Cyber Security


December 16, 2020

Alex Walters

EC Council updates CND and CEH and introduces the C|PENT.

EC Council has made big adjustments to their vulnerability assessment and pen testing track. In March of 2021, the ECSA (Certified Security Analyst) will be retired simplifying the core track to just three certifications: CND, CEH and CPENT.


The Certified Network Defender is an introductory certification that incorporates Blue Team practices and primarily focuses on the defensive measures of cyber security. This cert is intended for anyone in the cybersecurity operations field, including Network Administrators, Engineers, Defense Technicians and Security Analyst. IT professionals who gain this certification will know how to protect their network against cyber security threats, detect unusual activities and perform monitoring, respond to security flaws, and use analysis and cyber intelligence to prepare for any risks.

Recently, the CND exam has been updated to version CNDv2. The new program is based on a job task analysis; using network and security roles recognized by the National Infocomm Competency Framework (NCIF) the Department of Defense (DoD) and the NICE Framework. (www.eccouncil.org)

CNDv2 includes six new modules that cover more in-depth study of mobile security, cloud security, and attack surface analysis. The new program also incorporates an IoT security module and a threat Intelligence module as well.

To be eligible to take the CND you must receive Network Security training from an official EC council certified training center. If you chose to take the exam without receiving official training, you need to complete two years of Information Security work experience and submit an application with a 100.00 nonrefundable fee. (EC- Council)

The Exam Details are detailed below:

Number of Questions:100
Test Duration:4 Hours
FormatMultiple Choice
DeliveryECC Exam
Exam Prefix312-38 (ECC Exam)
Passing ScoreBased on “cut scores” that range from 60-85%


The Practical Exam

The Certified Ethical Hacker certification is an intermediate hacker that explores the offensive approach to cyber intrusions. Participants will learn how to think like a hacker so they can understand the methods hackers use to breach security measures. This cert is intended for security officers and professionals, site administrators, auditors, engineers, and anyone who implements the security measures on the network or works in a red team environment. (EC-Council) IT professionals who gain this certification will be recognized for meeting the global standard for ethical hacking within the information security field.  (redteamacademy.com) These professionals will be knowledgeable of the five phases of ethical hacking which include: Reconnaissance, scanning, gaining access, maintaining access, analysis, and WAF Configuration. (EC-Council) This course maps to the NICE Framework.

CEHv11 is very similar to CEHv10. The program has remained the same but added a few adjustments to the program. A noticeable change is the implementation of the Parrot Security OS which offers enhanced performance for some lower powered computers as well as new privacy measures and an increased toolset. There is also more information about Cloud security and IoT and OT network components, malware analysis, enumeration, and WPA# encryption and cracking.

To be eligible for CEHv11, IT professionals can choose to take an official instructor led training or complete two years of Information Security work experience and submit an application with a 100.00 nonrefundable fee.

The Exam Details are detailed below:

Number of Questions:125
Test Duration:4 Hours
FormatMultiple Choice
DeliveryECC Exam, VUE
Exam Prefix312-50 (ECC EXAM), 312-50 (VUE)
Passing ScoreBased on “cut scores” that range from 60-85%


The Certified Penetration Testing Professional is a brand-new certification program being offered by EC Council. This is an advanced certification that uses the methods learned in CEH and helps IT professionals master their pen testing skills. (EC-Council) This program will allow participants to perform pen testing challenges in a live cyber network range. Participants will also gain knowledge in subject areas including: IoT and OT systems, ICS, SCADA and binary analysis. (EC-Council) Participants will also learn how to create exploits, build tools and scripts, and perform double pivot network access. (EC Council). This course is intended for Ethical Hackers, Network and Firewall Administrators, Pen Testers, Security Testers and Risk Assessment Professionals.

The CPENT exam is an extremely challenging exam. It is a proctored, virtual exam that is completely hands on. Participants can choose to break the exam into 2, 12-hour sessions or one 24-hour session. If participants earn a score of 70% or higher they pass the exam and earn their CPENT certification. If a participant can score 90% or higher, then they will be eligible to become an LPT Master certification.

Duration2, 12-hour sessions or 1 24-hour session
FormatOnline, hands on training
Passing score70% or higher for CPENT 90 %or higher for LPT

The Licensed Penetration Tester is very difficult to achieve and indicates that certification holders are at the top of the pen testing field.

Phoenix TS Can Help

Phoenix TS is an EC Council training partner that offers training courses for the Vulnerability Assessment and Pen Testing track. Phoenix offers virtual, instructor led trainings for CND, CEH and CPENT. These courses map to the exam objectives and includes hands on labs for real life experience. If you are looking to get started in the Vulnerability Assessment and Pen Testing track or if you a ready to go to the next level, Phoenix TS is the place for you.

EC Council courses available at Phoenix TS

CND – Certified Network Defender
CEH – Certified Ethical Hacker
CPENT – Certified Penetration Testing Professional
CHFI – Certification Training

Visit our website at phoenixts.com or call  301-258-8200 for pricing and details.

subscribe by email

Stay Ahead

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.