Security+ and Certified Ethical Hacker Content Overlap

[Mark Anthony Germanos]

Hi gang. I told an authorized training partner I can train Security+. They scheduled me to deliver Certified Ethical Hacker for a full week this upcoming November. They have not specified the curriculum yet. What content overlap can I expect with Security+ material in CEH?

 

[VICTOR CHIDI OKPURUKA]

There is definitely significant content overlap between CompTIA Security+ and EC-Council's Certified Ethical Hacker (CEH), but it’s important to approach this situation carefully, especially when delivering training tied to a specific certification.

Before proceeding, I recommend conducting a needs assessment to clarify the training partner’s goals and understand why they want CEH training delivered. This will help align your content and delivery with their expectations.

Key Considerations:​

1. Work Requirements & Certification Objectives​

If the primary goal is certification preparation, it's essential to stick closely to the official CEH curriculum and exam objectives. While Security+ and CEH cover similar foundational topics—like network security, threats, and risk management—CEH dives deeper into hacking techniques, penetration testing tools, and methodologies. Mixing the two curricula can confuse learners and may hinder their success on the CEH exam.

2. Skill Development & Hands-On Labs​

If the focus is more on practical skill-building rather than certification, there’s more flexibility. In this case, you can blend elements of Security+, CEH, PenTest+, or even Cisco CyberOps. I personally use this approach by providing students with pre-recorded materials and instructional content, then dedicating class time to labs and real-world scenarios. This works especially well in corporate or technical bootcamp settings.

3. Risk Reduction & Incident Response Training​

When training is aimed at improving organizational security posture, such as for incident response preparedness, the content should be tailored to the specific roles, industries, and environments of the participants. This type of customized training may incorporate elements from various certifications, but with a strong focus on practical relevance.


In short, the curriculum should align with the intended outcome of the training. Certification-focused sessions require strict adherence to official objectives, while hands-on or tailored programs allow more room for blending and adaptation. A clear understanding of the client’s needs will guide the best approach.


hope this helps you

 

[precious]

Fortunately, there is some overlap as both discuss malware, network attacks, and security controls. But CEH turns it up a notch: Security+ teaches you how to lock your doors; CEH teaches you how to pick the locks (all in good fun!).

Kali comes back stronger than ever as well-more tools, more ‘here’s how the bad guys think’ content. Don’t worry about it too much - just make sure to warm up those Metasploit muscles early!"

 

[Mark Anthony Germanos]

Thank you Precious. I am not sure the client’s proposal was chosen. I just know I am part of an 8-figure proposal. More news to follow.

 

[Michael Schmitz]

Hi gang. I told an authorized training partner I can train Security+. They scheduled me to deliver Certified Ethical Hacker for a full week this upcoming November. They have not specified the curriculum yet. What content overlap can I expect with Security+ material in CEH?

You mean CompTIA

Ethical Hacker Pro or the EC Council Ethical Hacker.​

For the EC you have to be an authorized Instructor for the Course and pass the Exam first. Otherwise you will not be allowed to train an official Course (and students can`t take the Exam). CEH is much more content then Sec+.
First Sec+, then CEH if you asked me.
But if you do not have attended the CEH, it still is a lot of content..

Let me know if you have more questions. I teach them both often.
Michael