We are inviting EC-Council certified members to participate in the Item writing initiative. Click here for more details.

Certified Penetration Testing Professional

About the CPENT

EC-Council is rewriting the standards of penetration testing skill development with the Certified Penetration Testing Professional, the CPENT certification program. What makes this program unique is our approach that allows you to attain two certifications with just one exam. The key philosophy behind the CPENT is simple – a penetration tester is as good as their skills; that’s why we urge you to go beyond Kali Linux and go beyond tools.

Not that we don’t believe in the OS or tools, but candidates with an over-reliance on Kali tools find it incredibly difficult to adapt to the multi-disciplinary approach of the real-world penetration testing engagements. We urge you to go beyond and explore the vast horizons of penetration testing that differentiate the great from the good. Ergo, the knowledge, skills, and abilities you learn from the CPENT program will allow you to challenge network types and not just one or two specialties. What makes the CPENT different is the requirement to display skills across multiple disciplines, forcing the candidate to “think on their feet.” It makes CPENT the first of its kind in the list of Pen testing programs! Our research shows that knowledge-based certifications alone do not necessarily equate to well-rounded skillsets when the candidates are put on a complex cyber range. In fact, many do not even have the skills to create routing tables, which is the first step to pivot invisible networks. Without the use of an automated tool, most pen testers struggled, then when simple stateless filtering was present, the few that had added the correct networking details stalled, and only a few ever got past the first hurdle. In short, no one made it through all of the hurdles, leading to the creation of the CPENT.

The Purpose of the CPENT

Years of research showed us that most pentesting candidates have gaps in their skills when it comes to multiple disciplines. Furthermore, the metrics revealed that when the targets are not located on either the same or a directly connected and reachable segment, a few can perform as well as they do it when on a direct or a flat network.

That’s why, for the first time in the industry, the assessment for the Certified Penetration Tester (CPENT) will be about multiple disciplines and not just one or two specialty types. Everything presented in the course is through an enterprise network environment that must be attacked, exploited, evaded, and defended. EC-Council’s CPENT provides the industry with the capability to assess a Pentester’s skills across a broad spectrum of “network zones.” What makes the CPENT different is the requirement to be provided a variety of different scopes of work so that the candidate can “think on their feet.” The result of this is that different zones represent various types of testing. Anyone attempting the test will have to perform their assessment against these different zones.

  • Penetration Testers
  • Ethical Hackers
  • Information security Consultant
  • Security Testers
  • Security Analysts
  • Security Engineers
  • Network Server Administrators
  • Firewall Administrators
  • System Administrators
  • Risk Assessment Professionals

Exam features:

  • Cheating isn’t an option since EC-Council specialists proctor the entire exam.
  • Choose your challenge! Either two 12-hour sessions or a single 24-hour exam!
  • Score over 70% and become a CPENT!
  • Join the league of extraordinary pen testers by scoring more than 90% and becoming an LPT (Master)!

We strongly recommend candidates to attempt the CEH (Practical) and/ or ECSA (Practical) prior to attempting the CPENT Challenge.

Blue Print

Clause: Age Requirements and Policies Concerning Minors

The age requirement for attending the training or the exam is restricted to any candidate that is permitted by his/her country of origin/residency.

If the candidate is under the legal age as permitted by his/her country of origin/residency, they are not eligible to attend the official training or eligible to attempt the certification exam unless they provide the accredited training center/EC-Council a written consent/indemnity of their parent/legal guardian and a supporting letter from their institution of higher learning. Only candidates from a nationally accredited institution of higher learning shall be considered.

Disclaimer: EC-Council reserves the right to impose additional restrictions to comply with the policy. Failure to act in accordance with this clause shall render the authorized training center in violation of their agreement with EC-Council. EC-Council reserves the right to revoke the certification of any person in breach of this requirement.

What are the eligibility criteria to apply for the CPENT exam?
  • There are no predefined eligibility criteria for those interested in attempting the CPENT exam. You can purchase the exam dashboard code here
What will I receive as part of my purchase towards the CPENT exam?
  • You will receive access to practice range and Exam access code.
What is the access validity of practice range?
  • You can purchase the access validity in either 30 days, 60 days, and 90 days at the time of purchase.
What is the access period of basic videos?
  • 30 days from the date of activation.
What is Aspen Dashboard?
  • It is an EC-Council portal where you can access your package inclusions. All the EC-Council practical exams can be scheduled and launched from this portal.
For how long is the Aspen Dashboard access code valid for?
  • The Aspen Dashboard access code is valid for 1 Year from the date of receipt. You have to redeem the code within this period.
Post dashboard activation, how long is the access valid for?
  • The Aspen Dashboard access is valid for 30 days from the day it is unlocked.
What if I’m unable to submit the report within 30 days?
  • You can request for a 7 days extension by paying USD100.
What does the Dashboard consist of?

The Dashboard consists of:

  • Detailed Instruction guide.
  • Exam scheduling service.
  • Exam launching service.
  • Exam progress tracking.
  • Sample report templates.
  • Report submission.
  • Status of the report.
What is the structure of the exam?
  • The CPENT exam is a 100% practical exam. The candidate is required to submit the pen-testing report to complete the exam.
Is CPENT an open book exam?
  • Yes, it's an open book exam.
What is the duration of the exam?
  • The exam duration is 24 hours. You can opt either for two sessions of 12 hours each or one session for 24 hours.
What is the passing percentage for the exam?
  • The candidate needs to score a minimum of 70% in order to pass the CPENT exam.
What are the criteria for certification?
  • If your score ranges between 70-89%, you will be certified as CPENT, and 90% and above, you will be certified as CPENT and LPT (Master).
Will I get two certifications if I score 90% and above?
  • Yes, you will get two certifications CPENT and LPT (Master) in your Aspen account.
What is the notice period required to book the exam session?
  • Sessions should be booked at least 3 days in advance of the desired exam date.
Is the CPENT exam available at the EC-Council Authorized Training Centers?
  • No, the CPENT exam sessions are proctored by the EC-Council directly through the RPS (Remote Proctoring Services).
What are the important things to keep in mind before I schedule my exam?

Once you are ready to proceed with your exam, you need to ensure you understand the below points:

  • Cancellation requests are to be made 24 hours in advance.
  • Rescheduling is possible 72 hours before the exam session.
  • Candidate has a grace period of 15 minutes to show up for the exam session.
  • After three no-show cases, the candidate will be required to seek special permission from the Director of Certification in order to proceed with their next attempt.
  • If you need technical support or assistance, please contact us at [email protected]
  • FAQs on exam proctoring will be available at https://proctor.examspecialists.com/User/FAQ.aspx
How do I schedule the CPENT exam for any Special Accommodations?
What is the retake policy?
  • Retake exam requests can only be purchased by writing to [email protected], should a candidate fail the exam.
Is the CPENT a part of the EC-Council Continuing Education Scheme?
What is the validity of the CPENT certification?
  • The CPENT certification is valid for three years from the date of certification.
What is the annual membership fee of CPENT certification?
  • USD 250 per annum.
I hold both CPENT and LPT(Master) certifications. Do I need to pay the membership fee for each individually?
  • No
What will happen to my ECSA v10 certificate post retiring of the exam?
  • It will not be affected. The existing certified members will continue to be certified as long as they maintain the ECE credits in their Aspen account and pay the annual membership fee.
I am ECSAv10 Certified, how do I upgrade to CPENT?
  • These are two different programs. You will have to purchase the CPENT program separately.
Till when I can take the ECSAv10 exam?
  • ECSAv10 exam will remain available for the next 6 months from the date of C|PENT launch i.e. till end of 15th May 2021.