EC-Council CEH

The CEH v10 update: What you need to know

July 9, 2019 by Graeme Messina


In an attempt to meet the growing demand for new skills and security knowledge, EC-Council, the body responsible for compiling the CEH v10 certification, recently updated the Certified Ethical Hacker certification.

The refresh is one of many since CEH’s launch in 2003, and it means that candidates can expect a slightly different exam from CEH v9, which was launched in 2015. The certification now has over 18 modules that students need to learn and understand, and the global trend of cloud computing and remote hosted solutions means that those technologies are now more prominent in the exam.

The EC-Council advises that candidates check the exam blueprint and objectives prior to registering for the exam. Certified Ethical Hacker training courses can also help ensure candidates are prepared with the most up-to-date material needed to pass their CEH v10 exam.



Overview of CEH v10 changes

CEH v10 focuses on making candidates more aggressive in their defense of networks. This offensive, proactive stance is a better way of defending network data against cybercriminals.

New modules that have been added include items such as:

  • IoT security: The proliferation of cheap, inexpensive internet-connected devices has opened up a proverbial can of worms for security experts as hackers are able to hijack many of these simple devices. CEH v10 explores this new class of network device and the potential vulnerabilities that they present.
  • More material: Expanded information on items such as threat and vulnerability assessments are included in CEH v10, giving this aspect of the course a welcome upgrade over CEH v9.
  • New business tool focus: Buzzwords like AI, cloud computing and machine learning are featured in the updated v10 of the CEH. Businesses are likely to use these tools, and intruders are likely trying to exploit them.
  • Practical exercises: CEH v10 now features practical modules for candidates to master.

What else changed with the CEH v10 update?

The overall feel of the exam remains very similar to CEH v9, and the way the exam tests a candidate’s abilities has not changed much. Some of the new modules that have been added include:

Vulnerability Assessment Module

The vulnerability assessment material in version 9 of the CEH has been expanded, and it now has its very own module. The section comprises of tools, techniques and methodology that combine to create a stronger vulnerability assessment capability for successful CEH v10 candidates.

Malware Analysis Module

The EC-Council added a section on malware analysis that teaches candidates how to explore and analyze malware. It also teaches candidates which tools to use in conjunction with malware when conducting testing.

IoT Module

The IoT module goes into topics such as botnets and DDoS attacks as well as how to secure a network from vulnerabilities. This is the last module added to the CEH, and is a clear indicator of the way in which IoT devices have found their way into the modern enterprise environment.

CEH Practical

This is a proctored exam that is a realistic simulation of an actual network by using virtual machines, virtual networks and virtual applications. These are a close approximation of what candidates will find out in the field, so this is an excellent way to test real world skills.

Successful candidates are therefore able to:

  • Demonstrate competency in understanding attack vectors
  • Perform network scanning to assess vulnerable targets on the network
  • Perform OS banner grabbing, service and user enumeration
  • Hack systems, steganography, steganalysis attacks and hide activities afterwards
  • Identify and utilize viruses, worms and malware to exploit system vulnerabilities

How has the CEH v10 exam changed?

Apart from the additional sections and modules already covered, there are not many changes to the way in which the CEH is delivered. However the questions and question weightings changed on September 30, 2018.

Below is a table that shows the question amounts and percentages before and after the update to the exam:

Old Pre Sept 30th 2018 New Post Sept 30th 2018
Domain Weightage Questions Weightage Questions
Background 4.00% 5 21.79% 27
Analysis/Assessment 13.00% 16 12.73% 16
Security 25.00% 31 23.73% 30
Tools / Systems / Programs 32.00% 40 28.91% 36
Procedures / Methodology 20.00% 25 8.77% 11
Regulation / Policy 4.00% 5 1.90% 2
Ethics 2.00% 3 2.17% 3
Totals 100% 125 100% 125

The CEH remains unchanged in principle, and the following stats still apply:

  • Number of questions: 125
  • Test duration: 4 hours
  • Test format: Multiple choice
  • Test delivery: ECC Exam, VUE
  • Exam prefix: 312-50 (ECC EXAM), 312-50 (VUE)


The CEH is an ANSI certified exam, and it is DoD 8570 compliant. The CEH is regarded by many as the standard by which all other cybersecurity and pentesting courses are measured – and with good reason. CEH v10 offers theoretical knowledge combined with practical, proctored assessments to make sure that any candidate that passes the course is a knowledgeable and formidable cybersecurity expert.

Remember to always check the current blueprint before taking the CEH exam. For those interested in earning their Certified Ethical Hacker, Infosec offers training resources, including a CEH v10 Boot Camp



EC-Council exam blueprint,

EC-Council eligibility,

EC-Council FAQ,

Posted: July 9, 2019
Articles Author
Graeme Messina
View Profile

Graeme is an IT professional with a special interest in computer forensics and computer security. When not building networks and researching the latest developments in network security, he can be found writing technical articles and blog posts at InfoSec Resources and elsewhere.

Leave a Reply

Your email address will not be published. Required fields are marked *