The Certified Ethical Hacker v6.1 exam is a vendor neutral certification exam that certifies individuals in the processes of ethical hacking, also known as defensive hacking. In order to be an effective ethical hacker (white hat), you must learn to think like an offensive hacker (black hat), which includes gaining a deep understanding of the tools and methods involved. Once you start to look at your networks and systems from the perspective of someone out to cause havoc or harm, you will be better prepared to implement the appropriate countermeasures and monitoring systems.
- Number of questions: 150
- Types of questions: Multiple choice, with text and images as part of the question material.
- Passing score: 70%
- Time limit: 240 minutes
- How to register: Prometric and VUE; note that the exam number will vary between them:
- Exam 312-50: VUE testing centers and Prometric Accredited Training Centers (ATC).
- Exam EC0-350: Authorized Prometric Testing Centers (APTC) globally.
This is a linear exam, so you can easily move backward to examine a previous question if needed and then go forward again to where you left off. Question can be flagged for review after submitting all answers, providing the opportunity to look over those questions again before submitting the exam for grading.
Due to the unique content and nature of this exam, you should expect questions that utilize code and script samples, firewall and IDS logs, web server logs, packet captures and other items both graphically and through text representations. The official training course and the current preparation guides will give you a good feel for the type information you can reasonably expect to see in the questions.
Use your time wisely. You should have more than enough time to answer each question and still have more than enough left over to review flagged items. Make use of the flag for review to give yourself another chance to look over questions you were undecided on originally. Do not be afraid to go backwards within the exam if you see something later on that you think might help you answer an earlier question.
In order to register for the exam, you will need to have either attended an official training course for CEH at an accredited training center or obtain an experience waiver if utilizing self-study. The exam is given the last day during official training courses. If applying for the waiver, you will need to complete an application form and attach a letter from your organization documenting two or more years of information security experience. You will also need to purchase a voucher from the EC Council to use for exam registration. The eligibility form to apply for the experience waiver is currently located here, though it may change as CEH v7 is being released shortly.