Certified Ethical Hacker (CEH) Exam Update

But First, Context

Before we jump into the new blueprint, let’s first define “blueprint” and other important EC-Council terminology. EC-Council’s exam update process is notoriously confusing. That’s in part because they separate their courseware and exam into disparate updates.

Courseware refers to learning material. EC-Council has a specific curriculum or list of concepts that all CEH hopefuls will be exposed to. When you hear “V9” vs. “V10”, those numbers refer to courseware updates. Just because the courseware changes, that does not necessarily mean that the exam changes. Exam blueprints specify changes to the actual test.

An exam blueprint lists testable topics (most of which are also covered in the courseware) and the way questions are distributed within “domains.” 

So, What’s Changed?

Now that we know what an exam blueprint is, the next thing to think about is what’s new in the new exam blueprint, v3.0. The most significant change from v2.0 to v3.0 is the redistribution of domain weightage. The new exam blueprint, as shown in the chart below, is emphasizing Section I, “Background Information” while de-emphasizing Section V, “Procedures / Methodology.”

Blueprint v2.0

Blueprint v3.0

Section Weight # of Items Section
Weight
# of Items
SECTION I

Background Information

4%

5

SECTION I

Background Information

21.79%

27

SECTION II

Analysis / Assessment

13%

40

SECTION II

Analysis / Assessment

12.73%

16

SECTION III

Security

25%

16

SECTION III

Security

23.73%

30

SECTION IV

Tools / Systems / Programs

32%

25

SECTION IV

Tools / Systems / Programs

28.91%

36

SECTION V

Procedures / Methodology

20%

31

SECTION V

Procedures / Methodology

8.77%

11

SECTION VI

Regulation / Policy

4%

5

SECTION VI

Regulation / Policy

1.9%

2

SECTION VII

Ethics

2%

3

2.17%

3

 

Don’t let the label “Background Information” mislead you. The concepts contained in that section are not simply foundational, introductory content. This section includes advanced information such as attack vectors, technologies, and networking communications. Test takers will now see a total of 27 questions in that section, up from just 5 questions in the previous version.

While “Background” saw a sharp increase in items, Section V, “Procedures/Methodology” decreased by 20 questions with the new version. This section includes topics such as information security assessment methodologies, which helps testers keep their assessments organized, structured, and repeatable.

What Does All This Mean for Me?

If you’re in the middle of your studies, you need to adjust your study focus areas. Your studies should be proportionate to how much weight each section carries on the exam. With the “Background” information increasing, you’ll need to spend more time with the principles of networking. Review switches and routers. Spend more time focusing on segmentation and VLANs. Make more flashcards on firewall types, IDSs, and IPSs.

FAQs

  • Yes. The exam blueprint, which lists the exam’s testable topics, has updated to v3.0. The biggest change in the blueprint is the redistribution of domain weightage. That means test taker will see an increase in questions from Section I, “Background Information,:” which covers network communications technologies, information security threats and attack vectors, and
    information security technologies.

  • The updated blueprint took effect on November 1, 2018.

  • Yes. If you’re in the middle of your studies, you need to adjust your study focus areas. Your studies should be proportionate to how much weight each section carries on the exam. With the “Background” information increasing, you’ll need to spend more time with the principles of networking, especially if you don’t have a networking background. You can also spend less time studying Section V, “Procedures/Methodology”, which covers assessment methodologies.

  • Yes, this update is different. V9 to v10 updates covers courseware updates. Courseware is EC-Council official curriculum and content that every CEH hopeful will be exposed to. Changes in courswear do not affect the exam. Only changes in the exam blueprint (such as this one) affects the exam.

Let Us Help

Keeping track of all these changes in blueprints and courseware can be confusing and challenging. If you’re preparing for a certification exam, you have enough to digest and think about. CyberVista has worked diligently to make sure that all of our training content adheres to the updates both in courseware and exam blueprints. When you enroll in a CyberVista training course, we’ll tell you exactly what to study, which content to prioritize, and you can focus on your studies having confidence that our content and instruction is reflective of the latest exam priorities and objectives. Learn more here.