EC-Council CEH

The CEH v11 update: What you need to know [2022 update]

Graeme Messina
April 5, 2022 by
Graeme Messina

EC-Council’s Certified Ethical Hacker (CEH) credential is a respected and trusted ethical hacking program that has become one of the best options to validate a professional’s skills in penetration testing, vulnerabilities discovery and evaluation in target systems. Certified professionals provide an essential service in protecting organizations’ digital assets and infrastructures by identifying weaknesses and potential avenues of attack to prevent data from being stolen and misused by malicious attackers.

EC-Council’s CEH (ANSI) program was recently revised to include the latest advancements in the field. The CEH certification is now in its 11th version, and its objectives test one’s knowledge of core security concepts and capability of assessing an organization’s infrastructure to identify threats, analyze them, and provide remediation in the context of the latest operating systems, tools, tactics, exploits and technologies.

Earn your CEH, guaranteed!

Earn your CEH, guaranteed!

Get hands-on hacking experience and live expert, instruction. Enroll now to claim your Exam Pass Guarantee!

Overview of CEH v11

The CEH certification, which is currently on Exam Blueprint v4.0, is constructed to validate that a professional has the necessary skills and knowledge to perform well in several roles, including penetration tester, cybersecurity auditor, security analyst, vulnerability assessment analyst, ethical hacker, security compliance analyst and more.

The CEH V11 curriculum comprises an exam that tests candidates on their knowledge of five ethical hacking phases (Reconnaissance, Gaining Access, Enumeration, Maintaining Access and Covering Your Tracks) and various attack vectors and preventative countermeasures.

The CEH v4 topics (CEH v11 objectives) include:

  1. Information Security and Ethical Hacking Overview (6%)
  2. Reconnaissance Techniques (21%)
  3. System Hacking Phases and Attack Techniques (17%)
  4. Network and Perimeter Hacking (14%)
  5. Web Application Hacking (16%)
  6. Wireless Network Hacking (6%)
  7. Mobile Platform, IoT, and OT Hacking (8%)
  8. Cloud Computing (6%)
  9. Cryptography (6%)

The CEH exam subdomains on which the students need to concentrate when preparing for the test include:

  • Footprinting and reconnaissance
  • Network scanning
  • Enumeration
  • Vulnerability analysis
  • Malware threats
  • Sniffing
  • Social engineering
  • Denial of service attacks
  • Session hijacking
  • Evading IDS, Firewalls, and Honeypots
  • Server hacking
  • SQL injection

What’s new in CEH v11

CEH v11 is more advanced, robust and comprehensive than ever before, covering more hacking techniques, tricks and tools.

The practical nature of the course is shown by the fact that 50 percent of content is dedicated to practical skills, thanks also to a new version of iLabs, which is no longer based on simulations but on real-world challenges.

CEH v11 now has over 20 modules that students need to learn and understand; hacking challenges are at the end of each module to reinforce what is learned. Cloud computing and remotely hosted solutions are some of the technologies more prominent in the exam.

CEH v11 focuses on 18 attack vectors, including the OWASP Top 10, IoT Hacking, Vulnerability Analysis, APT, Fileless Malware, Web API Threats, Webhooks, Web Shell, OT Attacks, Cloud Attacks, AI, ML and much more.

CEH v11 includes new operating systems, including Windows Server 2019, Windows Server 2016, and Windows 10, configured with Domain Controller, firewalls and vulnerable web applications for practicing and improving hacking skills.

CEH v11 covers the latest Malware Analysis tactics for ransomware, banking and financial malware, IoT botnets, OT Malware Analysis, Android Malware and more.

CEH v11 covers more than 500 new threats and vulnerability scenarios, including APT, Fileless Malware, Web API Threats, Webhooks, Web Shell, OT Attacks, Cloud Attacks, AI, ML and much more.

CEH v11 adds in new labs for the latest topics.

What else changed with the CEH v11 update?

