CEH - EC-Council Certified Ethical Hacker Expert Practice Exams

1 of 10 Free CEH Expert Exams | Over 500 Certification Exam Questions

100 Question BOSS Exam
Certification Exams β€” 100-question BOSS practice test badge
10 Question Exam Certification Test β€” 10-question mock exam ribbon badge
25 Question Exam Free Certification β€” 25-question practice test ribbon badge
35 Question Exam Exam Objectives Test β€” 35-question questions & answers ribbon badge
50 Question Exam Certification Exams β€” 50-question timed practice set ribbon badge
55 Question Exam Free Certification β€” 55-question Q&A practice pack ribbon badge
65 Question Exam Exam Topics Test β€” 65-question practice quiz ribbon badge
70 Question Exam Certification Test β€” 70-question simulated exam ribbon badge
80 Question Exam Certification Exams β€” 80-question full-length practice exam ribbon badge
100 Question BOSS Exam
Exam Objectives Test β€” 100-question BOSS mock exam banner
101 Question FINAL Exam
Free Certification β€” 101-question final practice test banner

EC-Council Certified Ethical Hacker (CEH) Expert Exam Topics

Just the Facts

  • 50 scored questions plus 15 unscored questions
  • Question types are multiple choice and multiple response
  • Exam time is about 90 minutes
  • Passing score is 700 out of 1000

Certified Ethical Hacker Exam Topics

  • Domain 1: Cloud Concepts – 24%
  • Domain 2: Security and Compliance – 30%
  • Domain 3: Cloud Technology and Services – 34%
  • Domain 4: Billing, Pricing, and Support – 12%

The Trick to IT Certification Success

Stop wasting time. Download this proven Certification Success Study Plan for free.

Practice

Do the practice tests

Prompt

AI driven training

The Perfect Study Plan for You
Perform

Learn by doing

Pass

Get certified in half the time

EC-Council Certified Ethical Hacker (CEH) v13 Exam Objectives

Exam Basics

  • Format: ~125 multiple-choice questions
  • Time limit: up to 4 hours
  • Delivery: Pearson VUE or ECC Exam Center (proctored)
  • Passing score: variable cut score (typically ~60%–85%)
  • Audience: entry to intermediate security professionals (ethical hacking fundamentals required)

Domain 1: Reconnaissance & Intelligence Gathering (~20%)

  • Ethical hacking phases, footprinting methods (OSINT, DNS, WHOIS, search operators)
  • Active vs. passive recon, threat modeling, attack surface mapping
  • Scanning prep and enumeration targets (hosts, ports, services, banners)
  • Common tools: theHarvester, Maltego, Recon-ng, NSlookup/Dig, Nmap host discovery

Domain 2: Scanning, Enumeration & Vulnerability Analysis (~25%)

  • Nmap scan types (TCP connect, SYN, UDP, Xmas), service/version detection, scripts
  • Enumeration of SMB, SNMP, LDAP, SMTP, FTP, HTTP; banner grabbing
  • Vulnerability assessment with CVSS basics; scanners (Nessus/OpenVAS), false positives
  • Password attacks & cracking: wordlists, rules, Hashcat/John, Kerberoasting, Pass-the-Hash

Domain 3: Exploitation & Post-Exploitation (Systems, Network & Web) (~35%)

  • System hacking: privilege escalation, credentials dumping (Mimikatz), persistence & covering tracks
  • Network attacks: sniffing, MITM, ARP/DNS poisoning, DoS/ DDoS fundamentals, session hijacking
  • Web attacks: OWASP Top 10, SQLi (error/union/blind), XSS, CSRF, auth/logic flaws, file upload
  • Exploitation frameworks & tooling: Metasploit, Burp Suite, sqlmap, Hydra/Medusa, Responder, BloodHound
  • Wireless & mobile: evil twin, cracking/handshakes, WPA/WPA2/WPA3, Bluetooth basics; Aircrack-ng/Kismet

Domain 4: Cloud, IoT/OT, Cryptography & Reporting (~20%)

  • Cloud security basics: IAM misconfigurations, storage exposure, metadata/instance roles abuse
  • IoT/ICS/SCADA awareness: common protocols (Modbus, MQTT), device discovery & risks
  • Malware basics: trojans, worms, ransomware, botnets; traffic/indicator recognition
  • Crypto concepts: symmetric vs asymmetric (AES/RSA), hashes, PKI, TLS, common misuse
  • Engagement lifecycle: legal/ethics, ROE/NDAs, evidence handling, reporting & remediation guidance

Out of Scope

  • Exploit development at the assembly level and 0-day research
  • Advanced reverse engineering and in-depth forensics
  • Vendor-specific deep cloud architecture design
  • Production red-team operations outside ethical/legal scope
  • Extensive coding; focus is on tools, techniques and methodology

How to Prepare

  • Study the official CEH v13 exam blueprint and module outcomes
  • Build hands-on practice: labs/cyber-ranges with Nmap, Wireshark, Metasploit, Burp Suite, Hashcat
  • Memorize common ports/protocols, TCP flag behavior, HTTP status codes and SQLi/XSS payload patterns
  • Review CVSS basics, MITRE ATT&CK technique families, and standard reporting structure
  • Take full-length practice tests; analyze every miss and replicate the technique in a lab