Cyber Security

How to Become a Certified Ethical Hacker (CEH) in 2026 — The Complete Guide

MJA
Mac Jason Academy
14 min read

The EC-Council Certified Ethical Hacker (CEH) is the most widely recognised offensive-security credential in the world. It's also one of the most misunderstood — half the people who take it didn't need it, and half the people who needed it took something else first. Here's how to know which group you're in.

What CEH actually is

CEH is EC-Council's vendor-neutral certification proving you can think like an attacker. The current version is v13 AI as of 2026, with a 4-hour exam containing 125 multiple-choice questions across 20 domains. There's a separate CEH Practical — a 6-hour hands-on lab exam — that proves you can actually do the things, not just describe them.

EC-Council is accredited under ANSI 17024 standard, which means CEH is recognised by US government roles requiring DoD 8570/8140 baseline certifications — IAT Level III and IAM Level II positions.

Who CEH is right for

CEH is the right credential if you:

  • Want to work in penetration testing, vulnerability assessment, or red team operations
  • Work in SOC operations and want to understand attacker TTPs to detect them better
  • Are a sysadmin or network engineer pivoting into security
  • Need a baseline credential for a DoD / federal contractor role
  • Are early-career and want a recognised offensive-security cert to anchor your resume

CEH is not the right credential if you're targeting senior offensive roles at top-tier consultancies. For those, OSCP (Offensive Security Certified Professional) is the gatekeeper — it's harder, more practical, and more respected by pen-test firms.

Practical advice: CEH gets you the first pen-test job. OSCP gets you the third one. Most students at Mac Jason Academy take CEH first, work in the field for 12–18 months, then pursue OSCP independently.

Prerequisites

EC-Council requires one of two paths to sit the exam:

  1. Official training through an EC-Council Accredited Training Center (ATC). This waives the experience requirement. Mac Jason Academy is an EC-Council ATC, so our students take this path.
  2. Two years of documented information-security work experience in lieu of training. You apply directly to EC-Council with a $100 application fee. Plan on a 5–10 day review.

Cost breakdown (2026)

  • Official iLearn course + exam voucher: $1,899 direct from EC-Council
  • Boot camp from an ATC: typically $2,500–$3,500 bundled with exam voucher
  • Self-study + exam voucher: $1,199 voucher + $100 application + your time
  • CEH Practical add-on: $550
  • Renewal: 120 ECE credits over 3 years, ~$80/year membership

Recommended study plan (8 weeks)

The official EC-Council training is 5 days of intensive content, but the realistic preparation window for most working adults is 6–8 weeks. Here's what works:

  • Weeks 1–2: Reconnaissance, scanning, enumeration, and system hacking fundamentals. Practice in a home lab — Kali Linux + a few vulnerable VMs (DVWA, Metasploitable, HackTheBox starting points).
  • Weeks 3–4: Web application attacks (SQLi, XSS, CSRF, broken auth), wireless attacks, and cryptography basics. This is where most students bog down — slow down.
  • Weeks 5–6: Mobile, IoT, cloud security, social engineering, and evading IDS/firewalls. Less hands-on, more conceptual.
  • Week 7: Full-length practice exams. Aim for 80%+ on three consecutive practice tests before scheduling.
  • Week 8: Final review, weak-area drill, schedule the exam mid-week (not Monday, not Friday).

The exam itself

125 questions, 4 hours, multiple choice, score-scaled to 70% pass. Questions are written in EC-Council's particular style — they often want the "best" answer when multiple options are technically correct. Read every question twice. The exam is heavy on:

  • Tool identification ("which tool would you use for X?")
  • Command-line syntax (memorise nmap flags, you'll thank us)
  • Order-of-operations questions ("what's the next step after Y?")
  • Vulnerability/CVE recognition

Salary expectations after CEH (2026 Houston market)

  • SOC Analyst Tier 1: $65,000–$85,000
  • Junior Penetration Tester: $80,000–$110,000
  • Mid-level Security Analyst: $95,000–$130,000
  • Senior Penetration Tester (CEH + OSCP + 3 yrs experience): $130,000–$170,000

Common mistakes

  1. Skipping fundamentals. If you can't explain TCP/IP and OSI cold, CEH content won't stick. Get Network+ or equivalent comfort first.
  2. Memorising without doing. The questions test understanding. Build a home lab. Run the tools. Break things.
  3. Using outdated materials. CEH v13 AI (current as of 2026) has significant content changes from v12. Verify your study materials are for the right version.
  4. Underestimating Practical. If you want CEH Practical, plan extra prep — it's a different beast.
  5. Going alone when a boot camp would save 4 weeks. Structured training keeps you accountable and exposes you to the way EC-Council writes questions.

Where Mac Jason Academy fits

We're an EC-Council Accredited Training Center delivering the full official CEH curriculum with all the iLabs included. Boot camps run quarterly in Houston and online. Pair with our Cyber Security Internship Program for real Fortune 100 project experience while you're still studying — most students leave with the cert AND a portfolio piece.

See the full 5-year cyber security career roadmap for how CEH fits into the broader certification stack.

Start ethical hacking

Train at an EC-Council ATC

Full official CEH curriculum + iLabs + exam voucher. Boot camps quarterly.

View CEH Programme Talk to an Advisor