It's surprisingly easy to get certified. I managed to pass the difficult-by-reputation CISSP exam without any deep knowledge of or really interest in information security. I just took the five-day crash course my company paid for and bob's your uncle, I passed the CISSP.
Of course, I never actually got certified because I left the role immediately afterward and never bothered following up. Moreover, I didn't really meet the requirements, which included having some tenure as a security professional. But I'm sure I could have finagled it if I had any interest in working security (I absolutely did not).
Are there any certifications that require you to solve a CTF or otherwise demonstrate understanding of the field? (Just spitballing, but maybe an oral-defence of strategy against a board of defcon panelists? Etc)
Braindump-able IT certs benefit no-one, and expecting people to have MSc degrees in infosec is elitist and very impractical.
Offensive Security certs (e.g. OSCP) are similar to what you're describing. The PNPT is similar too but also emulates a real-world engagement on top of just needing to root boxes.
Of course, I never actually got certified because I left the role immediately afterward and never bothered following up. Moreover, I didn't really meet the requirements, which included having some tenure as a security professional. But I'm sure I could have finagled it if I had any interest in working security (I absolutely did not).