Announcements-Banner
Certified Chief Information security officer (CCISO), Blueprint Change Announcement
Computer Hacking Forensic Investigator (CHFI), Blueprint Change Announcement

Effective May 1st, 2021, EC-Council will be introducing a new version of the CHFI v3 exam blueprint.

An exam blueprint is a framework that helps break down the sections of the test making it easier for the test taker to focus his/ her study as they prepare for the exam. It dictates how many questions in various areas of practice should go on an exam.

As a reputed certification body, we always strive to keep updated of the latest technological advancements in the field of ethical hacking and information system security audits. Our new exam blueprint is an outcome of the same effort.

For those who are scheduled to take the CHFI exam on or after May 1st, 2021, here are the major changes you can expect to see:

  • New segmentation of topics among exam domains.
  • Removal and addition of some key topics.

Summary of the updated blueprint:

Domains Sub Domain Description Number of Questions Weightage (%)
1. Forensic Science Understand different types of cybercrimes and list various forensic investigations challenges
  • Types of Computer Crimes
  • Impact of Cybercrimes at Organizational Level
  • Cyber Crime Investigation
  • Challenges Cyber Crimes Present for Investigators
  • Network Attacks
  • Indicators of Compromise (IOC)
  • Web Application Threats
  • Challenges in Web Application Forensics
  • Indications of a Web Attack
  • What is Anti-Forensics?
  • Anti-Forensics Techniques
7 18%
Understand the fundamentals of computer forensics and determine the roles and responsibilities of forensic investigators
  • Understanding Computer Forensics
  • Need for Computer Forensics
  • Why and When Do You Use Computer Forensics?
  • Forensic Readiness
  • Forensic Readiness and Business Continuity
  • Forensics Readiness Planning
  • Incident Response
  • Computer Forensics as part of Incident Response Plan
  • Overview of Incident Response Process Flow
  • Role of SOC in Computer Forensics
  • Need for Forensic Investigator
  • Roles and Responsibilities of Forensics Investigator
  • What makes a Good Computer Forensics Investigator?
  • Code of Ethics
  • Accessing Computer Forensics Resources
  • Other Factors That Influence Forensic Investigations
  • Introduction to Web Application Forensics
  • Introduction to Network Forensics
  • Postmortem and Real-Time Analys
7
Understand data acquisition concepts and rules
  • Understanding Data Acquisition
  • Live Acquisition
  • Order of Volatility
  • Dead Acquisition
  • Rules of Thumb for Data Acquisition
  • Types of Data Acquisition
  • Determine the Data Acquisition Format
6
Understand the fundamental concepts and working of databases, cloud computing, Emails, IOT, Malware (file and fileless), and dark web
  • Understanding Dark Web
  • TOR Relays
  • How TOR Browser works
  • TOR Bridge Node
  • Internal architecture of MySQL
  • Structure of data directory
  • Introduction to Cloud Computing
  • Types of Cloud Computing Services
  • Cloud Deployment Models
  • Cloud Computing Threats
  • Cloud Computing Attacks
  • Introduction to an email system
  • Components involved in email communication
  • How email communication works
  • Understanding parts of an email message
  • Introduction to Malware
  • Components of Malware
  • Common Techniques Attackers Use to Distribute Malware across Web
  • Introduction to Fileless Malware
  • Infection Chain of Fileless Malware
  • How Fileless Attack Works via Memory Exploits
  • How Fileless Attack Happens Via Websites
  • How Fileless Attack Happens Via Documents
  • What is IoT?
  • IoT Architecture
  • IoT Security Problems
  • OWASP Top 10 Vulnerabilities
  • IoT Threats
  • IoT Attack Surface Areas
7
2. Regulations, Policies and Ethics Understand rules and regulations pertaining to search & seizure of the evidence, and evidence examination
  • Rules of Evidence
  • Best Evidence Rule
  • Federal Rules of Evidence
  • Scientific Working Group on Digital Evidence (SWGDE)
  • ACPO Principles of Digital Evidence
  • Seeking Consent
  • Obtaining Witness Signatures
  • Obtaining Warrant for Search and Seizure
  • Searches Without a Warrant
  • Initial Search of the Scene
  • Preserving Evidence
  • Chain of Custody
  • Sanitize the Target Media
  • Records of Regularly Conducted Activity as Evidence
  • Division of Responsibilities
12 15%
Understand different laws and legal issues that impact forensic investigations
  • Computer Forensics: Legal Issues
  • Computer Forensics: Privacy Issues
  • Computer Forensics and Legal Compliance
  • Other Laws that May Influence Computer Forensics
  • U.S. Laws Against Email Crime: CAN-SPAM Act
11
3. Digital Evidence Understand the fundamental characteristics and types of digital evidence
  • Introduction to Digital Evidence
  • Types of Digital Evidence
  • Characteristics of Digital Evidence
  • Role of Digital Evidence
  • Sources of Potential Evidence
  • Understanding Hard Disk
  • Understanding Solid State Drive (SSD)
  • RAID Storage System
  • NAS/SAN Storage
  • Disk Interfaces
  • Logical Structure of Disks
5 17%
Understand the fundamental concepts and working of desktop and mobile Operating Systems
  • What is the Booting Process?
  • Essential Windows System Files
  • Windows Boot Process: BIOS-MBR Method
  • Windows Boot Process: UEFI-GPT
  • Macintosh Boot Process
  • Linux Boot Process
  • Windows File Systems
  • Linux File Systems
  • Mac OS X File Systems
  • MAC Forensics Data
  • MAC Log Files
  • MAC Directories
  • CD-ROM / DVD File System
  • Virtual File System (VFS) and Universal Disk Format File System (UDF)
  • Architectural Layers of Mobile Device Environment
  • Android Architecture Stack
  • Android Boot Process
  • iOS Architecture
  • iOS Boot Process
  • Mobile Storage and Evidence Locations
  • Mobile Phone Evidence Analysis
  • Data Acquisition Methods
  • Components of Cellular Network
  • Different Cellular Networks
  • Cell Site Analysis: Analyzing Service Provider Data
  • CDR Contents
  • Subscriber Identity Module (SIM)
  • Different types of network-based evidence
5
Understand different types of logs and their importance in forensic investigations
  • Understanding Events
  • Types of Logon Events
  • Event Log File Format
