Which cert should I go for CEH vs Security+/Pentest+

Anshuman_42

So I'm a third-year college student going into my final year, pursuing my B-Tech in India. I've been interested in security for the past couple of years and have done a few courses on edX and Udemy related cybersecurity and ethical hacking in general. 
I was planning on doing my CEH, by this year end but then noticed that a lot of people said it wasn't worth it. I'm getting the official training + test fees for ~$450 after a discount. 
Do you think it is still not worth it and what alternative do you suggest. (I know OSCP is really good, but I plan on giving that after I get a job.
Also, is going a CCNA still worth it?

EANx

That depends on how desirable each cert is in the region you hope to work. Different parts of the world value different certs.

LonerVamp

The CEH may be worth it, or not. It all depends on if jobs you want to get require it or will give you preference for having it. It's expensive for what it is, and the quality of the material is highly criticized...but, things still recognize it as a leader.

Me personally, I think Security+ should be everyone's entry level baseline to learn the jargon, the topics, and use it to show interest in security. The only exception would be starting in on something higher up like a 4-year security-specialized degree, perhaps. Courses and interests are one thing, but a Security+ cert tells me you're serious about some level of commitment.

And then move upwards from there. I would expect something like the Pentest+ to be harder than the CEH, but far easier than something truly hands on like PWK/OSCP. I may or may not pursue that one myself someday, but today is not that day.

For that CCNA, it depends what path you want to do and what you want to do with your career and jobs. I think everyone in security could benefit from the CCENT, and anyone looking to work in networking can move on from there. For pure security persons, that may be enough, or even not necessary. I'll admit, if you don't expect to have any hands on Cisco equipment, configs, anything Cisco may not be worth it. There is also the CCNA Cyber Ops, which is useful if you expect to work in or adjacent to a SOC. For most other purposes, it's a little spendy, and also had no further path as defined by Cisco yet. Heck, you can't even use that to get into CCNA Security; you still basically have to loop back down to CCENT/CCNA R&S. The main benefit of the CCNA Cyber Ops is its accessibility and it is not Cisco-centric (though it does plug a few of its newer Cisco technologies like StealthWatch).

MrNetTek

@Anshuman_42


I'd go for Security+ (foundational), CEH v10 (hands-on), and the CCNA Security (industry) certification---in that order. That will give you a well-rounded view on security. There are PLENTY of other security-related certs, but that should get you started. 

-MrNetTek at your service-

           

10Linefigure

I wouldn't say there is any particular order you need to go in. 

Don't worry so much about what people say on x or y. If something interest you, learn it, master the topics and be able to actually perform hands on. As you build your skill set you will naturally start feeling the topics that interest you, and the topics / chapters you don't like. 

Build a valuable, and unique skill set that brings value to yourself and your next organization. 


>> Also I probably wouldn't study CCNA Sec with the purpose of getting that particular certification, being that it may disappear early next year. So you may just want to study knowledge domains from that certifications objectives. 

Infosec_Sam

I'm actually sitting in an Infosec Flex boot camp for the Sec+ next week, so I'd advocate for that cert before jumping straight into the CEH or Pentest+ or something along those lines. My certification path looks something like Sec+, CCNA, CySA+, Pentest+, CASP+, with CEH and/or SSCP thrown in there somewhere maybe. Since I don't have a ton of experience, the CCSP/CISSP don't really make sense for me to grab right now. 

All this being said, @EANx is right: What looks good for me in the Midwest USA might not be what works for you over in India.