PenTest+ versus CEH


When looking for a certification in the penetration testing realm, you’ll see that CompTIA’s PenTest+ and EC-Council’s CEH (Certified Ethical Hacker) certifications are somewhat similar to each other in terms of content. If you are preparing for a job in the field of penetration testing, you may need to decide whether one or both of these certifications will be worthwhile for your cybersecurity career.

At the conclusion of this article, you will be able to understand the similarities, differences and benefits of both PenTest+ and CEH certifications, as well as knowing which certification is right you.

CompTIA PenTest+ objectives (domains) and CEH exam blueprint

CompTIA PenTest+ (PTO-001) objectives

“Objectives” and “blueprint” can be used interchangeably for exam content. Below are the details of PenTest+ and CEH exam content, along with the weight of each domain.

DomainsExam Percentage
1. Planning and Scoping15%
2. Information Gathering and Vulnerability Identification22%
3. Attacks and Exploits30%
4. Penetration Testing Tools17%
5. Reporting and Communication16%

CEH exam blueprint v3.0

DomainsObjectives%WeightNumber of Questions
1. BackgroundNetwork and Communication Technologies/Information Security Threats and Attack Vector/Information Security Technologies21.79%27
2. Analysis/AssessmentInformation Security Assessment and Analysis/Information Security Assessment Process12.73%16
3. SecurityInformation Security Controls/Information Security Attack Detection/Information Security Attack Prevention23.73%30
4. Tools, Systems, ProgramsInformation Security Systems/Information Security Programs/Information Security Tools28.91%36
5. Procedures/MethodologyInformation Security Procedures/Information Security Assessment Methodologies8.77%11
6. Regulation/PolicyInformation Security Policies/Laws/Acts1.90%2
7. EthicsEthics of Information Security2.17%3

What are the similarities between PenTest+ and CEH?

As previously mentioned, the content of both PenTest+ and CEH are somewhat similar. In addition, both certifications are alike in their recertification process. Both are valid for three (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: