CompTIA PenTest+ vs. CEH: 4 Advantages of CompTIA's Certification

by Patrick Lane | Aug 08, 2018

CompTIA PenTest+ LogoOn July 31, 2018, CompTIA launched its newest IT certification, CompTIA PenTest+. This intermediate-level cybersecurity certification is designed for IT professionals who identify, exploit, report and manage vulnerabilities on a network.

We are often asked, “How does CompTIA PenTest+ compare to EC-Council’s Certified Ethical Hacker (CEH) certification?” Both exams assess penetration testing skills, but the similarities stop there. To help you choose which exam to take, we’ve identified four advantages of CompTIA PenTest+ over CEH.

1. CompTIA PenTest+ Provides 3x More Employability

In addition to penetration testing, CompTIA PenTest+ covers the job role vulnerability assessment and management (as defined by the NICE Cybersecurity Workforce Framework used by the U.S. military). There are approximately three times more vulnerability assessment and management jobs in the United States than there are penetration testing jobs, according to Indeed.com.

The CEH exam assesses vulnerability tools, such as scanners, but not the job role itself. Compare the job roles for each exam and see for yourself.

CompTIA PenTest+ Job Roles

CEH Job Roles

Penetration Tester

Security Consultant

Auditor

Network Security Operations

Vulnerability Tester

Security Analyst (II)

Vulnerability Assessment Analyst

Application Security Vulnerability Analyst

 

Penetration Tester

Security Consultant

Auditor

Network Security Specialist

Ethical Hacker

Site Administrator

 

 

If you need proof about the skills covered in CEH, compare the CompTIA PenTest+ exam objectives and the CEH exam blueprint (not the CEH course outline).  Why would you take an exam that limits your job potential?

2. CompTIA PenTest+ Is a Performance Exam

To earn CompTIA PenTest+, candidates must pass one exam that covers both hands-on, performance-based simulations as well as multiple-choice questions. CEH only includes multiple-choice questions. Why take an exam that only includes multiple-choice questions when employers also need to know you have the hands-on, performance-based skills found in CompTIA PenTest+?

Fast track your career. Click here to subscribe today and save 10 percent on CompTIA products.

3. CompTIA PenTest+ Costs Much Less

CompTIA PenTest+ costs USD $346 retail and includes both performance-based simulations and multiple-choice questions. CEH costs USD $1,199 retail (non-member) and does not include performance-based questions.

Don't just take our word for it. Beta tester Molly Stewart calls CompTIA PenTest+ "The best deal for your money in skills versus voucher cost." Why pay USD $1,199 for ​a multiple-choice exam when you can also assess your performance at USD $346 with CompTIA PenTest+?

4. CompTIA PenTest+ Covers More Than Technical Skills

CompTIA PenTest+ matches employer needs by covering not just technical topics, but also soft skills, such as business processes, project flow, best practices and professionalism in penetration testing. The CEH exam does not.

​Cybersecurity Certifications to Meet Employer Demand

Employers need IT professionals who have penetration testing and vulnerability assessment and management skills. These in-demand IT job roles are expected to grow faster than average over the next 10 years, according to the U.S. Bureau of Labor Statistics. Show employers you have the skills they need with CompTIA PenTest+.

CompTIA PenTest+ is now available! Download the exam objectives and practice questions to start preparing, and watch for official CompTIA learning products, soon!

--

Patrick Lane is a director of product management for CompTIA. He manages IT workforce skills certifications, including CompTIA Cybersecurity Analyst (CySA+), CompTIA PenTest+ and CompTIA Advanced Security Professional (CASP).

Jen Blackwell also contributed to this article. She is a senior products marketing manager at CompTIA and oversees the certifications along the CompTIA Cybersecurity Career Pathway.

23 Comments

  • Kevin

    Friday, August 17, 2018

    Great comparison of the two. However, would Pentest+ gain the HR traction as CEH ? Cysa+ although an excellent certification, doesn't have the popularity as CEH, I am not sure if it is EC Council just market the course more than Comptia does, but certainly Cysa+ and PenTest+ are superior in my opinion. That being said also, would PenTest + gain DoD recognition ?

  • Paul

    Tuesday, August 21, 2018

    Ok.

  • D

    Friday, August 24, 2018

    I think currently CEH is relevant only for HR filtering (which, arguably, can be important), but in InfoSec community, CEH is considered an overpriced joke of an exam. Its contents are badly written and outdated and it is only a matter of time until PenTest+ overtakes it for entry and intermediate level security positions. BTW, this is coming from someone who passed CEHv8 and recently PenTest+ (beta). :) CEH is now even more expensive than OSCP - a waaay more difficult and respected certification, which just shows that, in my opinion, EC-Council really seems to lost it. PenTest+ makes perfect sense and it is a great exam and certification!

  • Friday, August 24, 2018

    Hi, Kevin! Thanks for your question. We are in the process of applying for DoD 8570, so stay tuned for updates in early 2019.

