Cyber Security

CEHv10 and CEHv9: Comparing The Versions

August 27, 2018

Guest Author

CEH, Certified Ethical Hacker, by EC-Council is a highly sought after IT security certification. EC-Council recently released a new version of the exam, CEHv10. We’ve taken the guesswork out of deciphering what has changed between the latest version and the older version so take a few moments to read over what we’ve found.

CEHv10 versus CEHv9

CEHv10 Modules

  • Module 1: Introduction to Ethical Hacking
  • Module 2: Footprinting and Reconnaissance
  • Module 3: Scanning Networks
  • Module 4: Enum222eration
  • Module 5: Vulnerability Analysis
  • Module 6: System Hacking
  • Module 7: Malware Threats
  • Module 8: Sniffing
  • Module 9: Social Engineering
  • Module 10: Denial-Of-Service
  • Module 11: Session Hijacking
  • Module 12: Evading IDS, Firewalls, and Honeypots
  • Module 13: Hacking Web Servers
  • Module 14: Hacking Web Applications
  • Module 15: SQL Injection
  • Module 16: Hacking Wireless Networks
  • Module 17: Hacking Mobile Platforms
  • Module 18: IoT Hacking
  • Module 19: Cloud Computing
  • Module 20: Cryptography

CEHv9 Modules

  • Module 1: Introduction to Ethical Hacking
  • Module 2: Footprinting and Reconnaissance
  • Module 3: Scanning Networks
  • Module 4: Enumeration
  • Module 5: System Hacking
  • Module 6: Malware Threats
  • Module 7: Sniffing
  • Module 8: Social Engineering
  • Module 9: Denial-Of-Service
  • Module 10: Session Hijacking
  • Module 11: Hacking Webservers
  • Module 12: Hacking Web Applications
  • Module 13: SQL Injection
  • Module 14: Hacking Wireless Networks
  • Module 15: Hacking Mobile Platforms
  • Module 16: Evading IDS, Firewalls, and Honeypots
  • Module 17: Cloud Computing Security
  • Module 18: Cryptography

What’s New in CEHv10?

New Modules 

New content has been added to the course. CEHv10 introduces two new modules called “Vulnerability Analysis” and  “IoT Hacking.” “Vulnerability Analysis” is an essential addition covering the process of identifying the severity of risks and threats in regards to security of a system. “IoT Hacking,” covers aspects of hardware hacking using several techniques and technologies.

Additions to CEHv10

 CEHv10 now features an optional exam that students can take to test their skills in ethical hacking. This new feature is called “CEH Practical.” The optional exam focuses around real-world security challenges and it’s good for students to use to apply their new skills. The length of this exam is 6 hours and mimics a real corporate situation. There will be 20 practical challenges and a 70% passing score is required. This optional exam will assess your ability to perform:

  • Cryptography attacks
  • Packet sniffing
  • SQL injection attacks
  • Identify and use computer worms and viruses
  • Perform vulnerability analysis on a corporation’s network and communication infrastructure

Changes To The CEH Exam Modules

All of the current modules have undergone significant change.

Module 1’s “Information Security Controls” has introduced a new subtopic called “What is Risk?” which has been added to the course content. This is significant as there are essential concepts for developing your ethical hacking expertise. Billions of dollars are lost annually by companies who are not aware of the risks and vulnerabilities that the company possessed. The key to solving these problems for companies is understanding risk management and how these situations may occur in the cyber crime scene where stealing of money and large amounts of data are imminent if one is not aware. Module 1 also added the concept of Security Incident and Event Management (SIEM) which will cover things like SIEM architecture and more. In addition, Module 1 will move on to teach participants about user behavior analytics. User behavior analytics allow companies to be capable of so much more by driving decisions from data. This data will show many things like consumer buying behavior and more. Other new, notable topics you will learn about in Module 1 include: Network Security Controls, Identity and Access Management (IAM), Data Leakage, Data Backup, and Data Recovery. Just like Module 1, the other modules have undergone significant changes as well.

In addition to content changes, the order of the content delivered has been rearranged in the new CEH. Module 16 “Vading IDS, Firewalls, and Honeypots” in CEHv9 has now been moved to Module 12 in CEHv10.

CEHv10 Exam

It is paramount that you study the materials assigned throughout this course. Using CEHv9 materials to study for the CEHv10 will prepare you a little as some of the course content will overlap between the two versions because there are only a few changes.

The format of the CEH exam will remain the same. The duration of the exam is 4 hours. There will be 125 questions and all of them will be multiple choice.

What Happens To The Old CEHv9 Exam?

The exams will be automatically updated. To be completely prepared for the exam, candidates will need to incorporate the materials of the new version into their preparation. Use all study tools and materials that are available from the CEHv9 and make sure to be knowledgeable on the new topics implemented in the CEHv10 course

For those that are currently CEH certified or are planning on earning the certification, it is important to note that the certification is valid for 3 years starting the date of issuance.  

subscribe by email

Stay Ahead

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.