  • Organization of Event Records
  • ELF_LOGFILE_HEADER structure
  • EventLogRecord Structure
  • Windows 10 Event Logs
  • Other Audit Events
  • Evaluating Account Management Events
  • Log files as evidence
  • Legal criteria for admissibility of logs as evidence
  • Guidelines to ensure log file credibility and usability
  • Ensure log file authenticity
  • Maintain log file integrity
  • Implement centralized log management
  • IIS Web Server Architecture
  • IIS Logs
  • Analyzing IIS Logs
  • Apache Web Server Architecture
  • Apache Web Server Logs
  • Apache Access Logs
  • Apache Error Logs
6
Understand various encoding standards and analyze various file types
  • Character Encoding Standard: ASCII
  • Character Encoding Standard: UNICODE
  • OFFSET
  • Understanding Hex Editors
  • Understanding Hexadecimal Notation
  • Image File Analysis: JPEG
  • Image File Analysis: BMP
  • Understanding EXIF data
  • Hex View of Popular Image File Formats
  • PDF File Analysis
  • Word File Analysis
  • PowerPoint File Analysis
  • Excel File Analysis
  • Hex View of Other Popular File Formats
5
Understand the fundamental working of WAF and MySQL Database
  • Web Application Firewall (WAF)
  • Benefits of WAF
  • Limitations of WAF
  • Data Storage in SQL Server
  • Database Evidence Repositories
  • MySQL Forensics
  • Viewing the Information Schema
  • MySQL Utility Programs for Forensic Analysis
5
4. Procedures and Methodology Understand Forensic Investigation Process
  • Forensic investigation process
  • Importance of the Forensic investigation process
  • Setting up a computer forensics lab
  • Building the investigation team
  • Understanding the hardware and software requirements of a forensic lab
  • Validating laboratory software and hardware
  • Ensuring quality assurance
  • First response basics
  • First response by non-forensics staff
  • First response by system/network administrators
  • First response by laboratory forensics staff
  • Documenting the electronic crime scene
  • Search and seizure
  • Evidence preservation
  • Data acquisition
  • Data analysis
  • Case analysis
  • Reporting
  • Testify as an expert witness
  • Generating Investigation Report
  • Mobile Forensics Process
  • Mobile Forensics Report Template
  • Sample Mobile Forensic Analysis Worksheet
6 17%
Understand the methodology to acquire data from different types of evidence
  • Data Acquisition Methodology
  • Step 1: Determine the Best Data Acquisition Method
  • Step 2: Select the Data Acquisition Tool
  • Step 3: Sanitize the Target Media
  • Step 4: Acquire Volatile Data
  • Acquire Data From a Hard Disk
  • Remote Data Acquisition
  • Step 5: Enable Write Protection on the Evidence Media
  • Step 6: Acquire Non-Volatile Data
  • Step 7: Plan for Contingency
  • Step 8: Validate Data Acquisition Using
  • Collecting Volatile Information
  • Collecting Non-Volatile Information
  • Collecting Volatile Database Data
  • Collecting Primary Data File and Active Transaction Logs Using SQLCMD
  • Collecting Primary Data File and Transaction Logs
  • Collecting Active Transaction Logs Using SQL Server Management Studio
  • Collecting Database Plan Cache
  • Collecting Windows Logs
  • Collecting SQL Server Trace Files
  • Collecting SQL Server Error Logs
7
Illustrate Image/Evidence Examination and Event Correlation
  • Getting an Image Ready for Examination
  • Viewing an Image on a Windows, Linux and Mac Forensic Workstations
  • Windows Memory Analysis
  • Windows Registry Analysis
  • File System Analysis Using Autopsy
  • File System Analysis Using The Sleuth Kit (TSK)
  • Event Correlation
  • Types of Event Correlation
  • Prerequisites of Event Correlation
  • Event Correlation Approaches
6
Explain Dark Web and Malware Forensics
  • Dark web forensics
  • Identifying TOR Browser Artifacts: Command Prompt
  • Identifying TOR Browser Artifacts: Windows Registry
  • Identifying TOR Browser Artifacts: Prefetch Files
  • Introduction to Malware Forensics
  • Why Analyze Malware?
  • Malware Analysis Challenges
  • Identifying and Extracting Malware
  • Prominence of Setting up a Controlled Malware Analysis Lab
  • Preparing Testbed for Malware Analysis
  • Supporting Tools for Malware Analysis
  • General Rules for Malware Analysis
  • Documentation Before Analysis
  • Types of Malware Analysis
6
5. Digital Forensics Review Various Anti-Forensic Techniques and Ways to Defeat Them
  • Anti-Forensics Technique: Data/File Deletion
  • What Happens When a File is Deleted in Windows?
  • Recycle Bin in Windows
  • File Carving
  • Anti-Forensics Techniques: Password Protection
  • Bypassing Passwords on Powered-off Computer
  • Anti-Forensics Technique: Steganography
  • Anti-Forensics Technique: Alternate Data Streams
  • Anti-Forensics Techniques: Trail Obfuscation
  • Anti-Forensics Technique: Artifact Wiping
  • Anti-Forensics Technique: Overwriting Data/Metadata
  • Anti-Forensics Technique: Encryption
  • Anti-Forensics Technique: Program Packers
  • Anti-Forensics Techniques that Minimize Footprint
  • Anti-Forensics Technique: Exploiting Forensics Tools Bugs
  • Anti-Forensics Technique: Detecting Forensic Tool Activities
  • Anti-Forensics Countermeasures
  • Anti-Forensics Tools
4 17%
Analyze Various Files Associated with Windows and Linux and Android Devices
  • Windows File Analysis
  • Metadata Investigation
  • Windows ShellBags
  • Analyze LNK Files
  • Analyze Jump Lists
  • Event logs
  • File System Analysis using The Sleuth Kit (TSK)
  • Linux Memory Forensics
  • APFS File System Analysis: Biskus APFS Capture
  • Parsing metadata on Spotlight
  • Logical Acquisition of Android Devices
  • Physical Acquisition of Android Devices
  • SQLite Database Extraction
  • Challenges in Mobile Forensics
3
Analyze various logs and perform network forensics to investigate network attacks
  • Analyzing Firewall Logs
  • Analyzing IDS Logs
  • Analyzing Honeypot Logs
  • Analyzing Router Logs
  • Analyzing DHCP Logs
  • Why investigate Network Traffic?
  • Gathering evidence via Sniffers
  • Sniffing Tool: Tcpdump
  • Sniffing Tool: Wireshark
  • Analyze Traffic for TCP SYN flood DOS attack
  • Analyze Traffic for SYN-FIN flood DOS attack
  • Analyze traffic for FTP password cracking attempts
  • Analyze traffic for SMB password cracking attempts
  • Analyze traffic for sniffing attempts
