The CEH (Certified Ethical Hacker) from EC-Council is one of the most recognized cybersecurity certifications for penetration testers and ethical hackers. Unlike vendor-neutral certifications where you can self-study entirely, the CEH has a training requirement built into its eligibility: unless you have two years of paid information security work experience, you must complete official EC-Council training before sitting the exam. This training requirement is a significant factor in the total cost of getting CEH certified.
The cost structure for CEH training has multiple layers. The training program itself (the course content) is sold separately from or bundled with the exam voucher depending on the purchase path. EC-Council's own training channels โ iLearn (self-paced online) and iClass (instructor-led online with a live instructor) โ are the official options. The exam is administered through Pearson VUE or ECC EXAM centers, and the exam voucher costs approximately $950โ$1,199 depending on your country and whether it's purchased through EC-Council or through an authorized training provider.
For candidates who already have the work experience to waive the training requirement, the math looks different. An experienced security professional who qualifies via the experience pathway can purchase just the exam voucher and prepare using study materials โ effectively cutting the total certification cost nearly in half. The experience application requires submitting an EC-Council application, having a sponsor (employer or manager), and paying an application fee. This option is worth evaluating before purchasing a training package if you have relevant professional experience.
This article breaks down all the CEH training cost options โ official EC-Council paths, authorized training partner options, and how to evaluate which path makes financial and practical sense based on your experience level, learning style, and budget.
One important clarification before discussing costs: EC-Council revises CEH pricing periodically, and prices listed on their website reflect current promotional rates that change throughout the year. The figures in this article represent the typical range as of recent years, but you should always verify current pricing directly through EC-Council's website or an authorized training center at the time of purchase. Black Friday promotions and end-of-year pricing events have historically offered meaningful discounts on iLearn bundles, making the timing of your purchase genuinely relevant to the final cost.
The geographic pricing variable is also worth noting. EC-Council uses regional pricing for some markets, meaning the same iLearn package may cost less in certain countries than in the United States or Western Europe. Candidates in India, Southeast Asia, and parts of Latin America sometimes benefit from significantly lower official pricing. If you're purchasing training in a country with regional pricing, compare the local price against the international rate before purchasing through a global channel.
EC-Council's training packages can be confusing because the bundling of exam vouchers with training varies by promotion period and purchase channel. When evaluating a training package, verify explicitly whether the exam voucher is included โ some listed prices are for training materials only, and the exam voucher is an additional $950โ$1,199 purchase. Buying training without an included voucher and then purchasing the voucher separately often costs more than a bundle deal.
The iLearn self-paced package typically includes: 6 months of access to video lectures organized across all 20 CEH domains, access to EC-Council's iLabs (virtual hands-on lab environment), the official CEH courseware, and a bundled exam voucher. The lab access is a significant part of the value โ the CEH exam tests practical knowledge of hacking tools and techniques, and hands-on lab work is substantially more effective preparation than watching videos alone.
The iClass instructor-led option adds a live instructor who presents the curriculum over a compressed schedule (typically 5 consecutive days or spread across several weeks). The intensive schedule suits candidates who learn better with external structure and who can dedicate full days to training. The live format also allows direct questions, which self-paced learners must address through forums or independent research. For candidates who struggle with self-paced learning or who want the structure of a formal course, iClass is worth the premium over iLearn.
A practical consideration for many candidates is whether the employer will pay for CEH training. Many cybersecurity employers โ especially those who need employees with security certifications for compliance purposes โ will cover or contribute to CEH training costs. If your employer has an education reimbursement program, submitting CEH training for reimbursement before purchasing is worth the time. Some employers have preferred vendor relationships with EC-Council authorized training centers that provide additional discounts.
The timing of your CEH investment relative to job searches also matters. Many hiring managers for security analyst, penetration tester, and IT compliance roles consider CEH a differentiating credential that opens initial interview opportunities โ but the certification's value is amplified significantly when you have relevant technical work experience to accompany it.
Pursuing CEH as a complete career-changer into cybersecurity is a higher-risk investment than pursuing it as a supplement to existing InfoSec experience. Those in the former situation may find that CompTIA Security+ and Network+ at lower cost provide better early-career market positioning, with CEH pursued after gaining initial professional experience that might also qualify for the experience pathway.
The CEH sits in the middle tier of cybersecurity certification cost. CISSP training and certification typically costs $1,500โ$3,000 total depending on training path. CompTIA Security+ has lower barriers โ around $300โ$500 for study materials and a $370 exam voucher, with no mandatory training requirement. OSCP (Offensive Security Certified Professional) is the most practical-skills-focused alternative to CEH, with costs around $1,499 for 90 days of lab access plus the exam attempt.
CEH is more broadly recognized and more commonly required by HR departments and government contractors (particularly in the US DoD context, where CEH is approved under DoD 8570). If your goal is a government contractor or enterprise security role, CEH has clear demand. If your goal is red team or penetration testing at advanced levels, OSCP has stronger signal in those communities.
CompTIA CySA+ (Cybersecurity Analyst) and PenTest+ are alternatives that follow CompTIA's more accessible pricing and don't require official training purchases. These certifications are less expensive than CEH but are generally considered less prestigious in the market for senior security roles. They serve as stepping stones rather than destinations for most serious security practitioners.
