CertPath
IntermediateEC-CouncilCEH v13

CEH in Nairobi

Kenya · Africa

Avg salary uplift: +$15,000/yrExam: $1199 USDRenews every 3 years
Find courses →

What is CEH?

The Certified Ethical Hacker (CEH v13) is an EC-Council credential that validates your ability to think and operate like a malicious hacker — legally and systematically. Covering 20 domains including network scanning, malware threats, social engineering, and cloud security, it's one of the most recognized offensive security certifications globally. In Nairobi, where fintech firms, NGOs, telecoms, and government agencies are rapidly expanding their digital infrastructure, demand for certified ethical hackers is accelerating. Employers across Kenya's tech hub increasingly list CEH as a preferred or required qualification for security analyst, penetration tester, and SOC roles, making it a strategically smart credential for mid-career IT professionals in the region.

Exam details

Exam cost
$1199 USD
Duration
240 min
Passing score
70
Renewal
Every 3 yrs

Prerequisites: 2 years IT security experience or EC-Council official training

Is CEH worth it in Nairobi?

With the average IT salary in Nairobi sitting around $18,000 per year, a CEH certification that delivers a $15,000 annual salary uplift represents an extraordinary return on investment. At a one-time exam cost of $1,199, you could recover that spend within the first month of a post-certification role. Nairobi's cybersecurity sector is outpacing general IT hiring, driven by the growth of M-Pesa ecosystems, cloud adoption, and increasing regulatory pressure around data protection under Kenya's Data Protection Act. CEH holders are positioned to command senior-level compensation in a market where certified offensive security talent remains scarce, giving early movers a significant and lasting competitive advantage.

12-week study plan

Weeks 1–4

Foundations and Core Attack Concepts

  • Study CEH v13 modules 1–7: ethical hacking intro, footprinting, scanning, enumeration, vulnerability analysis, and system hacking
  • Set up a home lab using VirtualBox with Kali Linux and vulnerable VMs like Metasploitable2 to practice hands-on techniques
  • Complete 50–60 practice questions per week focused on reconnaissance and scanning methodologies

Weeks 5–8

Exploitation, Malware, and Network Attacks

  • Cover modules 8–14: malware threats, sniffing, social engineering, denial-of-service, session hijacking, and IDS/firewall evasion
  • Practice packet analysis using Wireshark and simulate sniffing attacks in your lab environment to reinforce conceptual understanding
  • Take two full-length timed practice exams and review every incorrect answer using the EC-Council courseware as a reference

Weeks 9–12

Advanced Domains, Review, and Exam Readiness

  • Study modules 15–20: web application hacking, SQL injection, wireless attacks, mobile security, IoT threats, and cloud hacking
  • Focus revision on CEH v13's updated AI-driven attack scenarios and cloud security content, which carry significant exam weight
  • Run three full mock exams under strict 4-hour conditions, targeting a consistent score above 75% before booking your exam date

Recommended courses

coursera

CEH Professional Certificate

Professional certificates & degrees

View on Coursera

pluralsight

CEH Learning Path

Tech skills platform — monthly subscription

View on Pluralsight

udemy

CEH Complete Course

by Top-rated instructor

4.7
(12,400)

One-time purchase, lifetime access

View on Udemy

Exam tips

  • 1.CEH v13 tests tool recognition heavily — know what Nmap, Metasploit, Nikto, Burp Suite, and Wireshark are used for and in which phases of the ethical hacking cycle they appear
  • 2.EC-Council expects you to select the 'most ethical' or 'most methodical' answer — when two options seem correct, always pick the one that follows formal hacking phase sequence or requires explicit written permission
  • 3.The exam includes scenario-based questions tied to the new AI-assisted attack content in v13; don't skip the cloud hacking and IoT modules assuming they're low-weight
  • 4.Memorize the five phases of ethical hacking — reconnaissance, scanning, gaining access, maintaining access, clearing tracks — as the exam repeatedly maps tools and techniques to these phases
  • 5.Practice with CEH-specific question banks rather than generic Security+ or OSCP-style material; EC-Council's question style is definition-heavy and tool-specific, not purely conceptual

Frequently asked questions

Other certifications in Nairobi

CompTIA Security+CompTIA Network+CompTIA CySA+CISSPCISMCompTIA PenTest+