  • Analyze traffic to detect malware activity
  • Centralized Logging Using SIEM Solutions
  • SIEM Solutions: Splunk Enterprise Security (ES)
  • SIEM Solutions: IBM Security QRadar
  • Examine Brute-Force Attacks
  • Examine DoS Attack
  • Examine Malware Activity
  • Examine data exfiltration attempts made through FTP
  • Examine network scanning attempts
  • Examine ransomware attack
  • Detect rogue DNS server (DNS hijacking/DNS spoofing)
  • Wireless network security vulnerabilities
  • Performing attack and vulnerability monitoring
  • Detect a rogue access point
  • Detect access point MAC spoofing attempts
  • Detect misconfigured access point
  • Detect honeypot access points
  • Detect signal jamming attack
4
Analyze Various Logs and Perform Web Application Forensics to Examine Various Web Based Attacks
  • Investigating Cross-Site Scripting Attack
  • Investigating SQL Injection Attack
  • Investigating Directory Traversal Attack
  • Investigating Command Injection Attack
  • Investigating Parameter Tampering Attack
  • Investigating XML External Entity Attack
  • Investigating Brute Force Attack
  • Investigating Cookie Poisoning Attack
4
Perform Forensics on Databases, Dark Web, Emails, Cloud and IoT devices
  • Database Forensics Using SQL Server Management Studio
  • Database Forensics Using ApexSQL DBA
  • Common Scenario for Reference
  • MySQL Forensics for WordPress Website Database: Scenario 1
  • MySQL Forensics for WordPress Website Database: Scenario 2
  • Tor Browser Forensics: Memory Acquisition
  • Collecting Memory Dumps
  • Memory Dump Analysis: Bulk Extractor
  • Forensic Analysis of Memory Dumps to Examine Email Artifacts (Tor Browser Open)
  • Forensic Analysis of Storage to Acquire the Email Attachments (Tor Browser Open)
  • Forensic Analysis of Memory Dumps to Examine Email Artifacts (Tor Browser Closed)
  • Forensic Analysis of Storage to Acquire the Email Attachments (Tor Browser Closed)
  • Forensic Analysis: Tor Browser Uninstalled
  • Dark Web Forensics Challenges
  • Introduction to email crime investigation
  • Steps to investigate email crimes
  • Division of Responsibilities
  • Where Is the Data Stored in Azure?
  • Logs in Azure
  • Acquiring A VM in Microsoft Azure
  • Acquiring A VM Snapshot Using Azure Portal
  • Acquiring A VM Snapshot Using PowerShell
  • AWS Forensics
  • Wearable IoT Device: Smartwatch
  • IoT Device Forensics: Smart Speaker-Amazon Echo
3
Perform Static and Dynamic Malware Analysis in a Sandboxed Environment
  • Malware Analysis: Static
  • Analyzing Suspicious MS Office Document
  • Analyzing Suspicious PDF Document
  • Malware Analysis: Dynamic
3
Analyze Malware Behavior on System and Network Level, and Analyze Fileless Malware
  • System Behavior Analysis: Monitoring Registry Artifacts
  • System Behavior Analysis: Monitoring Processes
  • System Behavior Analysis: Monitoring Windows Services
  • System Behavior Analysis: Monitoring Startup Programs
  • System Behavior Analysis: Monitoring Windows Event Logs
  • System Behavior Analysis: Monitoring API Calls
  • System Behavior Analysis: Monitoring Device Drivers
  • System Behavior Analysis: Monitoring Files and Folders
  • Network Behavior Analysis: Monitoring Network Activities
  • Network Behavior Analysis: Monitoring Port
  • Network Behavior Analysis: Monitoring DNS
  • Fileless Malware Analysis: Emotet
  • Emotet Malware Analysis
  • Emotet Malware Analysis: Timeline of the Infection Chain
4
6. Tools/Systems/Programs Identify various tools to investigate Operating Systems including Windows, Linux, Mac, Android and iOS
  • File System Analysis Tools
  • File Format Analyzing Tools
  • Volatile Data Acquisition Tools
  • Non-Volatile Data Acquisition Tools
  • Data Acquisition Validation Tools
  • Tools for Examining Images on Windows
  • Tools for Examining Images on Linux
  • Tools for Examining Images on Mac
  • Tools for Carving Files on Windows
  • Tools for Carving Files on Linux
  • Tools for Carving Files on Mac
  • Recovering Deleted Partitions: Using R-Studio
  • Recovering Deleted Partitions: Using EaseUS Data Recovery Wizard
  • Partition Recovery Tools
  • Using Rainbow Tables to Crack Hashed Passwords
  • Password Cracking Using: L0phtCrack and Ophcrack
  • Password Cracking Using Cain & Abel and RainbowCrack
  • Password Cracking Using pwdump7
  • Password Cracking Tools
  • Tool to Reset Admin Password
  • Steganography Detection Tools
  • Detecting Data Hiding in File System Structures Using OSForensics
  • ADS Detection Tools
  • Detecting File Extension Mismatch using Autopsy
  • Tools to detect Overwritten Data/Metadata
  • Program Packers Unpacking Tools
  • USB Device Enumeration using Windows PowerShell
  • Tools to Collect Volatile Information
  • Tools to Non-Collect Volatile Information
  • Tools to perform windows memory and registry analysis
  • Tools to examine the cache, Cookie and history recorded in web browsers
  • Tools to Examine Windows Files and Metadata
  • Tools to Examine ShellBags, LNK files and Jump Lists
  • Tools to Collect Volatile Information on Linux
  • Tools to Collect Non-Volatile Information on Linux
  • Linux File system Analysis Tools
  • Tools to Perform Linux Memory Forensics
  • APFS File System Analysis
  • Parsing metadata on Spotlight
  • MAC Forensic Tools
  • Network Traffic Investigation Tools
  • Incident Detection and Examination with SIEM tools
  • Detect and Investigate Various Attacks on Web Applications by Examining Various Logs
  • Tools to Identify TOR Artifacts
  • Tools to Acquire Memory Dumps
  • Tools to Examine the Memory Dumps
  • Tools to Perform Static Malware Analysis
  • Tools to Analyze Suspicious Word and PDF documents
  • Tools to Perform Static Malware Analysis
  • Tools to Analyze Malware Behavior on a System
  • Tools to Analyze Malware Behavior on a Network
  • Tools to Perform Logical Acquisition on Android and iOS devices
  • Tools to Perform Physical Acquisition on Android and iOS devices
13 16%
Determine the various tools to investigate MSSQL, MySQL, Azure, AWS, Emails and IoT devices
  • Tools to Collect and Examine the Evidence Files on MSSQL Server
  • Tools to Collect and Examine the Evidence Files on MySQL Server
  • Investigating Microsoft Azure
  • Investigating AWS
  • Tools to Acquire Email Data
  • Tools to Acquire Deleted Emails
  • Tools to Perform Forensics on IoT devices
11

