How Many Questions Are on the CEH Exam? Everything You Need to Know

The EC-Council Certified Ethical Hacker (CEH) v12 knowledge exam contains 125 multiple-choice questions with a 240-minute (4-hour) time limit. The passing score is approximately 70%, though the exact cutoff varies by exam form because EC-Council uses a scaled scoring model. With nearly 2 minutes per question, time pressure is minimal compared to CompTIA or Cisco exams — the challenge lies in the breadth of ethical hacking topics covered across 20 domains.

CEH is one of the most recognized offensive security certifications globally, validated by the U.S. Department of Defense and required for many government cybersecurity positions. Understanding the exam format, question distribution, and preparation strategies is essential for passing on your first attempt and avoiding the $950+ retake cost.

125
Questions
240 min
Time Limit
~70%
Passing Score
$950+
Exam + Training

CEH Exam Format and Question Types

The CEH v12 knowledge exam is entirely multiple-choice — there are no performance-based questions (PBQs), simulations, drag-and-drop, or hands-on labs in the knowledge exam. Every question presents four answer options with exactly one correct answer. This format is notably different from CompTIA exams (which include PBQs) and the OSCP (which is entirely hands-on).

Questions primarily test your knowledge of:

CEH Practical vs. CEH Knowledge: The 125-question multiple-choice exam is the "CEH Knowledge" exam. EC-Council also offers the CEH Practical — a separate 6-hour hands-on lab exam where you must demonstrate actual hacking skills in a live environment. Passing both earns the CEH Master designation.

CEH v12 Domain Breakdown (20 Modules)

CEH v12 covers 20 modules, each representing a phase or topic in the ethical hacking methodology. While EC-Council does not publish exact question weightings per module, the exam blueprint indicates roughly equal distribution with emphasis on the most critical areas:

ModuleTopicEst. Questions
1Introduction to Ethical Hacking~5
2Footprinting and Reconnaissance~7
3Scanning Networks~7
4Enumeration~7
5Vulnerability Analysis~6
6System Hacking~8
7Malware Threats~6
8Sniffing~5
9Social Engineering~5
10Denial-of-Service~5
11Session Hijacking~5
12Evading IDS, Firewalls, and Honeypots~6
13Hacking Web Servers~6
14Hacking Web Applications~7
15SQL Injection~6
16Hacking Wireless Networks~6
17Hacking Mobile Platforms~5
18IoT and OT Hacking~5
19Cloud Computing~6
20Cryptography~8

Time Management Strategy for 125 Questions

With 240 minutes for 125 questions, you have approximately 1 minute and 55 seconds per question. This is generous compared to most IT certification exams. However, effective time management still matters because some questions require careful reading of scenario-based prompts.

Recommended Approach

  1. First pass (150 minutes): Work through all 125 questions at a steady pace. Answer questions you are confident about immediately and flag uncertain ones for review.
  2. Second pass (60 minutes): Return to flagged questions with fresh perspective. Re-read the question stem carefully — CEH questions often include subtle keywords that change the correct answer.
  3. Final review (30 minutes): Verify no questions are left unanswered. Double-check any answers you changed during the second pass.

Common Question Patterns

CEH questions frequently follow these patterns:

CEH Exam Cost and Registration

The cost of taking the CEH exam varies based on your training path:

OptionCostIncludes
EC-Council Official Training + Exam$1,199 - $3,499Instructor-led or self-paced training, exam voucher, labs
Exam Voucher Only (with approved application)$950Exam voucher only — requires 2 years of infosec experience
Application Fee (self-study path)$100Non-refundable application review fee
Retake Voucher$499 - $950Varies by program and waiting period

Self-study eligibility: If you choose not to take EC-Council's official training, you must submit an application proving at least 2 years of information security work experience. EC-Council reviews the application and charges a non-refundable $100 fee. If approved, you can purchase the exam voucher separately for approximately $950.

CEH vs. Other Ethical Hacking Certifications

CertificationQuestionsTimeFormatCostFocus
CEH v12125240 minMultiple-choice$950+Broad ethical hacking
CompTIA PenTest+Up to 85165 minMC + PBQs$404Penetration testing methodology
OSCPN/A23h 45mHands-on lab$1,749+Practical exploitation
GPEN (SANS)82-115180 minMultiple-choice$2,499+Advanced penetration testing
eJPT35 tasks48 hoursHands-on lab$249Entry-level pentesting

CEH is the most widely recognized ethical hacking certification for compliance and HR requirements. OSCP is preferred for technical credibility among red team professionals. PenTest+ offers the best value for money at $404 with a vendor-neutral approach. Your choice depends on whether you need the certification for job requirements (CEH), practical skill validation (OSCP), or career entry (PenTest+ or eJPT).

How to Prepare for the CEH Exam

Study Timeline

Most candidates with existing security knowledge (Security+ level or equivalent) need 6-10 weeks of dedicated study. Complete beginners should allow 3-4 months to build foundational networking and security knowledge first.

Recommended Study Resources

Key Tools to Memorize

The following tools appear most frequently on the CEH exam:

CEH Certification Maintenance

CEH certification is valid for 3 years. To maintain it, you must:

ECE credits can be earned through training courses, conferences, webinars, published research, and teaching. Higher-level EC-Council certifications (like ECSA or LPT) automatically renew CEH.

Frequently Asked Questions

How many questions are on the CEH exam?

The CEH v12 knowledge exam contains 125 multiple-choice questions to be completed in 240 minutes (4 hours).

What is the CEH passing score?

Approximately 70%, though the exact cutoff varies by exam form. EC-Council uses a scaled scoring model.

Does CEH have a practical exam?

Yes. CEH v12 offers an optional CEH Practical exam — a 6-hour hands-on lab — for candidates pursuing the CEH Master designation. The knowledge exam is multiple-choice only.

Is CEH harder than Security+?

CEH covers more offensive tools and techniques, but Security+ has a higher passing threshold (83% vs ~70%). CEH is broader in ethical hacking topics but less deep on any single domain.

How much does the CEH exam cost?

The CEH exam voucher alone costs approximately $950-$1,199 depending on whether you purchase training bundles. EC-Council requires authorized training or a verified application for self-study candidates.

Can I take CEH without training?

Yes, but you must submit an application proving at least 2 years of information security experience and pay a non-refundable $100 application fee. Approved applicants can then purchase the exam voucher separately.

How long should I study for CEH?

Most candidates with Security+ or equivalent experience need 6-10 weeks of dedicated study. Complete beginners should allow 3-4 months to cover networking fundamentals and security concepts before CEH-specific material.

Does CEH expire?

Yes. CEH certification is valid for 3 years. You must earn 120 ECE credits within the 3-year cycle and pay an annual maintenance fee of $80/year to maintain certification.

Practice CEH Questions

Test your ethical hacking knowledge with unlimited adaptive practice questions covering all 20 CEH domains.

Start Free Practice Test →

Related Resources