CompTIA PenTest+ is designed for IT professionals who plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results and produce written reports with remediation techniques. Penetration testing, or ethical hacking, is used to identify vulnerabilities or weaknesses in computer systems as a means of troubleshooting and designing a more resilient system.
Pen testers often employ the same mindset, tools and skills as those hackers who work with malicious intent; however, ethical hackers operate with permission — and with the goal of strengthening the defense of the systems from attacks. Getting certified in pen testing is important in IT security to validate your vendor-neutral, hands-on skills and ability.
We are often asked, “How does CompTIA PenTest+ compare to EC-Council’s Certified Ethical Hacker (CEH) certification?” To help you choose which exam to take, here’s a brief overview of the two cybersecurity certifications plus five advantages of CompTIA PenTest+ over CEH.
Watch this video about CompTIA PenTest+ vs. CEH, or keep reading to learn more.
What Are CompTIA PenTest+ and CEH Certifications?
CompTIA PenTest+ and CEH are both intermediate-level cybersecurity certifications that assess pen testing skills. Both exams require offensive security knowledge and skills, but that’s where the similarities end.
How Difficult Are the Certification Exams?
Although we can’t speak to which exam is more difficult, both exams are considered to be at the intermediate-level and will require ample study time. They are designed for people who already have experience in the field. This experience may be gained in a dedicated cybersecurity role, but it also could be gained while securing networks and devices in a tech support, networking or systems administration role.
CompTIA PenTest+ is 165 minutes long and has a maximum of 85 questions, including a combination of multiple-choice questions, drag-and-drop activities and performance-based questions. The multiple-choice questions are both single- and multiple-response. Performance-based questions test your ability to solve problems in a simulated environment.
CEH is 240 minutes long and has 125 multiple-choice questions.
What Are the Differences in Eligibility Requirements in CompTIA PenTest+ vs. CEH?
CompTIA does not require any credentials or level of experience for its certifications, but it does provide recommendations to set candidates up for exam success.
For CompTIA PenTest+, CompTIA recommends having CompTIA Network+ and CompTIA Security+ or equivalent knowledge as well as a minimum of 3 to 4 years of hands-on information security or related experience. While there is no required prerequisite, CompTIA PenTest+ is intended to follow CompTIA Security+ and has a technical, hands-on focus.
CEH requires candidates who do not complete the official training program to provide proof of their two years of work experience in information security through an application process before registering for the exam — there is a $100 non-refundable application fee.
What is the Recertification Process for CompTIA PenTest+ vs. CEH?
Both CompTIA PenTest+ and CEH are valid for three years from the date the exam is passed. During that three-year period, certification holders must complete certain continuing education requirements in order to renew their certification and prevent it from expiring:
- CompTIA PenTest+ holders need to earn 60 continuing education units (CEUs) during the three-year period. Read more about CompTIA continuing education and the various ways you can renew your certification.
- CEH holders need to earn 120 credits for continuing education during the three-year period.
CompTIA PenTest+ is Now DoD Approved
CompTIA PenTest+ is now approved by the U.S. Department of Defense (DoD) 8570 for three cybersecurity job categories.
5 Advantages of CompTIA PenTest+ vs. CEH
It can be difficult to decide which certification to get. You’ve read some details about each exam, but let’s dive into what makes CompTIA PenTest+ stand out.
1. CompTIA PenTest+ Provides 3x More Employability
In addition to penetration testing, CompTIA PenTest+ covers the job role vulnerability assessment and management (as defined by the NICE Cybersecurity Workforce Framework used by the U.S. military). There are approximately 12 times more vulnerability assessment and management jobs in the United States than there are penetration testing jobs, according to Indeed.com.
The CEH exam assesses vulnerability tools, such as scanners, but not the job role itself. Compare the job roles for each exam and see for yourself.
CompTIA PenTest+ Job Roles
CEH Job Roles
Cloud penetration tester
Web app penetration tester
Network security operations
Cloud security specialist
Threat intelligence analyst
Network security specialist
If you need proof about the skills covered in CEH, compare the CompTIA PenTest+ exam objectives and the CEH exam blueprint (not the CEH course outline).