You can find the existing exam blueprint here, the current blueprint v2.1 is valid till April 30th, 2021.

Note: This announcement is limited to the CHFI multiple choice exam and there are no changes to any other aspect of the exam such as the eligibility criteria, exam duration or exam availability.

Should you have any further questions you can write to [email protected]

EC-Council's E|CIH Program officially accredited by ANSI

EC-Council is proud to announce that the Certified ECIH Program has officially been accredited by the American National Standards Institute (ANSI) to meet the ANSI/ISO/IEC 17024 Personnel Certification Accreditation standard for its E|CIH certification!

The American National Standards Institute (ANSI) is a private non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system. ANSI is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC). ANSI is also a member of the International Accreditation Forum (IAF).

To award the accreditation, ANSI conducted a verification process to ensure that EC-Council is impartial and objective as a certification body. It also confirmed that EC-Council’s certification process is conducted in a consistent, comparable, and reliable manner. This process required rigorous quality reviews of EC-Council and the Certified ECIH (E|CIH) program.

All ECIHs who took the version of the exam that was certified by ANSI will now have the ANSI logo on their electronic certification. If you have any questions about this program, please contact [email protected].

Certified Network Defender (CND), Blueprint Change Announcement

Effective Jan 11th, 2021, EC-Council will be introducing a new version of the CND V3 exam blueprint.

An exam blueprint is a framework that helps break down the sections of the test making it easier for the test taker to focus his/ her study as they prepare for the exam. It dictates how many questions in various areas of practice should go on an exam.

As a reputed certification body, we always strive to keep updated of the latest technological advancements in the field of ethical hacking and information system security audits. Our new exam blueprint is an outcome of the same effort.

For those who are scheduled to take the CND exam on or after Jan 11th, 2021, here are the major changes you can expect to see:

  • New segmentation of topics among exam domains.
  • Removal and addition of some key topics.

Summary of the updated blueprint:

