CEHv8 Exam Blueprint v2.

EC-Council

Section

Knowledge of:

A. networki ng technol ogi es (e.g.,

ha rdwa re, i nfra s tructure)
B. web technol ogi es (e.g., web 2.0,
s kype)
C. s ys tems technol ogi es
D. communi ca tion protocol s
E. ma l wa re opera tions
F. mobi l e technol ogi es (e.g., s ma rt
phones )
G. tel ecommuni ca tion technol ogi es
H. ba ckups a nd a rchi vi ng (e.g., l oca l ,
network)
II. Ana l ys i s /As s es s ment A. da ta a na l ys i s
B. s ys tems a na l ys i s
C. ri s k a s s es s ments
D. techni ca l a s s es s ment methods
III. Securi ty
A. s ys tems s ecuri ty control s
B. a ppl i ca tion/l e s erver
C. rewa l l s
D. cryptogra phy
E. network s ecuri ty
F. phys i ca l s ecuri ty
G. threa t model i ng
H. veri ca tion procedures (e.g.,
fa l s e pos i tive/nega tive va l i da tion)
I. s oci a l engi neeri ng (huma n fa ctors
ma ni pul a tion)
J. vul nera bi l i ty s ca nners
K. s ecuri ty pol i cy i mpl i ca tions
L. pri va cy/condentia l i ty (wi th
rega rd to enga gement)
M. bi ometri cs
N. wi rel es s a cces s technol ogy (e.g.,
networki ng, RFID, Bl uetooth)
O. trus ted networks
P. vul nera bi l i ties

I. Ba ckground

CEHv8 Exam Blueprint

Weight

Number of
Questions

4%

13%

16

25%

31

Section
IV. Tools / Systems /
Programs
Programs

V. Procedures /
Methodology

VI. Regul a tion/Pol i cy

VII. Ethi cs

CEHv8 Exam Blueprint

Knowledge of:

Weight

Number of
Questions

A. network/hos t ba s ed i ntrus i on
B. network/wi rel es s s ni ers (e.g.,
Wi reSha rk, Ai rs nort)
C. a cces s control mecha ni s i ms (e.g.,
s ma rt ca rds )
D. cryptogra phy techni ques (e.g.,
IPs ec, SSL, PGP)
E. progra mmi ng l a ngua ges (e.g. C++,
Ja va , C#, C)
F. s cri pting l a ngua ges (e.g., PHP,
Ja va s cri pt)
G. bounda ry protection a ppl i a nces
H. network topol ogi es
I. s ubnetting
J. port s ca nni ng (e.g., NMAP)
K. doma i n na me s ys tem (DNS)
L. routers /modems /s wi tches
M. vul nera bi l i ty s ca nner (e.g.,
Nes s us , Retina )
N. vul nera bi l i ty ma na gement a nd
protection s ys tems (e.g.,
Founds tone, Ecora )
O. opera ting envi ronments (e.g.,
Li nux, Wi ndows , Ma c)
P. a ntivi rus s ys tems a nd progra ms
Q. l og a na l ys i s tool s
R. s ecuri ty model s
S. expl oi ta tion tool s
T. da ta ba s e s tructures
A. cryptogra phy
B. publ i c key i nfra s tructure (PKI)
C. Securi ty Archi tecture (SA)
D. Servi ce Ori ented Archi tecture
E. i nforma tion s ecuri ty i nci dent
F. N-tier a ppl i ca tion des i gn
G. TCP/IP networki ng (e.g., network
routing)
H. s ecuri ty tes ting methodol ogy
A. s ecuri ty pol i ci es
B. compl i a nce regul a tions (e.g., PCI)
A. profes s i ona l code of conduct
B. a ppropri a tenes s of ha cki ng

32%

40

20%

25

4%

2%