  • paul

    Friday, August 24, 2018

    For someone to become a PENTESTER or Ethical Hacker what basic computing skills do I need? Or what should I learn first before pursuing Pen Test or Ethical Hacker courses? Regard, Paul

  • Friday, August 24, 2018

    Hi, Paul! Thanks for your question. Having a solid foundation of IT skills related to networking and security is a great place to start - these are covered by CompTIA A+, Network+ and Security+. Check out this article to understand how penetration testing fits into the cybersecurity career pathway: https://certification.comptia.org/it-career-news/post/view/2018/01/31/playing-both-sides-of-cybersecurity-introducing-comptia-pentest

  • Mike Wells

    Wednesday, October 3, 2018

    Any idea when this will be accepted into the DoD 8570 Baseline Certs?

  • Wednesday, October 3, 2018

    Hi, Mike! Thanks for your question. CompTIA PenTest+ was recently ISO/ANSI approved and is in the DoD 8570 approval process. We expect to receive approval in early 2019.

  • Chris

    Thursday, October 4, 2018

    I took the beta and the excam was great. I was reviewing the rough cuts of the training materials yesterday and you guys are missing one kep component of training pentesters, hands on training. You can not ewxpect peopl to read a book and suddenly know how to perform a pentest. You guys need ot include hand-on lab exercises in the book if you really want people to start valuing the training material. As an OSCP holder, this is what sets it apart from every other run of the mill pentest cert. Add in hands-on learning and then this cert will really take off.

  • Tuesday, October 9, 2018

    Hi, Chris! Thanks for your comment. You'll be happy to know that we have some exciting products releasing shortly that provide more hands-on experiences. CertMaster Learn for PenTest+, which is a comprehensive eLearning tool, is set for release in mid-November. It provides about 40 to 50 hours’ worth of content, including videos and performance-based questions. Additionally, CertMaster Labs for PenTest+, which provides a real server environment where you can practice penetration testing, vulnerability assessment and management skills, will be available by the end of the year.

  • Mark

    Tuesday, October 16, 2018

    I currently hold A+,Net+ and Sec+. I'm studying for Cysa+ and Pen+ now and I was wondering if the Cysa+,Pen+ and Sec+ help prepare for the CASP?

  • Tuesday, October 16, 2018

    Hi, Mark! Thanks for your comment. The certifications along the CompTIA Cybersecurity Career Pathway all build upon each other, so yes, getting Security+, CySA+ and PenTest+ will help you as you work toward CASP. Good luck!

  • Alex Paz Soldan

    Monday, October 29, 2018

    I have to say i don't agree, while the Pentest+ is definitely a good exam (i also took the beta test exam) CEHv10 is far more hands-on this is also reflected in the price. There is no need to degrade the CEH certification to make the Pentest+ look better, they are both good certifications! Of course the best security certifications are from offensive security.

  • Tuesday, October 30, 2018

    Hi, Alex! Thanks for your comment. It is important to you look at the CEH BluePrint v2.0, which includes the exam objectives, and not the CEH v10 training objectives. EC-Council sells training as well as certifications, and their training includes hands-on activities, just like most others. But, their certification exam is multiple-choice only. We hope this clears up any confusion.

  • Aaron

    Thursday, February 7, 2019

    Any update on DOD 8570 approval?

  • Thursday, February 7, 2019

    Hi, Aaron! Thanks for your question. PenTest+ is currently with DoD for approval, so it's just a matter of time. We expect to hear this spring, but we don't know yet how much the government shutdown has pushed that timeline back. Stay tuned!

  • Robert

    Thursday, April 4, 2019

    There are over 2000 global cyber security vendors. They all have similar cyber security training models. The one's that seem to stand out more are the one's who have been affiliated in some degree with DoD, enterprise companies, baccalaureate programs and other educational institutions. Savvy Marketing is major component of exposure and popularity. Lastly there are some very specific reasons that cyber security vendors are rated in degrees of importance or viability. An internet search would offer some comparisons, etc...

  • Addie

    Monday, April 29, 2019

    Any update on DoD 8570 approval?

  • Tuesday, April 30, 2019

    Hi, Addie! Thanks for your question. We expect to hear this summer.

  • Quin

    Friday, May 31, 2019

    Hello, I am thinking of going into Cybersecurity training between cysa+ or pentest+. I have IT background but no programming experience or background. Which will fit for me?

  • Monday, June 3, 2019

    Hi, Quin! Thanks for your question. CompTIA Cybersecurity Analyst (CySA+) and CompTIA PenTest+ are complementary certifications. CySA+ covers defensive skills - protecting the network to prevent attacks - whereas CompTIA PenTest+ covers offensive skills - identifying vulnerabilities that need to be secured. You can read more about these two certifications in the article linked here or download the exam objectives to determine which one is right for you. Spoiler alert: you may want to get both to be a well-rounded cybersecurity professional! Good luck! https://certification.comptia.org/it-career-news/post/view/2018/09/28/cybersecurity-red-team-or-blue-team

  • John

    Sunday, June 16, 2019

    Hello, First I want to say Pentest+ is an amazing certification thank you! I took it right after CySA+ and it really helps shift the perspective to an attackers mindset. I was wondering about the status of DoD 8570 approval? No one at work seems to have heard anything from the top so I figured I ask if there is an update.

  • Monday, June 17, 2019

    Hi, John! Thanks for your question. The government shutdown earlier this year set everything back, and we are still waiting for confirmation about DoD approval. We expect to hear this summer. Stay tuned!

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story