Domains Sub Domain Description Number of Questions Weightage (%)
1. Network Defense Management Network Attacks and Defense Strategies
  • Explain essential terminologies related to
  • network security attacks
  • Describe the various examples of network-level
  • attack techniques
  • Describe the various examples of host-level
  • attack techniques
  • Describe the various examples of applicationlevel attack techniques
  • Describe the various examples of social
  • engineering attack techniques
  • Describe the various examples of email attack
  • techniques
  • Describe the various examples of mobile
  • device-specific attack techniques
  • Describe the various examples of cloud-specific
  • attack techniques
  • Describe the various examples of wireless
  • network-specific attack techniques
  • Describe Attacker’s Hacking Methodologies
  • and Frameworks
  • Understand fundamental goal, benefits, and
  • challenges in network defense
  • Explain Continual/Adaptive security strategy
  • Explain defense-in-depth security strategy
7 10%
Administrative Network Security
  • Obtain compliance with regulatory frameworks
  • Discuss various Regulatory Frameworks, Laws, and Acts
  • Learn to design and develop security policies
  • Conduct security awareness training
  • Discuss other administrative security measures
3
2. Network Perimeter Protection Technical Network Security
  • Discuss access control principles, terminologies, and models
  • Redefine Access Control security in Today’s Distributed and Mobile Computing World
  • Discuss Identity and Access Management (IAM) concepts
  • Discuss cryptographic security techniques
  • Discuss various cryptographic algorithms
  • Discuss security benefits of network segmentation techniques
  • Discuss various essential network security solutions
  • Discuss various essential network security protocols
6 16%
Network Perimeter Security
  • Understand firewall security concerns, capabilities, and limitations
  • Understand different types of firewall technologies and their usage
  • Understand firewall topologies and their usage
  • Distinguish between hardware, software, host, network, internal, and external firewalls
  • Select firewalls based on its deep traffic inspection capability
  • Discuss firewall implementation and deployment process
  • Discuss recommendations and best practices for secure firewall Implementation and deployment
  • Discuss firewall administration activities
  • Understand role, capabilities, limitations, and concerns in IDS deployment
  • Discuss IDS/IPS classification
  • Discuss various components of IDS
  • Discuss effective deployment of network and host-based IDS
  • Learn to how to deal with false positive and false negative IDS alerts
  • Discuss the selection of appropriate IDS solutions
  • Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities
  • Discuss router and switch security measures, recommendations, and best practices
  • Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)
10
3. Endpoint Protection Endpoint SecurityWindows Systems
  • Understand Window OS and Security Concerns
  • Discuss Windows Security Components
  • Discuss Various Windows Security Features
  • Discuss Windows security baseline configurations
  • Discuss Windows User Account and Password Management
  • Discuss Windows Patch Management
  • Discuss User Access Management
  • Discuss Windows OS Security Hardening Techniques
  • Discuss Windows Active Directory Security Best Practices
  • Discuss Windows Network Services and Protocol Security
5 15%
Endpoint SecurityLinux Systems
  • Understand Linux OS and Security Concerns
  • Discuss Linux Installation and Patching
  • Discuss Linux OS Hardening Techniques
  • Discuss Linux User Access and Password Management
  • Discuss Linux Network and Remote Access Security
  • Discuss Various Linux Security Tools and Frameworks
4
Endpoint SecurityMobile Devices
  • Discuss Common Mobile Usage Policies in Enterprises
  • Discuss the Security Risk and challenges associated with Enterprises mobile usage policies
  • Discuss security guidelines to mitigate risk associated with enterprise mobile usage policies
  • Discuss and implement various enterprise-level mobile security management Solutions
  • Discuss and implement general security guidelines and best practices on Mobile platforms
  • Discuss Security guidelines and tools for Android devices
  • Discuss Security guidelines and tools for iOS devices
3
Endpoint Security-IoT Devices
  • Understand IoT Devices, their need, and Application Areas
  • Understand IoT Ecosystem and Communication models
  • Understand Security Challenges and risks associated with IoT-enabled environments
  • Discuss the security in IoT-enabled Environments
  • Discuss Security Measures for IoT-enabled Environments
  • Discuss IoT Security Tools and Best Practices
  • Discuss and refer various standards, Initiatives and Efforts for IoT Security
3
4. Application and Data Protection Administrative Application Security
  • Discuss and implement Application Whitelisting and Blacklisting
  • Discuss and implement application Sandboxing
  • Discuss and implement Application Patch Management
  • Discuss and implement Web Application Firewall (WAF)
4 13%
Data Security
  • Understand Data Security and its Importance
  • Discuss the implementation of data access controls
  • Discuss the implementation of encryption of “Data at rest”
  • Discuss the implementation of Encryption of “Data at transit”
  • Discuss the implementation of Encryption of “Data at transit” between browser and web server
  • Discuss the implementation of Encryption of “Data at transit” between database server and web server
  • Discuss the implementation of Encryption of “Data at transit” in Email Delivery
  • Discuss Data Masking ConceptsDiscuss data backup and retention
  • Discuss Data Destruction Concepts
  • Data Loss Prevention(DLP) Concepts
9
5. Enterprise Virtual, Cloud, and Wireless Network Protection Enterprise Virtual Network Security
  • Understand Virtualization Essential Concepts
  • Discus Network Virtualization (NV) Security
  • Discuss Software-Defined Network (SDN) Security
  • Discuss Network Function Virtualization (NFV) Security
  • Discus OS Virtualization Security
  • Discuss Security Guidelines, recommendations and best practices for Containers
  • Discuss Security Guidelines, recommendations and best practices for Dockers
  • Discuss Security Guidelines, recommendations and best practices for Kubernetes
4 12%
Enterprise Cloud Network Security
  • Understand Cloud Computing Fundamentals
  • Understand the Insights of Cloud Security
  • Evaluate CSP for Security before Consuming Cloud Service
  • Discuss security in Amazon Cloud (AWS)
  • Discuss security in Microsoft Azure Cloud
  • Discuss Security in Google Cloud Platform (GCP)
  • Discuss general security best practices and tools for cloud security
3
Enterprise Wireless Network Security
  • Understand wireless network fundamentals
  • Understand wireless network encryption mechanisms
  • Understand wireless network authentication methods
  • Discuss and implement wireless network security measures
5
6. Incident Detection Network Traffic Monitoring and Analysis
  • Understand the need and advantages of network traffic monitoring
  • Setting up the environment for network monitoring
  • Determine baseline traffic signatures for normal and suspicious network traffic
  • Perform network monitoring and analysis for suspicious traffic using Wireshark
  • Discuss network performance and bandwidth monitoring concepts
7 14%
Network Logs Monitoring and Analysis
  • Understand logging concepts
  • Discuss log monitoring and analysis on Windows systems
  • Discuss log monitoring and analysis on Linux
  • Discuss log monitoring and analysis on Mac
  • Discuss log monitoring and analysis on Firewall
  • Discuss log monitoring and analysis on Routers
  • Discuss log monitoring and analysis on Web Servers
  • Discuss centralized log monitoring and analysis
7
7. Incident Response Incident Response and Forensic Investigation
  • Understand incident response concept
  • Understand the role of first responder in incident response
  • Discuss Do’s and Don’t in first response
  • Describe incident handling and response process
  • Describe forensics investigation process
6 10%
Business Continuity and Disaster Recovery
  • Introduction to Business Continuity (BC) and Disaster Recovery (DR)
  • Discuss BC/DR Activities
  • Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
  • Discuss various BC/DR Standards
4
8. Incident Prediction Risk Anticipation with Risk Management
  • Understand risk management concepts
  • Learn to manage risk though risk management program
  • Learn different Risk Management Frameworks (RMF)
  • Learn to manage vulnerabilities through vulnerability management program
  • Learn vulnerability assessment and scanning
3 10%
Threat Assessment with Attack Surface Analysis
  • Understand the attack surface analysis
  • Understand and visualize your attack surface
  • Learn to identify Indicators of Exposures (IoE)
  • Learn to conduct attack simulation
  • Learn to reduce the attack surface
4
Threat Prediction With Cyber Threat Intelligence
  • Understand the role of cyber threat intelligence in network defense
  • Understand different types of threat Intelligence
  • Understand the Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
  • Understand the layers of Threat Intelligence
  • Learn to leverage/consume threat intelligence for proactive defense
3

You can find the existing exam blueprint v2 here, the current blueprint is valid till January 10th, 2021.

Note: This announcement is limited to the CND multiple choice exam and there are no changes to any other aspect of the exam such as the eligibility criteria, exam duration or exam availability.

Should you have any further questions you can write to [email protected]

Certified Ethical Hacker (CEH), Blueprint Change Announcement

Effective Jan 11th, 2021, EC-Council will be introducing a new version of the CEH V4 exam blueprint.

An exam blueprint is a framework that helps break down the sections of the test making it easier for the test taker to focus his/ her study as they prepare for the exam. It dictates how many questions in various areas of practice should go on an exam.

As a reputed certification body, we always strive to keep updated of the latest technological advancements in the field of ethical hacking and information system security audits. Our new exam blueprint is an outcome of the same effort.

For those who are scheduled to take the CEH exam on or after Jan 11th, 2021, here are the major changes you can expect to see:

  • New segmentation of topics among exam domains.
  • Removal and addition of some key topics.

