GPEN Practice Test Score

[airzero]

So I bought a GPEN practice test to gauge how difficult I felt the exam would be. I ended up scoring a 67% which I understand isn't passing, but for having not taken the course I felt pretty good about it. I did reference some cheat sheet material for some specific commands, but the majority of the test I did based of my actual pen testing knowledge.

So my question is whether it would be worth the money to challenge the exam or not? Of course I would study a lot more on the exam objectives before even considering attempting the exam but I felt really comfortable with the bulk of the material. I guess I'm worried about whether the cert will have enough ROI to justify the price of the challenge.

If anyone has advice I love to hear more experienced opinions.

[al88]

While that's a good score considering you went in without books nor studied in the first place.. I'd say the RoI shows more toward OSCP (considering you already have OSWP, so might as well complete the set

SANS is really more about the experience of taking the course, that's where the true value is. Challenging the exam is worthy if you aiming for a specific job that only THAT cert will fulfill OR if you trying to fulfill the requirements for GSE. Besides those two reasons, I honestly don't see a real RoI for just challenging the exam without taking the full experience of taking the course.

[TechGromit]

So you missed by only 7% with no studying or reference materials. I'd go for it, see what areas the test says your weak on and get material to will fill in your knowledge gaps. If you get other books, there really no reason you couldn't index those. Even alphabetic cheat sheet covering a board range of topics would be valuable.

[UnixGuy]

Agree than OSCP has a much better ROI, so do the OSCP and eCPPT if you can.

your GPEN score is impressive, so I'd be tempted to just study the objectives hard and take the exam...SANS certs look impressive on the CV that's for sure!

[quogue66]

I think OSCP is probably a better option. The skills you'll learn are much stronger than GPEN. The cost is also a lot less. If you're determined to go after GPEN I can tell you that I scored 79 on the exam after scoring in the 90s on both practice exam.

[JoJoCal19]

Wait, you can purchase just practice tests by themselves? I never knew that. I'm looking to challenge a couple of the GIAC certs and I would love to take a practice exam to gauge if I should even buy the attempt.

[URG_PSH_FIN]

JoJoCal19: https://www.sans.org/registration/re...ferenceid=2532

[E Double U]

@ airzero - skip GPEN and knock out OSCP.

[airzero]

I just haven't had the time to finish up OSCP due to work, and I won't have the time or internet access for next few months to committ to it due to work. My job will pay to challenge GCIH so if i knock out that and then pay for GPEN would it be worth it to help get me into a security role? I will eventually get OSCP, my hands are just tied at the moment due to work.

[TechGromit]

I just haven't had the time to finish up OSCP due to work, and I won't have the time or internet access for next few months to commit to it due to work. My job will pay to challenge GCIH so if i knock out that and then pay for GPEN would it be worth it to help get me into a security role? I will eventually get OSCP, my hands are just tied at the moment due to work.

The obvious question here is if you don't have time for the OSCP now, why do you think you'll have the time for the GCIH or GPEN later? So a work project is taking over your life? While I can understand working a few extra hours to complete a project, you should never allow an employer to work you 60+ hours for weeks / months on end. Because it's never one project, my bet is management is already lining up your next project with unrealistic deadlines once this project is over. If your working more than 50 hours for more than 2 or 3 weeks, I'd put your foot down and tell your employer they need to either adjust there schedule, hire more help or look for someone to replace you, cause your not putting up with being worked to death, which they will happily do if you let them.

I just look up your linked-in profile, since your in the Military, apparently they can work you to death, good luck, but I would never put up with too many hours in a civilian job.

[airzero]

Where I'm going to be working for the next few months has a testing center so I could take the GPEN and GCIH exams, but with the work scheduling and unreliable Internet access it would be difficult to practice for and attempt OSCP while there. That's the main reason I'm considering challenging them.

[xxxkaliboyxxx]

He's deploying

[airzero]

Tried to not outright say it but yeah I'm deploying.

[xxxkaliboyxxx]

Tried to not outright say it but yeah I'm deploying.

Just don't write specifics and your opsec is good to go.