Is CEH Difficult?


TL;DR
The feedback is (so far) that to pass CEH you’re best to use as much courseware as possible as provided by EC Council.

Mega Update: I Passed CEH!

I passed the CEH course, but only just.

I studied by myself (self-study) and paid the CEH exam license and booked the online exam that was invigilated by basically someone having access to my desktop (which was a bit weird if I’m honest).

Anyways – my person experience of whether the CEH is hard or not, was that I didn’t actually find it that difficult, in fact I found the CompTIA Security+ course a little more tricky.

I self-studied and used a bunch of training videos that I found online.

It’s a bit of a funny question if you think about it, because, after all – how do you gauge whether a Cybersecurity Professional certification like the Certified Ethical Hacker “is difficult?”.

The simple answer of course is: it depends.

If you’ve studied the OSCP then you’ll find the CEH easy(ish).

If you’ve never studied or learned anything about InfoSec and Offensive security principles and technologies, hacker software or otherwise, then you’ll likely find passing the CEH exam difficult.

Why Did I Write This Post?

I used to get asked a lot “Is CEH Difficult”, or “Is CEH Easy”, when this website was one of the original Cybersecurity Certification training providers.

I’ve been covering Cybersecurity training for many years now, but one certification that has been there from day one is CEH. Love it or loathe it let’s just agree that HR and Recruiters tend to love this Cybersecurity Certification.

How Hard Is CEH In 2021?

As of the last time I updated this post (in early 2021) the latest CEH is at version v11. It does seem to have become a little more tricky in my opinion.

When I studied and passed the CEH exam it was entirely multiple choice and I suspect that they are experiencing a lot of competition with OSCP; a certification that is practical.

Perhaps employers respect the fact that OSCP is practical and with a time limit, i.e. the student has to pwn a bunch of boxes within a strict time-limit.

However, as stated, a lot of HR recruiters do look at CEH as a positive when filling headcount for Cybersecurity Companies.

Anyways, back to the post. What I thought to do was to ask people that have studied the CEH and ask them how hard they found the actual CEH course.

I asked Cybersecurity Professionals that have taken and passed CEH what their thoughts and experiences are, how they studied for – and passed – the certifications. I also asked them whether the CEH designation has helped their career.

Also, and more of an FYI, other certifications we’ve asked for advice from professionals that passed them include:

If you’re interested we also have the same resource designed to help folk understand how to prepare and pass OSCP.

Shafeeque Olassery Kunnikkal | OSCP, CREST(CPSA-CRT), LPT-Master Certified

Ethical Hacker

There was a period when CEH exam questions appeared on the Internet and other sources. These question banks were easy to obtain and some people swot up and pass the exam by this method and don’t even prepare with the course materials. However, from the CEH v9 onward, EC-Council has tightened the exam process. Interacting with my students, I heard comments that the questions have changed quite a bit.

Also in the exam, lots of questions are appearing which can be answered with a person who ought to have knowledge in Penetration Testing, vulnerability assignments, Network Security and Incident response. Altogether simply ‘reading a CEH book’ will not help it. Some of the questions relate to whether the students have played with corresponding hacking tools or not. Of course, there are also generic knowledge-based questions in InfoSec.

So my advice to students is that, read the courseware thoroughly, go through each slide, play with all the pentesting tools at least mentioned in the core tools section of CEH. Take the preparatory exam available on the EC-Council website to get a feeling of real exam which ultimately helps you to prepare for the challenges in real life as well as to clear the examination.


Rahul Gupta | CEH, CISSO

Associate Manager at NEC

It’s very important that you get familiar with the exam first before attempting it. Many blogs and forums are there where you can get connect. Better to use a study guide for CEH exams. Start practice questions by which you will get immediate feedback about your preparation & you will come to know which topics you need to study hard.


Praveen Kumar Balasundaram | CEH, CCNA, CySA+

Security Analyst at DarkMatter LLC

Need networking, Operating system basics.


Joaquin Molina Kinomakino | CEH, MCSE, MCP 70-533

Security Advisor, Verne Telecom

Study the official agenda with all topics.


Jane Allyene Bernardo | CEH, ITIL v3

Senior Application Security Analyst/Penetration Tester

Prepare around 2 months to read the book and try the practice exam. Be sure to pass on the practice exam for you to get a higher chance in passing.


Nithin Bose | CEH, ITIL, ISMS LI

IT QA Analyst

Mainly go through the presentations provided by the EC Council. Also, practice with the tools provided. Do some research on the internet also this will help you to get some idea about the exams.

Henry, aka "HMFIC"

I'm Henry, the guy behind this site. I fancy myself as a bit of a Cyber Expert Specialist and I've been Growth Hacking since 2002, yep, that long...

2 thoughts on “Is CEH Difficult?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recent Posts