Summary of the updated blueprint:

Domains Sub Domain Description Number of Questions Weightage (%)
1. Information Security and Ethical Hacking Overview Introduction to Ethical Hacking
  • Information Security Overview
  • Cyber Kill Chain Concepts
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Information Security Laws and Standards
8 6%
2. Reconnaissance Techniques Footprinting and Reconnaissance
  • Footprinting Concepts
  • Footprinting Methodology
  • Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Whois Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Footprinting Countermeasures
10 21%
Scanning Networks
  • Network Scanning Concepts
  • Scanning Tools
  • Host Discovery
  • Port and Service Discovery
  • OS Discovery (Banner Grabbing/OS Fingerprinting)
  • Scanning Beyond IDS and Firewall
  • Draw Network Diagrams
10
Enumeration
  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP and NFS Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques (IPsec, VoIP, RPC, Unix/Linux, Telnet, FTP, TFTP, SMB, IPv6, and BGP enumeration)
  • Enumeration Countermeasures
6
3. System Hacking Phases and Attack Techniques Vulnerability Analysis
  • Vulnerability Assessment Concepts
  • Vulnerability Classification and Assessment Types
  • Vulnerability Assessment Solutions
  • Vulnerability Assessment Reports
9 17%
System Hacking
  • System Hacking Concepts
  • Gaining Access
  • Cracking Passwords
  • Vulnerability Exploitation
  • Escalating Privileges
  • Maintaining Access
  • Executing Applications
  • Hiding Files
  • Clearing Logs
6
Malware Threats
  • Malware Concepts
  • APT Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • File-less Malware Concepts
  • Malware Analysis
  • Malware Countermeasures
  • Anti-Malware Software
6
4. Network and Perimeter Hacking Sniffing
  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Sniffing Countermeasures
  • Sniffing Detection Techniques
3 14%
Social Engineering
  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social
  • Networking Sites
  • Identity Theft
  • Social Engineering Countermeasures
5
Denial-of-Service
  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • Botnets
  • DDoS
  • Case Study
  • DoS/DDoS Attack Tools
  • DoS/DDoS Countermeasures
  • DoS/DDoS Protection Tools
2
Session Hijacking
  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Session Hijacking Countermeasures
3
Evading IDS, Firewalls, and Honeypots
  • IDS, IPS, Firewall, and Honeypot Concepts
  • IDS, IPS, Firewall, and Honeypot Solutions
  • Evading IDS
  • Evading Firewalls
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures
5
5. Web Application Hacking Hacking Web Servers
  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Web Server Countermeasures
  • Patch Management
  • Web Server Security Tools
8 16%
Hacking Web Applications
  • Web App Concepts
  • Web App Threats
  • Web App Hacking Methodology
  • Footprint Web Infrastructure
  • Analyze Web Applications
  • Bypass Client-Side Controls
  • Attack Authentication Mechanism
  • Attack Authorization Schemes
  • Attack Access Controls
  • Attack Session Management Mechanism
  • Perform Injection Attacks
  • Attack Application Logic Flaws
  • Attack Shared Environments
  • Attack Database Connectivity
  • Attack Web App Client
  • Attack Web Services
  • Web API, Webhooks
8
SQL Injection
  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • SQL Injection Countermeasures
4
6. Wireless Network Hacking Hacking Wireless Networks
  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Wireless Countermeasure
8 6%
7. Mobile Platform, IoT, and OT Hacking Hacking Mobile Platforms
  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Device Management
  • Mobile Security Guidelines and Tools
4 8%
IoT and OT Hacking
  • IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • IoT Countermeasures
  • OT Concepts
  • OT Attacks
  • OT Hacking Methodology
  • OT Hacking Tools
  • OT Countermeasures
6
8. Cloud Computing Cloud Computing
  • Cloud Computing Concepts
  • Container Technology
  • Serverless Computing
  • Cloud Computing Threats
  • Cloud Hacking
  • Cloud Security
7 6%
9. Cryptography Cryptography
  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis
  • Countermeasures
7 6%

You can find the existing exam blueprint v3 here, the current blueprint is valid till January 10th, 2021.

Note: This announcement is limited to the CEH multiple choice exam and there are no changes to any other aspect of the exam such as the eligibility criteria, exam duration or exam availability.

Should you have any further questions you can write to [email protected]

Are you worried how the COVID-19 impacts your ECEs?
Times are uncertain and we understand how such an outbreak of the pandemic may have impacted your personal and professional life. We do not want you to stress over your ECE credits as we are all in this together.
For those who hold EC-Council certifications that may have been Suspended please note that you have 1 year from date of Suspension to key in your ECE credits and renew your certification.
For those who hold EC-Council certifications that may have been Revoked in 2020, we ensure that you will be provided a chance to key in your ECE credits if you have not done this in time. You can write to [email protected] and we will work with you to update your account.
For those who had activities and events planned to ensure they earn ECE credits are unable to do so given the current situation, can make the most of EC-Councils online resources which will help you earn ECE credits at https://codered.eccouncil.org/
EC-Council takes steps to support test takers during the unfortunate COVID-19 outbreak
We understand that during these challenging times, students preparing to challenge their EC-Council exams may be affected by travel restrictions, temporary business closures and such. As such, EC-Council is extending all exam vouchers expiring between 1 March 2020 and 30 June 2020 to a new extended expiry date of 30 September 2020. Any candidates with voucher expiry within this date range can write EC-Council (at [email protected]) to receive the free extension. EC-Council will continue to track the developments of the Covid19 situation and will make further arrangements should the situation requires.
CHFI, CND, CTIA v1, CSA v1, ECIH v2 revised exam voucher price
Effective Oct 1st, 2019, revised voucher prices as follows:
CHFI $650
CND $550
CTIA v1 $450
CSA v1 $550
ECIH v2 $450
CHFI, CND, CASE .Net/Java, EDRP v3, ECES v2, CTIA v1, ECIH v1, ECSS v9 revised exam voucher price
Effective Jan 1st, 2019, revised voucher prices as follows:
CHFI $600
CND $450
CASE .Net v1 $450
CASE Java v1 $450
EDRP v3 $450
ECES v2 $249
CTIA v1 $249
ECIH v1 $249
ECSS v9 $249
CEH Pearson Vue Voucher price
Effective Aug 15th, 2018, the CEH Pearson Vue Voucher price will be $1199.
Note: There is no price change for CEH ECC Exam Vouchers. This will continue to be $950.
Electronic Certificates (Digital Badging)
Dear EC-Council Partners, Members, and Friends

EC-Council is pleased to announce the formal introduction of “Digital Badges” for all of its active members, without any additional fee whatsoever. A digital badge is a validated indicator of achievement to highlight a skill or quality. EC-Council will now offer digital badges post successful completion of our modules, courses, and certification exams. These visual tokens of achievement will now allow students to showcase their efforts and success across the world!

How Do “Digital Badges” Work?

Upon registering for a course, students can access EC-Council course content via the ASPEN portal. They will now be rewarded with digital badges upon completion of each module, or upon successfully passing an EC-Council certification exam. These digital badges can be collected and shared with colleagues, added to resumes, social media outlets, and other avenues, serving as skills validators. Digital Badges will be available to download from the ASPEN portal.