Budget-conscious candidates sometimes ask whether free resources can replace paid CEH training. The answer is nuanced: the official training content (the 20 CEH domains, the specific hacking techniques and tools covered) can be studied through free resources โ YouTube channels, free practice labs, security research blogs. But without completing official EC-Council training or qualifying via the experience pathway, you cannot register for the CEH exam regardless of how well-prepared you are. The training requirement is a gatekeeping mechanism, not just a pedagogical one. Free resources are excellent supplements but cannot bypass the eligibility requirement.
One area where free resources provide genuine value is post-training exam preparation. After completing official EC-Council training, many candidates use free and low-cost practice test banks to build exam readiness before scheduling the exam. The CEH exam tests knowledge across 20 domains โ some of which receive more attention in training than others. Practice tests reveal uneven domain preparation before you commit the exam voucher to a test session. Given that the exam voucher costs $950โ$1,199, spending an extra $30โ$50 on practice tests to verify readiness is a rational investment.
The lab component of official training deserves specific mention because it's often the most valuable part of the official training investment that candidates underuse. EC-Council's iLabs environment provides virtualized access to hacking scenarios that many candidates skip in favor of watching more video content. This is a strategic mistake: the CEH exam tests practical tool knowledge, not just theoretical understanding. Candidates who invest time in the labs โ running Nmap scans, executing social engineering scenarios, testing SQL injection in safe environments โ consistently report better performance on the practical tool questions that distinguish strong scores from borderline passes.
Best for: Self-disciplined learners with flexible schedules; working professionals who need to study around job commitments; those on tighter budgets who want the most affordable official path.
Structure: Work through 20 CEH domains at your own pace, 6 months of access, video lectures and labs available 24/7.
Challenge: Requires self-discipline to complete. No live instructor to ask questions. Some candidates find the self-paced format leads to slower progress without external accountability.
Cost: ~$850โ$950, typically bundled with exam voucher.
Best for: Candidates who learn better in structured environments with live instruction; those who can dedicate full days to intensive training; professionals whose employers fund the training.
Structure: 5-day intensive schedule with a live instructor presenting all 20 CEH domains. Group learning with other candidates. Direct Q&A with instructor.
Advantage: Faster completion timeline โ can complete training in one week rather than months of self-paced study. Accountability and direct instruction benefit many learners.
Cost: $1,500โ$3,500 depending on provider. Usually includes exam voucher.
Regardless of which training path you choose, the return on the CEH training investment is maximized by completing the lab exercises thoroughly. The CEH exam is not purely conceptual โ it tests knowledge of specific hacking tools (Nmap, Metasploit, Wireshark, SQLmap, and many others), their use cases, and how they're applied in ethical hacking engagements. Candidates who watch the video lectures but skip the hands-on labs often struggle with the more practical tool-knowledge questions on the exam.
After completing the official training, supplement with practice tests to assess your readiness before scheduling the exam. The CEH practice test questions available here cover all 20 CEH domains and help identify knowledge gaps before you risk the $950+ exam voucher on a premature attempt. Most candidates who fail the CEH exam on the first attempt do so in two or three specific domain areas โ identifying those domains through practice testing before the real exam allows targeted review rather than a full repeat of the training.
The CEH exam has 125 questions (multiple choice) with a 4-hour time limit. Passing score is approximately 70%. Questions draw from all 20 CEH domains, with higher weighting on hacking methodology, system hacking, and network scanning topics. The CEH exam structure rewards broad domain coverage โ candidates who over-study one or two domains at the expense of others often find themselves below the passing threshold due to weak performance across multiple lower-priority domains.
Candidates who complete CEH and plan to pursue further certifications should consider the long-term credential stack. CEH pairs well with CompTIA Network+ or Security+ as foundation certifications, and with advanced credentials like CISSP, CISM, or OSCP as the career progresses. Holding CEH alongside Security+ satisfies the DoD 8570 IAT Level II requirement that many government contractor positions require โ a specific combination with clear market value in the federal cybersecurity sector.
For candidates in organizations that require CEH for compliance or contract purposes, the calculation often shifts from 'is this worth it?' to 'what's the most efficient path to getting certified?' In this context, the employer-funded iClass path is often the default โ the employer pays, the schedule is set, and the goal is simply to complete the certification as efficiently as possible. Candidates in this situation benefit most from treating the 5-day training as an intensive full-engagement experience rather than attending while multitasking with work email. The concentrated format works best with concentrated attention.
Finally, if you've attempted the CEH exam and need to retake, EC-Council's exam retake policy charges a reduced voucher fee for subsequent attempts. The first retake within 14 days is not permitted; after 14 days, a retake voucher is available at a lower price than the original exam fee.
Knowing this policy before your first attempt is useful โ it reduces the financial stakes of a near-miss on the first attempt and makes it rational to schedule the exam when you're close to ready rather than waiting for absolute certainty. Understanding the full cost structure before you purchase โ training, exam, potential retake, and annual maintenance โ gives you a realistic budget and helps you select the training path that offers the best value for your specific situation and career goals.