Certified Penetration testing Professional CPENT

About the CPENT

EC-Council is rewriting the standards of penetration testing skill development with the Certified Penetration Testing Professional, the CPENT certification program. What makes this program unique is our approach that allows you to attain two certifications with just one exam. The key philosophy behind the CPENT is simple – a penetration tester is as good as their skills; that’s why we urge you to go beyond Kali Linux and go beyond tools.

Not that we don’t believe in the OS or tools, but candidates with an over-reliance on Kali tools find it incredibly difficult to adapt to the multi-disciplinary approach of the real-world penetration testing engagements. We urge you to go beyond and explore the vast horizons of penetration testing that differentiate the great from the good. Ergo, the knowledge, skills, and abilities you learn from the CPENT program will allow you to challenge network types and not just one or two specialties. What makes the CPENT different is the requirement to display skills across multiple disciplines, forcing the candidate to “think on their feet.” It makes CPENT the first of its kind in the list of Pen testing programs! Our research shows that knowledge-based certifications alone do not necessarily equate to well-rounded skillsets when the candidates are put on a complex cyber range. In fact, many do not even have the skills to create routing tables, which is the first step to pivot invisible networks. Without the use of an automated tool, most pen testers struggled, then when simple stateless filtering was present, the few that had added the correct networking details stalled, and only a few ever got past the first hurdle. In short, no one made it through all of the hurdles, leading to the creation of the CPENT.

The Purpose of the CPENT

Years of research showed us that most pentesting candidates have gaps in their skills when it comes to multiple disciplines. Furthermore, the metrics revealed that when the targets are not located on either the same or a directly connected and reachable segment, a few can perform as well as they do it when on a direct or a flat network.

That’s why, for the first time in the industry, the assessment for the Certified Penetration Tester (CPENT) will be about multiple disciplines and not just one or two specialty types. Everything presented in the course is through an enterprise network environment that must be attacked, exploited, evaded, and defended. EC-Council’s CPENT provides the industry with the capability to assess a Pentester’s skills across a broad spectrum of “network zones.” What makes the CPENT different is the requirement to be provided a variety of different scopes of work so that the candidate can “think on their feet.” The result of this is that different zones represent various types of testing. Anyone attempting the test will have to perform their assessment against these different zones.


  • Penetration Testers
  • Ethical Hackers
  • Information security Consultant
  • Security Testers
  • Security Analysts
  • Security Engineers
  • Network Server Administrators
  • Firewall Administrators
  • System Administrators
  • Risk Assessment Professionals

Exam features:

  • Cheating isn’t an option since EC-Council specialists proctor the entire exam.
  • Choose your challenge! Either two 12-hour sessions or a single 24-hour exam!
  • Score over 70% and become a CPENT!
  • Join the league of extraordinary pen testers by scoring more than 90% and becoming an LPT (Master)!

We strongly recommend candidates to attempt the CEH (Practical) and/ or ECSA (Practical) prior to attempting the CPENT Challenge.

Clause: Age Requirements and Policies Concerning Minors

Minors are not permitted to take the EC-Council exam without a written consent/indemnity letter signed by their parent or legal guardian, along with a supporting letter from their institution of learning. Only candidates from a nationally accredited institution of learning shall be considered.

Minor/Adult legal ages are defined by the country of residence/origin of the candidate. For further clarification or to submit a consent letter, please contact [email protected].

Disclaimer:
  • EC-Council reserves the right to impose additional restriction to comply with the policy.
  • EC-Council reserves the right to modify certification policies without notice.
  • EC-Council reserves the right to revoke the certification of any person determined to be in breach of this policy.
What are the eligibility criteria to apply for the CPENT exam?
What will I receive as part of my purchase towards the CPENT exam?
What is the access validity of practice range?
What is the access period of basic videos?
What is Aspen Dashboard?
For how long is the Aspen Dashboard access code valid for?
Post dashboard activation, how long is the access valid for?
What if I’m unable to submit the report within 30 days?
What does the Dashboard consist of?
What is the structure of the exam?
Is CPENT an open book exam?
What is the duration of the exam?
What is the passing percentage for the exam?
What are the criteria for certification?
Will I get two certifications if I score 90% and above?
What is the notice period required to book the exam session?
Is the CPENT exam available at the EC-Council Authorized Training Centers?
What are the important things to keep in mind before I schedule my exam?
How do I schedule the CPENT exam for any Special Accommodations?
What is the retake policy?
Is the CPENT a part of the EC-Council Continuing Education Scheme?
What is the validity of the CPENT certification?
What is the annual Continuing Education fee of CPENT certification?
I hold both CPENT and LPT(Master) certifications. Do I need to pay the Continuing Education fee for each individually?
What will happen to my ECSA v10 certificate post retiring of the exam?
I am ECSAv10 Certified, how do I upgrade to CPENT?
Till when I can take the ECSAv10 exam?