As we continue to face a growing threat landscape and a Cybersecurity industry, hungry for qualified candidates, digital badges will become paramount to enhancing the exposure of EC-Council certified members.

As we continue our digital journey, commencing January 1st, 2019, EC-Council will no longer ship out physical certificates. EC-Council certified members can continue to download their e-Certificates from the ASPEN portal. Certified members who still wish to receive a physical certificate may request a physical certificate here.

We thank you for your on-going support. For more information on our digital badges and supporting processes, please contact: [email protected].

Certified Ethical Hacker (CEH), Blueprint Change Announcement

Effective Nov 1st, 2018, EC-Council will be introducing a new version of the CEH exam blueprint V3.

An exam blueprint is a framework that helps break down the sections of the test making it easier for the test taker to focus his/ her study as they prepare for the exam. It dictates how many questions in various areas of practice should go on an exam.

As a reputed certification body, we always strive to keep updated of the latest technological advancements in the field of ethical hacking and information system security audits. Our new exam blueprint is an outcome of the same effort.

For those who are scheduled to take the CEH exam on or after Nov 1st, 2018 here are the major changes you can expect to see:

  • New segmentation of topics among exam domains.
  • Removal and addition of some key topics.

Summary of the updated blueprint:

Domains Weightage Total Number of Items Per Domain Objectives/Sub-Domains Total Number of Items Per Sub-Domain
Background 21.79% 27
Network and Communication Technologies
Information Security Threats and Attack Vector
Information Security Technologies
10

9

8
Analysis/Assessment 12.73% 16
Information Security Assessment and Analysis
Information Security Assessment Process
8

8

Security 23.73% 30
Information Security Controls
Information Security Attack Detection
Information Security Attack Prevention
15
9
6
Tools / Systems / Programs 28.91% 36
Information Security Systems
Information Security Programs
Information Security Tools
7
5
24
Procedures / Methodology 8.77% 11
Information Security Procedures
Information Security Assessment Methodologies
5
6

Regulation / Policy 1.90% 2 Information Security Policies/Laws/Acts 2
Ethics 2.17% 3 Ethics of Information Security 3

The current blueprint V2 is valid till October 31st, 2018.

Note: This announcement is limited to the CEH multiple choice exam and there are no changes to any other aspect of the exam such as the eligibility criteria, exam duration or exam availability.

Should you have any further questions you can write to [email protected]

EC-Council's C|ND Program officially accredited by ANSI

EC-Council is proud to announce that the Certified CND Program has officially been accredited by the American National Standards Institute (ANSI) to meet the ANSI/ISO/IEC 17024 Personnel Certification Accreditation standard for its C|ND certification!

The American National Standards Institute (ANSI) is a private non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system. ANSI is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC). ANSI is also a member of the International Accreditation Forum (IAF).

To award the accreditation, ANSI conducted a verification process to ensure that EC-Council is impartial and objective as a certification body. It also confirmed that EC-Council’s certification process is conducted in a consistent, comparable, and reliable manner. This process required rigorous quality reviews of EC-Council and the Certified CND (C|ND) program.

All CNDs who took the version of the exam that was certified by ANSI will now have the ANSI logo on their electronic certification. If you have any questions about this program, please contact [email protected].

EC-Council's C|HFI Program officially accredited by ANSI

EC-Council is proud to announce that the Certified CHFI Program has officially been accredited by the American National Standards Institute (ANSI) to meet the ANSI/ISO/IEC 17024 Personnel Certification Accreditation standard for its C|HFI certification!

The American National Standards Institute (ANSI) is a private non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system. ANSI is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC). ANSI is also a member of the International Accreditation Forum (IAF).

To award the accreditation, ANSI conducted a verification process to ensure that EC-Council is impartial and objective as a certification body. It also confirmed that EC-Council’s certification process is conducted in a consistent, comparable, and reliable manner. This process required rigorous quality reviews of EC-Council and the Certified CHFI (C|HFI) program.

All CHFIs who took the version of the exam that was certified by ANSI will now have the ANSI logo on their electronic certification. If you have any questions about this program, please contact [email protected].

EC-Council's C|CISO Program officially accredited by ANSI

EC-Council is proud to announce that the Certified CISO Program has officially been accredited by the American National Standards Institute (ANSI) to meet the ANSI/ISO/IEC 17024 Personnel Certification Accreditation standard for its C|CISO certification!

The American National Standards Institute (ANSI) is a private non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system. ANSI is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC). ANSI is also a member of the International Accreditation Forum (IAF).

To award the accreditation, ANSI conducted a verification process to ensure that EC-Council is impartial and objective as a certification body. It also confirmed that EC-Council’s certification process is conducted in a consistent, comparable, and reliable manner. This process required rigorous quality reviews of EC-Council and the Certified CISO (C|CISO) program.

All CCISOs who took the version of the exam that was certified by ANSI will now have the ANSI logo on their electronic certification. If you have any questions about this program, please contact [email protected].

EC-Council Announces the World’s First Fully Online, Remotely Proctored Hands-On Penetration Testing Exam

EC-Council today announced the release of the new, fully online, remotely proctored Licensed Penetration Tester (LPT) certification, which will be launched at Hacker Halted, 2017. The new LPT (Master) certification exam is the first globally accepted, hands-on penetration testing certification exam administered in a fully remote proctored environment.

Penetration testing professionals around the world will be able validate their skills in this new exam format launched by EC-Council. The new LPT (Master) certification exam will be delivered as a secure, remotely-proctored, live certification test that can be taken anytime, anywhere by busy professionals.

Jay Bavisi, the president and CEO of EC-Council, commented “With the increase in the sophistication of cyber-attacks and with ever growing security needs, today’s digital enterprises are looking for experts that have proven abilities to function as competent penetration testers in order to secure their operations. The online remotely proctored, hands-on LPT (Master) certification exam combines effectiveness with convenience to deliver a highest standard of exam that enables the candidates to demonstrate expertise in applying their skills in a hands-on environment.”

The exam provides a level playing field where candidates are challenged to prove their skills as expert-level penetration testers. Bavisi added “In the real world, penetration testers go through a strenuous, arduous and laborious process to keep their clients and organizations secure. This exam is meant to mimic the real-world environment and is meant to stress, burden and ardently push the candidates to their limits to test their actual abilities in penetration testing.”