Certified Ethical Hacker (CEH) Version 11 has the following additions, as seen in the CEHv11-Brochure:

  • Incorporating Parrot Security OS, which offers better performance on lower-powered laptops and machines while offering an intuitive look and feel with a larger repository of general tools
  • Re-mapped to NIST/NICE framework to include the protect and defend (PR) job role category overlapping with other job roles, including analyze (AN) and securely provision (SP)
  • Enhanced Cloud Security, IoT and operational technology (OT) modules, to incorporate CSP’s Container Technologies (e.g., Docker, Kubernetes), Cloud Computing threats and several IoT hacking tools (e.g., Shikra, Bus Pirate, Facedancer21 and more)
  • Modern malware analysis to include the latest malware analysis tactics for ransomware, banking and financial malware, IoT botnets, OT malware analysis and Android malware
  • Covering the latest threats, with a strong focus on rising threats such as fileless malware techniques that are covered together with possible defensive strategies
  • New lab designs and operating systems for practicing and improving hacking skills
  • Increased lab time and hands−on focus, with more than 50% of the CEH v11 course dedicated to practical skills in a lab environment
  • Industry’s most comprehensive tools library, with the latest additions required by security practitioners and pentesters across the world

CEH v11 will be covering new topics like:

  • DNS cache snooping, DNSSEC zone walking, NFS enumeration
  • Different types of malware attacks
  • IoT hacking threats to IoT and OT platforms with ways to defend such devices securely
  • Cloud computing solutions and the essentials of container technology and serverless computing
  • WPA3 encryption and cracking
  • OWASP Top 10 Web Application Attacks
  • Malware analysis and reverse engineering

How has the CEH v11 exam changed?

Apart from the additional sections and modules already covered, there are a few changes to the CEH knowledge-based exam, which still tests your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more.

The CEH exam remains unchanged in principle, and the following stats still apply:

  • Number of questions: 125
  • Test duration: 4 hours
  • Test format: Multiple choice
  • Test delivery: ECC exam, VUE (to be proctored)
  • Exam prefix: 312-50 (ECC EXAM), 312-50 (VUE)
  • Cut score: The actual percentage of questions that you must answer correctly varies and may be more or less than 70 percent, to be decided by the subject-matter experts who helped EC-Council set the cut scores; they can range from 60% to 85%, depending on which exam form is challenged.

Remember to always check the current blueprint before taking the CEH exam.

Professionals interested in preparing for their test can also peruse several training options available by third-party vendors who offer CEH v11 Boot Camp courses tied to the exam objectives; this widens possibilities by allowing students to find a type of course that best suits their learning style. 

The importance of CEH v11

The Certified Ethical Hacker V11 (CEH V11) course is a demanding information security training program that prepares cybersecurity professionals to work as ethical hackers and penetration testers. The CEH is often regarded as the standard by which all other cybersecurity and pentesting courses are measured. CEH v11 offers theoretical knowledge combined with practical, proctored assessments to make sure that candidates who pass the course have the necessary hacking knowledge that can be leveraged to progress in their careers.

Whether you are looking to help your company protect its system and data in your current position or to progress into another IT security role, this is a good time to increase your skills in ethical hacking. Legal hacking is a challenging but fun and rewarding career. Are you interested? Certifications like the CEH help become a successful ethical hacker or help a network defender develop this mindset.

Earn your CEH, guaranteed!

Earn your CEH, guaranteed!

Get hands-on hacking experience and live expert, instruction. Enroll now to claim your Exam Pass Guarantee!

What an ethical hacker certification does for you

By earning certifications like the EC-Council’s Certified Ethical Hacker, you learn what it takes to lawfully hack an organization (based on the direction of the client) to provide an understanding of system weaknesses and vulnerabilities so the business can then set up security controls to minimize the risk of an incident and better defend against a malicious attack.

The CEH credential has been updated to reflect what’s new in ethical hacking to pose itself as a better tool for professionals to prove their current, up-to-date knowledge in the field; it also provides them with the best possible knowledge and skill-set to help them progress in their career or stand out in between applicants for a coveted position.



Graeme Messina
Graeme Messina

Graeme is an IT professional with a special interest in computer forensics and computer security. When not building networks and researching the latest developments in network security, he can be found writing technical articles and blog posts at InfoSec Resources and elsewhere.