Why would you take an exam that limits your job potential?
2. CompTIA PenTest+ is a Performance Exam
To earn CompTIA PenTest+, candidates must pass one exam that covers both hands-on, performance-based simulations as well as multiple-choice questions. The Certified Ethical Hacker certification only includes multiple-choice questions.
While there is no required prerequisite, CompTIA PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical pen testing and vulnerability management, hands-on focus.
Why take an exam that only includes multiple-choice questions when employers also need to know you have the hands-on, performance-based skills found in CompTIA PenTest+?
3. CompTIA PenTest+ Has a Full Suite of Training Solutions
Both CompTIA PenTest+ and CEH have various self-paced, live and online training options. CEH training covers 20 modules with multiple attack technologies that are commonly used by hackers and offers 200+ labs.
CompTIA PenTest+ training solutions help you nail down everything you need to know for the certification exam. CompTIA official training solutions are designed to follow the exam objectives so that you know that what you’re studying is what you’ll see on the test — and what you need to know to do the job.
Using a multi-faceted approach, CompTIA training products meet the learning styles and preferences of all IT pros and presents material in the following training styles:
- eLearning: CompTIA CertMaster Learn offers 40+ hours of engaging content with 10 lessons, including interactive performance-based questions, 100 practice questions with immediate feedback and a 90-question final assessment that simulates the test experience. The platform includes narrative instruction, visual aids, videos, games, flashcards and more. A personalized dashboard and countdown calendar help you track your progress and keep you on pace for your scheduled exam.
- Hands-on Skills Practice: CompTIA Labs are browser-based virtual labs based on scenarios found in the workplace, including planning and scoping penetration tests, performing vulnerability scanning and pen testing and producing written reports containing proposed remediation techniques. The labs within each course are independent of each other and can be used in any order.
- Exam Prep and Practice Tests: CompTIA CertMaster Practice is an adaptive knowledge assessment tool that determines what you have already mastered and what you still need to learn to improve your confidence before taking the exam. The system tailors feedback to help you build knowledge in your weaker areas, keeping you engaged and focused throughout your study session.
- Books: The Official Study Guide for CompTIA PenTest+, offered in both print and digital form, help you learn and master the material covered by CompTIA PenTest+. It’s flexible so you can learn at your own pace and focus on exam success.
- Courses: If you prefer to learn with guidance from an instructor, CompTIA Authorized Training Providers offer instructor-led training, both online and in person.
Regardless of how you intend to apply IT certifications to your career, CompTIA’s training solutions can help you achieve your goals.
4. CompTIA PenTest+ Costs Much Less
CompTIA PenTest+ (PT0–002) costs USD $392 retail and includes both performance-based simulations and multiple-choice questions. CEH costs USD $1,199 retail (non-member) and does not include performance-based questions.
Don’t just take our word for it. Beta tester Molly Stewart calls CompTIA PenTest+ “The best deal for your money in skills versus voucher cost.”
Why pay USD $1,199 for a multiple-choice exam when you can also assess your performance at USD $392 with CompTIA PenTest+?
5. CompTIA PenTest+ Covers More Than Technical Skills
CompTIA PenTest+ matches employer needs by covering not just technical topics, but also professional skills, such as business processes, project flow, best practices and professionalism in penetration testing. The CEH exam does not.
We draw the content for the exams from a combination of industry-wide survey feedback and contributions from our team of volunteer subject matter experts. The result is a rigorous exam development process representing thousands of hours spent exceeding the knowledge standards the industry expects.
Cybersecurity Certifications to Meet Employer Demand
Employers need IT professionals who have penetration testing and vulnerability assessment and management skills. These in-demand IT job roles are expected to grow much faster than average over the next 10 years, according to the U.S. Bureau of Labor Statistics. Show employers you have the skills they need with CompTIA PenTest+.
Ready to start studying? Writing out your plan will set you up for success. Download our free training plan worksheet to help get organized and make your dream a reality.
Patrick Lane is a director of product management for CompTIA. He manages IT workforce skills certifications, including CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+),CompTIA PenTest+ and CompTIA Advanced Security Professional (CASP+).