The new LPT (Master) certification is the crown jewel of the EC-Council penetration testing track. It challenges candidates through a grueling 18 hours of hands-on exam categorized into three practical tests for six hour intervals, each of which provide a multidisciplinary approach for targeting and compromising high security environments. Upon completion of the exam, candidates will have to demonstrate an advanced understanding of testing modern infrastructures by completing a professional penetration test report to be evaluated by EC-Council experts for completeness and professionalism.

For more information, please contact [email protected]

Protect, Detect and Respond to Cyber Security Threats with EC-Council’s Certified Network Defender (CND) Skillset

EC-Council is excited to announce the launch of the all-new certification Certified Network Defender (CND), which was launched globally on September 14th, 2016.

The new certification is designed to be a game changer in the network defence domain. The past few years had seen the disastrous consequences of cyber-crime, which made cyber security one of the key aspects of agenda in the Board Room discussions. Studies point out that, professionals handling the Organisation’s networks are not amply equipped to protect their networks from evolving cyber threats like Advanced Persistent Threats (APTs), sophisticated botnet C&C, Insiders to mention a few. Cyber criminals see this as an opportunity to hack the system compromising on important information. The R&D teams at EC-Council have extensively conducted technology surveys, community engagements, market analysis and SME consultations to develop the CND skillset that will enable networking professionals to protect, detect and respond to cyber security threats.

A thorough job task analysis along with research, market analysis, surveys, community engagement activities, consultation and advice from Subject Matter Experts, has ensured that the CND design is based on cyber security frameworks such as NICE and is in sync with the current markets trends. CND is designed in a manner that it imparts the necessary skillset to the Network Administrator on the nuances of Network Security whether it is designing the Organisation’s network security controls, firewall systems, IDS/IPS systems, policies and procedures, DLP and etc. It also ensures that the personnel handling the network can detect network security breaches at an early stage, and also respond to the same. A deeper analysis of the situation brings to the fore, the larger goals of the organisation being met. Ensuring that information, the key component of the organisation is safe will ensure business continuity, better ROIs on security investment and lesser impact on incidents on Information System Resources. What makes CND different from the other programmes is that CND covers network defence from a Defence perspective going beyond the traditional security solutions and appliances. Also, the CND programme includes operational security aspects such as designing and deploying security policies, network monitoring, vulnerability management, incident handling and response and etc.

EC-Council recommends that companies facing a shortage of qualified security practitioners or companies that cannot afford to hire specialized information security professionals consider adding information security duties to their existing system and network administrator job roles. The fastest way to accomplish this would be to send their employees to the only program on the market designed to teach network and system administrator information security skills: CND.

For further information, please visit https://www.eccouncil.org/programs/certified-network-defender-cnd/

My Contribution

"EC-Council is glad to announce the initiative of our "My Contribution" a platform for Cyber Security enthusiasts and cyber security experts who are interested to share and contribute their views and feedback through various exercises.

You will have a chance to publish White Papers/ articles, act as Subject matter expert to our team, be a part of the exam development cycle and add value to our certification programs through this platform.

You can read more about this by logging into your Aspen account, and clicking on "My contribution" or write to us at [email protected]

LPT (Master) is available now

Starting 1st December 2015, interested candidates can apply for the "LPT (Master)" credential. For more details about the LPT (Master) program Click Here, If you would like to submit your application Click Here

For more details and information please contact [email protected]

Membership Fee for EC-Council Certified Members

Please be advised, effective January 1, 2016, EC-Council will be initiating the requirement for Membership fees for all certified members holding EC-Council certifications. In the year 2012, EC-Council had announced that it would be initiating this membership fee structure in 2016. We are proud to say our certification membership base continues to grow at a steady rate and the cyber security field is growing as a whole.

Just this year, EC-Council has received “Cyber Security Company of the year award" The year before, we received the “DHS/NSA Industry Achievement Award” at the CISSE Colloquium for advances in cyber security professionalization. These awards received are evidence of the work we continue to do to add tangible industry recognition and value in our certification programs. We also now have a fully accredited online University- EC-Council University, which produces Cyber Leaders of the future. We are proud to maintain our ANSI 17024 status. We are proud to be one of the world’s largest technical InfoSec certification bodies with over 140,000 certified members in 140 countries across the globe

Holding a certification from EC-Council comes with many benefits and advantages but comes at an immense cost of maintenance to EC-Council. To continue to provide these benefits and elevate the value of EC-Council Certifications in the market, EC-Council has no choice but to implement a certification maintenance fee of $80.00 per annum.

The EC-Council Continuing Education requirements, which calls for the maintenance of certification through Continuing education credits is still in effect and it is important you maintain currency in the profession.

Members are also eligible to receive exclusive discounts to attend EC-Council Foundation Events such as Hacker Halted and Take Down Con as well as a discounts on additional EC-Council certification programs and material.

Members will receive reminders prior to their membership fee due dates.

We thank you for your ongoing support towards EC-Council, should you have any questions, please write back to us.
For partners [email protected]
For certified members me[email protected]

More details about the membership fee, cycle and due date can be found at https://cert.eccouncil.org/membership.html

EC-Council Exams can now be remotely proctored

EC-Council has partnered with ProctorU allowing exam candidates to take EC-Council exams remotely. ProctorU is an online proctoring service which allows EC-Council candidates to take exams from any location 24 x7 as long as they have a computer equipped with a webcam and a microphone. This online delivery format requires that the students have reliable Internet connectivity and schedule their exam time with a proctor through the ECC Exam Center.

This service is exclusively available with ECC Exam Centre only. Candidates interested in these services need to specify their requirements while placing their orders.

NOTE: Vouchers with ProctorU services are unique.

EC-Council Certification status for certified member
  • Certified members who have earned their EC-Council certification are required to check their recertification requirement and policy at HERE.
  • Members whose certification is revoked will be required to retake and pass the respective new exam to regain their certification.
Changes to EC-Council Logo Guidelines (Effective From April 1st, 2012).

Additional guidelines in EC-Council logo usage for

  • Certified Member must state the certification version number next to the logo such as v4, v6, v7, v8. Certified Member may not alter, change or remove elements of the logo in any other way.
  • Individuals may not use the logo if their certification has been revoked or suspended due to non-compliance of certification requirements.
  • Certified Member who hold EC-Council 'Retired Status' may not use the logo unless the logo is used with the word 'retired'.