The Short Answer
PenTest+ vs CEH is one of the most common questions among aspiring penetration testers, and the honest answer surprises people. PenTest+ is better for most candidates in 2026 because it costs less, includes hands-on performance-based questions, and has DoD 8570 / 8140 approval. CEH is better in specific scenarios where international recognition or compliance requirements specifically name CEH.
Neither is the strongest offensive security credential on the market (OSCP holds that position). Both are mid-tier intermediate credentials that serve as stepping stones into pentest careers. This guide compares CompTIA PenTest+ PT0-003 against EC-Council CEH v13 across cost, format, content, salary outcomes, and career fit so you can choose correctly.
PenTest+ vs CEH at a Glance
| Feature | CompTIA PenTest+ | EC-Council CEH v13 |
|---|---|---|
| Current version | PT0-003 | CEH v13 (312-50v13) |
| Number of questions | Maximum 85 | 125 |
| Duration | 165 minutes | 4 hours |
| Pass mark | 750 out of 900 | 70% |
| Exam fee | $404 USD | $1,199 (Pearson VUE) or ~$950 (ECC remote) |
| Performance-based questions | Yes (PBQs) | No (multiple-choice only) |
| Practical exam available | No (knowledge-only) | Yes (separate CEH Practical, additional cost) |
| Validity | 3 years | 3 years |
| DoD 8570 / 8140 approved | Yes (CSSP Analyst, Auditor) | Yes (multiple categories) |
| Vendor neutrality | Vendor-neutral | Vendor-neutral |
| Retake fee | $404 | ~$499 |
What PenTest+ PT0-003 Covers
PenTest+ tests the full pentest engagement lifecycle, with emphasis on planning, scoping, reporting, and tool-driven exploitation.
| Domain | Approximate Weight |
|---|---|
| 1. Planning and Scoping | ~14% |
| 2. Information Gathering and Vulnerability Identification | ~21% |
| 3. Attacks and Exploits | ~28% |
| 4. Reporting and Communication | ~18% |
| 5. Tools and Code Analysis | ~19% |
PenTest+ is unique in giving substantial weight (18%) to Reporting and Communication. This reflects the reality that professional pentesters spend significant time writing reports and communicating with clients.
What CEH v13 Covers
CEH v13 covers 20 modules aligned with EC-Council's ethical hacking methodology, mapped to the MITRE ATT&CK framework. The breadth of coverage is wider than PenTest+:
- Reconnaissance and footprinting
- Scanning networks
- Enumeration
- Vulnerability analysis
- System hacking
- Malware threats
- Sniffing
- Social engineering
- Denial of service
- Session hijacking
- Web server, web application, and SQL injection attacks
- Wireless network hacking
- Mobile platform hacking
- IoT and OT hacking
- Cloud computing security
- Cryptography
- AI-driven attack and defence (new in v13)
CEH v13 added AI-driven attack and defence content, expanded cloud security coverage, and updated the practical lab environment compared with previous versions.
Cost: Where PenTest+ Wins Decisively
This is the largest practical difference between the two.
| Item | PenTest+ | CEH v13 |
|---|---|---|
| Exam voucher | $404 | $1,199 (Pearson VUE) or $950 (ECC remote) |
| EC-Council training (often required for CEH) | N/A | $850-$2,895 (iLearn / iWeek) |
| Retake fee | $404 | $499 |
| Study materials | $40-$300 | $100-$300 |
| Hands-on labs | $42-$120 (TryHackMe, HTB) | iLabs included with EC-Council training |
| Typical total budget | $500-$1,100 | $1,500-$4,000+ |
CEH is significantly more expensive, particularly because EC-Council often requires either accredited training or 2 years of documented information security experience to sit the exam without training.
Cost Tip: If you go the CEH route without EC-Council training, you must submit an eligibility application and pay a $100 non-refundable application fee. Most candidates take the training to avoid this process.
Format: Hands-On vs Knowledge-Based
PenTest+ Includes PBQs
PenTest+ includes performance-based questions (PBQs) that test applied skills in simulated environments. Candidates see 3-5 PBQs covering tool use, command chaining, log analysis, and scenario interpretation. The PBQs make PenTest+ a partly hands-on exam without requiring a full practical lab session.
CEH Is Multiple-Choice Only
The standard CEH v13 exam is 125 multiple-choice questions over 4 hours. There is no practical component. EC-Council offers a separate CEH Practical exam (6 hours, hands-on) as a follow-on, but it requires an additional voucher and is not included in the standard CEH credential.
This is a real difference in what each credential validates. PenTest+ tests applied skill alongside knowledge. Standard CEH tests knowledge alone unless you pay extra for the Practical.
Salary Comparison
| Source / Role | PenTest+ | CEH v13 |
|---|---|---|
| Junior pentester | $60,000-$85,000 | $65,000-$90,000 |
| Mid-level pentester | $85,000-$115,000 | $90,000-$130,000 |
| Senior pentester / red team | $130,000-$180,000 | $130,000-$180,000 |
| Pentester median (PayScale) | ~$103,000 | ~$100,000-$140,000 |
| Security consultant | $90,000-$160,000 | $100,000-$160,000 |
CEH holders often report slightly higher average salaries, but the gap is small and inconsistent across sources. The salary uplift in either case comes from the role and experience, not the certification alone.
For a deeper look at PenTest+ specifically, see our is CompTIA PenTest+ worth it guide.
Employer Recognition: Mixed Picture
Both certifications are widely recognised, but in different ways.
