If you are trying to break into cybersecurity, the first big decision you will face is which certification to pursue. Two names come up constantly: CompTIA Security+ and Certified Ethical Hacker (CEH). They are often mentioned in the same breath, but they serve very different purposes. Choosing the wrong one first can cost you months of study time and thousands of rand.
This guide breaks down what each certification covers, who it is for, and which one you should take first.
What Is CompTIA Security+?
Security+ is a vendor-neutral entry-level certification that covers the broad foundations of cybersecurity. It is designed for someone who wants to prove they understand the basics well enough to work in a security role. The current exam is SY0-701, and it covers five domains: general security concepts, threats and vulnerabilities, security architecture, security operations, and security program management.
Security+ is the certification most frequently listed as a requirement for entry-level security jobs. The US Department of Defense requires it for certain roles under Directive 8570. It is also the most common certification held by career changers entering the field.
For study materials, the CompTIA Security+ SY0-701 Study Guide covers every domain in detail, and the CompTIA Security+ Lab Workbook provides the hands-on practice you need for the performance-based questions.
What Is CEH?
Certified Ethical Hacker (CEH) is an intermediate-level certification focused specifically on offensive security — penetration testing, ethical hacking methodologies, and the tools and techniques used to find vulnerabilities. It is administered by EC-Council and requires a different approach to study.
CEH goes deep into the five phases of ethical hacking: reconnaissance, scanning and enumeration, gaining access, maintaining access, and covering tracks. It covers tools like Nmap, Metasploit, Wireshark, and Burp Suite in detail. The exam is known for being tricky — it tests not just what a tool does, but which specific flag to use in a given scenario.
For a direct comparison of the two certifications at the penetration testing level, the book CompTIA PenTest+ vs CEH: Which Certification Is Right for You? covers the trade-offs in detail.
Key Differences at a Glance
- Level: Security+ is entry-level. CEH is intermediate — EC-Council recommends 2 years of security experience before attempting it.
- Scope: Security+ covers the full breadth of cybersecurity. CEH focuses narrowly on offensive techniques and ethical hacking.
- Cost: Security+ exam voucher costs around $400. CEH costs $1,200 plus mandatory training if you cannot prove sufficient experience.
- Recognition: Security+ is recognised globally as a baseline cert. CEH is well known in penetration testing circles but less relevant for non-offensive roles.
- Renewal: Both require continuing education credits every three years.
Which One Should You Take First?
The answer depends on your goal.
Take Security+ first if: you are new to cybersecurity, you want to work in a security operations centre (SOC), governance, risk and compliance, or any non-penetration-testing role, or you need a certification to get past HR filters for entry-level jobs. Security+ is the foundation everything else builds on. Most security professionals take it first, and for good reason.
Take CEH first if: you already have several years of IT experience, you are certain you want to work in penetration testing, and you have the budget for the exam and training. Even then, many hiring managers I have spoken to prefer PenTest+ over CEH because it is more practical and less theory-heavy.
For most people, the right order is Security+ first, then PenTest+ or CEH depending on your specialisation. Trying to jump straight to CEH without the foundation is like trying to run before you can walk — the exam will be significantly harder, and you will miss the broader context that makes the offensive techniques make sense.
Job Prospects After Each Certification
With Security+, you qualify for roles like SOC analyst (tier 1), security administrator, junior compliance analyst, and help desk security specialist. These are the entry points where you build real-world experience. The average salary for a Security+ holder in South Africa ranges from R300,000 to R500,000 depending on location and experience.
With CEH, you qualify for penetration tester, red team member, and vulnerability assessment roles. These are more specialised and typically pay more — R500,000 to R800,000 in the South African market — but they also require more experience and are harder to land without a track record. CEH holders also tend to work in consulting and boutique security firms rather than large corporate SOCs.
For a full reading list of beginner-friendly cybersecurity books, see our guide to the best cybersecurity books for beginners in 2026. And for detailed study guides and practice materials for Security+, check out our CompTIA Security+ study guides roundup.
Browse the full cybersecurity catalogue at Reader’s Shack. For career advisory and mentorship, visit Greg Hay.
Find Your Next Great Read
Browse our full catalogue of cybersecurity, business, and faith books. Instant EPUB and PDF downloads, DRM-free, readable on any device.
Browse All Books →