Hello everyone.   
I'm currently doing my bachelor's in computer engineering, and I still have one and a half years to go, but the end is nearing. I've always wanted a career in infosec, and I've been wondering on what my next step should be after undergrad.
Going through the regular campus placement process in the fourth year would put me in as a software engineer. I want to start in the security field though.

I've been reading on and around these forums, how infosec is really fast-paced, dynamic, challenging. I used to be a lazy bum not anymore, and it would amount to working in a field I like. Anyway, here are some questions I'd like to ask -:

1. I've heard about masters in Information Assurance in some universities in the US. Should I be going directly for that after my undergrad? Capitol College seems enticing, considering the NSA-driven program they have. There are other universities too. Some of them require that the candidate have 2 years of prior experience. Please suggest some good unis if I should be going down this path - and I can handle my studies more than well. Also please advise me on whether I should work for a few years first or go for MS first.

2. Certs. I'm thinking of doing CEH after a good practical MS in the US...but CEH requires that I have 2 years of experience in the field. So that means I should look for a job after MS? There are various domains to infosec, or so I've heard. I want to be in the technical part, but learning about the management part wouldn't hurt either. Ethical hacking and pentesting seem interesting - it would be helpful if someone suggested certs on those lines. I would like to be in on the coding part too - I'm trying to learn some scripting languages such as Python and Ruby.
I'm planning to do CCNA on my own this summer - I don't have access to Cisco equipment, so the packet tracer software will have to do. I desperately want to upgrade myself on the real-world working of networks. I have bought the book by Todd Lammle and will delve into it starting Monday.

Well..nothing else seems to be coming to mind right now. I'll update this post as and when more queries come to mind. Any help is much appreciated!

Hello there cd1zz!
I'm in India...I'm thinking of doing my masters in the US.
Ethical hacking and pentesting interest me the most. What would you suggest based on that?

While education and certs help you learn and help "check boxes" for HR, you should really try to get into the field as soon as possible. The hardest part about getting into pen testing, is getting into pen testing. If you can afford to get in as entry level/associate level, you should do so. You may come to find that no one wants to hire you, so you'll have to figure out a way to prove to a prospective company that #1 you love this stuff, #2 you have the drive and #3 you have a hunger to learn.

My advice, keep getting as much education as you can but also try to get into the field asap.

When I say "get into the field" I mean try to get into a company that does some sort of infosec. Ideal situation would be to get  into one that does more than one thing...hopefully including pen testing so you could maybe get over to that part of the company.