PenTest+ Recognition
- DoD 8570 / 8140 approved for several roles (CSSP Analyst, Auditor)
- Growing recognition in US enterprise and federal hiring
- Vendor-neutral, hands-on credential signal
- Often paired with Security+ and CySA+ in CompTIA-friendly job postings
CEH Recognition
- DoD 8570 / 8140 approved (CSSP Auditor and others)
- Globally recognised, particularly in EMEA and APAC markets
- Required or preferred in many government and consulting roles
- Listed in thousands of job postings worldwide
CEH has stronger international recognition outside the US. PenTest+ has slightly stronger recognition in US enterprise pentest hiring. Within US federal contracting, both are accepted.
Career Tip: Scan job postings in your target market and role before deciding. If you see CEH listed three times as often as PenTest+ in your local pentest postings, that is your answer.
Difficulty: How They Compare
Both certifications are intermediate difficulty. The challenge profiles are different.
PenTest+ Difficulty
- 165 minutes for 85 questions (mix of MCQ + PBQs)
- PBQs require hands-on tool familiarity
- Scenario-based questions test "BEST answer" judgement
- Typical study time: 120-160 hours over 8-10 weeks
CEH Difficulty
- 4 hours for 125 multiple-choice questions
- No PBQs (knowledge-only, easier in format)
- Tests broad recognition of tools and techniques
- Typical study time: 100-140 hours over 6-8 weeks
CEH is generally considered slightly easier in raw exam difficulty because it lacks PBQs. PenTest+ is more demanding because the PBQs require you to do, not just recognise. For candidates with hands-on lab experience, PenTest+ feels fairer; for candidates strong on memorisation, CEH feels easier.
Five Scenarios: Which to Choose
Scenario 1: US-Based Candidate With Limited Budget
PenTest+. Lower cost ($500-$1,100 total vs $1,500-$4,000+ for CEH), includes hands-on PBQ exposure, and meets US federal compliance requirements.
Scenario 2: International Candidate Targeting Global Consulting
CEH. EC-Council CEH has stronger international recognition, particularly in EMEA, APAC, and Middle Eastern markets. Many international consulting roles name CEH specifically.
Scenario 3: SOC Analyst Pivoting to Offensive Work
PenTest+. The natural CompTIA progression from Security+ and CySA+ into offensive work. Lower cost than CEH and tests applied skill via PBQs.
Scenario 4: Targeting OSCP Eventually
Either as a stepping stone; skip both if time is short. OSCP carries far more weight than either PenTest+ or CEH for senior technical pentest roles. Some candidates take PenTest+ for the budget reason, others go straight to OSCP. CEH is the least useful stepping stone toward OSCP because of its multiple-choice-only format.
Scenario 5: Federal Contractor Compliance Requirement
Check the role's specific 8570/8140 mapping. Both PenTest+ and CEH cover some compliance roles, but the mappings differ. Look up the exact role category in DoD 8140 before committing.
The OSCP Question: Why It Matters
Neither PenTest+ nor CEH is the most respected pentest credential. That title belongs to OSCP (Offensive Security Certified Professional), a 24-hour practical exam that requires you to compromise live machines in a lab environment.
| Feature | PenTest+ | CEH | OSCP |
|---|---|---|---|
| Cost | $404 | $1,199+ | $1,499 (with labs) |
| Format | MCQ + PBQ | MCQ only | 24-hour practical exam |
| Difficulty | Moderate | Moderate | Very Hard |
| Hands-on intensity | Moderate | Low | Very High |
| Senior pentest hiring weight | Moderate | Moderate | Very High |
| Time investment | 120-160 hours | 100-140 hours | 200-400+ hours |
For senior pentest roles ($130,000+), most candidates eventually hold OSCP. PenTest+ or CEH typically serve as a stepping stone or compliance credential, not the end goal.
What Each Cert Will Not Do
PenTest+ Will Not...
- Replace OSCP for senior pentest hiring
- Validate full red team operator skill
- Carry the same international weight as CEH
CEH Will Not...
- Test your applied hands-on skill (without the separate Practical exam)
- Provide CompTIA-stack synergies (it does not renew Security+ or CySA+)
- Be the cheapest path into pentest certification
The Combined Path
Some candidates hold both PenTest+ and CEH. The combination is most useful for:
- International consultants who need both US and global recognition
- US federal contractors moving into international engagements
- Resume optimisation when targeting roles that list either
The combined investment is significant ($1,800-$5,000+). For most candidates, a single intermediate credential plus eventual OSCP is the better path.
The Honest Verdict
For most candidates in 2026, PenTest+ is the better choice because:
- Lower total cost ($500-$1,100 vs $1,500-$4,000+)
- Hands-on PBQs validate applied skill
- DoD 8570 / 8140 approved for US federal work
- CompTIA stack synergies with Security+ and CySA+
CEH wins in specific scenarios:
- International markets where CEH is named explicitly
- Job postings that require CEH (some government and consulting roles)
- Candidates who prefer knowledge-based exams over hands-on assessment
For aspiring pentesters serious about technical depth, neither is the end of the journey. OSCP remains the gold standard for senior pentest roles, and both PenTest+ and CEH are best understood as stepping stones rather than career destinations.
Ready to Start Practising?
PenTest+ in particular rewards candidates who practise applying tools and techniques in scenario-based questions, not just memorising tool names. The PBQs require hands-on familiarity that only comes from realistic practice.
CertCrush offers PenTest+ PT0-003 practice exams built to match the format, domain weighting, and PBQ style of the real exam. Every question includes a detailed explanation covering the tool choice and the reasoning behind it.
Create your free account and start your pentest certification journey today.