protocol
  • Network Architectures
  • Cloud Computing
  • Summary

Lessons 4: Security Foundations

  • The Triad
  • Risk
  • Policies, Standards, and Procedures
  • Security Technology
  • Being Prepared
  • Summary

Lessons 5: Footprinting and Reconnaissance

  • Open-Source Intelligence
  • Domain Name System
  • Passive Reconnaissance
  • Website Intelligence
  • Technology Intelligence
  • Summary

Lessons 6: Scanning Networks

  • Ping Sweeps
  • Port Scanning
  • Vulnerability Scanning
  • Packet Crafting and Manipulation
  • Evasion Techniques
  • Summary

Lessons 7: Enumeration

  • Service Enumeration
  • Remote Procedure Calls
  • Server Message Block
  • Simple Network Management Protocol
  • Simple Mail Transfer Protocol
  • Web-Based Enumeration
  • Summary

Lessons 8: System Hacking

  • Searching for Exploits
  • System Compromise
  • Gathering Passwords
  • Password Cracking
  • Client-Side Vulnerabilities
  • Post Exploitation
  • Summary

Lessons 9: Malware

  • Malware Types
  • Malware Analysis
  • Creating Malware
  • Malware Infrastructure
  • Antivirus Solutions
  • Summary

Lessons 10: Sniffing

  • Packet Capture
  • Packet Analysis
  • Spoofing Attacks
  • Summary

Lessons 11: Social Engineering

  • Social Engineering
  • Physical Social Engineering
  • Phishing Attacks
  • Website Attacks
  • Wireless Social Engineering
  • Automating Social Engineering
  • Summary

Lessons 12: Wireless Security

  • Wi-Fi
  • Bluetooth
  • Mobile Devices
  • Summary

Lessons 13: Attack and Defense

  • Web Application Attacks
  • Denial of Service Attacks
  • Application Exploitation
  • Lateral Movement
  • Defense in Depth/Defense in Breadth
  • Defensible Network Architecture
  • Summary

Lessons 14: Cryptography

  • Basic Encryption
  • Symmetric Key Cryptography
  • Asymmetric Key Cryptography
  • Certificate Authorities and Key Management
  • Cryptographic Hashing
  • PGP and S/MIME
  • Summary

Lessons 15: Security Architecture and Design

  • Data Classification
  • Security Models
  • Application Architecture
  • Security Architecture
  • Summary

Hands-on LAB Activities

Security Foundations

  • Creating a Personal Linux Firewall Using iptables
  • Observing Syslog Messages
  • Using Event Viewer
  • Configuring Audit Policies in Windows

Footprinting and Reconnaissance

  • Using the whois Program
  • Using the theHarvester Tool
  • Using Recon-ng to Gather Information
  • Using Maltego to Gather Information
  • Using the host Program
  • Using nslookup
  • Performing Zone Transfer Using dig
  • Using dnsrecon to Perform Enumeration
  • Mirroring Sites with HTTrack

Scanning Networks

  • Using the fping Command
  • Using the masscan Command
  • Scanning a Port Using nmap
  • Using the Zenmap Tool
  • Using OpenVAS
  • Using the hping Program


  • Using the Metasploit SunRPC Scanner
  • Using nmap for Enumerating Users
  • Enumerating Data Using enum4linux

System Hacking

  • Searching Exploits Using searchsploit
  • Grabbing a Screenshot of a Target Machine Using Metasploit
  • Exploiting Windows 7 Using Metasploit
  • Cracking a Linux Password Using John the Ripper
  • Cracking Windows Passwords


  • Scanning Malware Using Antivirus
  • Observing an MD5-Generated Hash Value
  • Using the msfvenom Program


  • Capturing Packets Using Wireshark
  • Capturing Network Packets Using tcpdump
  • Performing ARP Spoofing

Social Engineering

  • Using the SET Tool

Attack and Defense

  • Attacking a Website Using XSS Injection
  • Exploiting a Website Using SQL Injection


  • Using OpenSSL to Create a Public/Private Key Pair
  • Observing an SHA-Generated Hash Value

Exam FAQs

No official prerequisites

USD 500

Multiple choice questions

The exam contains 125 questions.

240 minutes

This depends on the exam.

Here is the retake policy:

  • If a candidate is not able to pass the exam on the first attempt, no cooling or waiting period is required to attempt the exam for the second time (1st retake).
  • If a candidate is not able to pass the second attempt (1st retake), a waiting period of 14 days is required prior to attempting the exam for the third time (2nd retake).
  • If a candidate is not able to pass the third attempt (2nd retake), a waiting period of 14 days is required prior to attempting the exam for the fourth time (3rd retake).
  • If a candidate is not able to pass the fourth attempt (3rd retake), a waiting period of 14 days is required prior to attempting the exam for the fifth time (4th retake).
  • A candidate is not allowed to take a given exam more than five times in 12-months (1 year) period and a waiting period of 12-months will be imposed before being allowed to attempt the exam for the sixth time (5th retake).
  • Candidates who pass the exam are not allowed to attempt the same version of the exam for the second time.

Three years