On July 31, 2018, CompTIA launched its newest IT certification, CompTIA PenTest+. This intermediate-level cybersecurity certification is designed for IT professionals who identify, exploit, report and manage vulnerabilities on a network.
We are often asked, “How does CompTIA PenTest+ compare to EC-Council’s Certified Ethical Hacker (CEH) certification?” Both exams assess penetration testing skills, but the similarities stop there. To help you choose which exam to take, we’ve identified four advantages of PenTest+ over CEH. Spoiler alert: CompTIA PenTest+ provides three times more employability than CEH.
1. One Exam vs. Two to Cover Similar Skills
To earn CompTIA PenTest+, candidates must pass one exam that covers both hands-on, performance-based assessments and multiple-choice knowledge-based questions.
On the other hand, to assess similar skills through EC-Council, candidates must pass two exams: the CEH multiple-choice knowledge-based exam and the CEH Practical hands-on exam.
Why take two CEH exams when you can prove your knowledge and hands-on skills with only one CompTIA PenTest+ exam?
2. CompTIA PenTest+ Costs Much Less
CompTIA PenTest+ costs USD $346 retail and, as noted above, includes both performance-based simulations and multiple-choice questions.
Because EC-Council uses two exams to cover the same material, there are also two fees. The multiple-choice CEH exam costs USD $1,199 retail (non-member, effective August 15, 2018) and the CEH Practical requires a non-refundable USD $100 application fee for a total of USD $1,299.
Why pay USD $1,299 for CEH if you can assess the same skills for USD $346 with CompTIA PenTest+?
3. CompTIA PenTest+ Covers Soft Skills
CompTIA PenTest+ matches employer needs by covering not just technical topics, but also soft skills, such as business processes, project flow, best practices and professionalism in penetration testing. The CEH exams do not.
4. CompTIA PenTest+ Provides 3x More Employability
In addition to penetration testing, CompTIA PenTest+ covers the job role vulnerability assessment and management (as defined by the NICE Framework used by the U.S. military). There are approximately three times more vulnerability assessment and management jobs in the United States than there are penetration testing jobs, according to Indeed.com.
The CEH exam assesses vulnerability tools, such as scanners, but not the job role itself. Compare the job roles for each exam and see for yourself.
CompTIA PenTest+ Job Roles
CEH Job Roles
Network Security Operations
Security Analyst (II)
Vulnerability Assessment Analyst
Application Security Vulnerability Analyst
Network Security Specialist
If you need proof about the skills covered in CEH, compare the CompTIA PenTest+ exam objectives and the CEH exam blueprint (not the CEH course outline). Why would you take an exam that limits your job potential?
Cybersecurity Certifications to Meet Employer Demand
Employers need IT professionals who have penetration testing and vulnerability assessment and management skills. These in-demand IT job roles are expected to grow faster than average over the next 10 years, according to the U.S. Bureau of Labor Statistics. Show employers you have the skills they need with CompTIA PenTest+.
CompTIA PenTest+ is now available! Download the exam objectives and practice questions to start preparing, and watch for official CompTIA learning products, soon! To learn more about CompTIA PenTest+, join us for a FREE webinar on August 21. Learn more and register today!
Patrick Lane, M.Ed., is a director of product management for CompTIA. He manages IT workforce skills certifications, including CompTIA Cybersecurity Analyst (CySA+), CompTIA Advanced Security Professional (CASP) and the upcoming CompTIA PenTest+ certification. He assisted the U.S. National Cybersecurity Alliance (NCSA) and the Director of Cybersecurity Policy at the National Security Agency (NSA) to create the “Lock Down Your Login” campaign to promote multi-factor authentication nationwide. He has implemented a wide variety of IT projects, including an intranet and help desk for 11,000 end users.
Patrick is an Armed Forces Communications and Electronics Association (AFCEA) lifetime member, most recently assisting the Defense Information Security Agency (DISA) with scalable SIEM techniques from the private sector, and has authored and co-authored multiple books, including Hack Proofing Linux: A Guide to Open Source Security (Syngress/Elsevier). Patrick holds CompTIA Network+, CompTIA Security+, (ISC)2 CISSP, Microsoft MCSE and CIW Internetworking Professional and Server Administrator.
Jen Blackwell also contributed to this article. She is a senior products marketing manager at CompTIA and oversees the certifications along the CompTIA Cybersecurity Career Pathway.