+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 32
  1. Junior Member
    Join Date
    Feb 2018
    Posts
    17

    Certifications
    CCNP , CCNA , CCNA CYBEROPS
    #1

    Default Pentest+ study plan and materials

    So any of you guys have any plans or materials to prepare for pentest+ i heard you need to review codes and exploits also
    Please share
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Jul 2015
    Posts
    535
    #2
    Study plan: Conduct extensive penetration tests
    Materials: Computers
    Reply With Quote Quote  

  4. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    808

    Certifications
    SSCP, Security+, eJPT +4
    #3
    Download the objectives and use that as your plan. If it's in the objectives, it's likely going to be on the test.
    Reply With Quote Quote  

  5. Junior Member
    Join Date
    Feb 2018
    Posts
    17

    Certifications
    CCNP , CCNA , CCNA CYBEROPS
    #4
    anyone recommend the video course that kind of covers the objectives.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jul 2015
    Posts
    535
    #5
    A video course won't get you a pass. Either get yourself hands-on experience with pen testing tools, or you're wasting your time and money taking this test. Plain and simple.
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Feb 2018
    Posts
    17

    Certifications
    CCNP , CCNA , CCNA CYBEROPS
    #6
    how about books like hackers playbook 2 and web application hackers handbook will it be enough?
    Reply With Quote Quote  

  8. Passion For IT
    Join Date
    Mar 2008
    Posts
    667

    Certifications
    MCTS, MCITP, MCP, A+, Server+, Security+, Project+, CCENT, CCNA-Sec, CEH, CHFI
    #7
    Quote Originally Posted by EnderWiggin View Post
    A video course won't get you a pass. Either get yourself hands-on experience with pen testing tools, or you're wasting your time and money taking this test. Plain and simple.
    I figured as the PenTest+ is multiple choice, that it'd focus more on theory and procedure and less of the hands on (which is where the eJPT/OSCP would come into play). It seemed like it would be out of place and more equate to the CEH style of exam, which I didn't care for (again - theory and procedure and less of the hands on).

    The more I hear about the exam, the less sure I am of where it fits in the certification realm. Better than CEH, but not the practical stuff like eJPT/OSCP?
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Jul 2015
    Posts
    535
    #8
    Quote Originally Posted by wannabeanOSCP View Post
    how about books like hackers playbook 2 and web application hackers handbook will it be enough?
    A book won't get you a pass. Either get yourself hands-on experience with pen testing tools, or you're wasting your time and money taking this test. Plain and simple.

    Quote Originally Posted by PC509 View Post
    I figured as the PenTest+ is multiple choice, that it'd focus more on theory and procedure and less of the hands on (which is where the eJPT/OSCP would come into play). It seemed like it would be out of place and more equate to the CEH style of exam, which I didn't care for (again - theory and procedure and less of the hands on).

    The more I hear about the exam, the less sure I am of where it fits in the certification realm. Better than CEH, but not the practical stuff like eJPT/OSCP?
    While this exam is multiple choice, you need to have practical experience to be able to answer the questions.
    Reply With Quote Quote  

  10. Member
    Join Date
    Oct 2017
    Posts
    63

    Certifications
    SSCP, CySA+, Pen+, CISSP, OSCP
    #9
    To prepare I'm reading The Hacker Playbook 2 and also doing vulnhub machines. I'll use that as preparation for OSCP as well.
    Reply With Quote Quote  

  11. Member
    Join Date
    May 2015
    Posts
    95
    #10
    Thanks for this thread - I've signed up for the Beta exam. This is a much cheaper way (although a little more risky) to get the Comptia Certs for sure
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Feb 2018
    Posts
    17

    Certifications
    CCNP , CCNA , CCNA CYBEROPS
    #11
    Quote Originally Posted by meni0n View Post
    To prepare I'm reading The Hacker Playbook 2 and also doing vulnhub machines. I'll use that as preparation for OSCP as well.
    I will be doing this as well i have 2 month still exam is on april 23
    Reply With Quote Quote  

  13. Junior Member
    Join Date
    Feb 2018
    Posts
    17

    Certifications
    CCNP , CCNA , CCNA CYBEROPS
    #12
    Quote Originally Posted by JollyFrogs View Post
    Thanks for this thread - I've signed up for the Beta exam. This is a much cheaper way (although a little more risky) to get the Comptia Certs for sure

    I'm a big fan of yours .When are you taking exam?
    Reply With Quote Quote  

  14. Junior Member
    Join Date
    Feb 2018
    Posts
    17

    Certifications
    CCNP , CCNA , CCNA CYBEROPS
    #13
    Quote Originally Posted by EnderWiggin View Post
    A book won't get you a pass. Either get yourself hands-on experience with pen testing tools, or you're wasting your time and money taking this test. Plain and simple.


    While this exam is multiple choice, you need to have practical experience to be able to answer the questions.

    Understood mate.I know it will be hard or impossible to pass but i want to give it a good fight
    Reply With Quote Quote  

  15. New Doc1500's Avatar
    Join Date
    Jul 2011
    Location
    South Austin
    Posts
    3

    Certifications
    Sec+ Net+ ITILv3 CEH VCP5.5
    #14
    I also signed up for the Beta exam in 2 weeks for $50 probably not ready for it been busy with work but really curious to see what its about. Also I would love to quit paying my annual fee for my CEH and I think this one could be a good sub or better until I could get the OCSP. Dollar wise at $50 buck the beta has really good value for cost compared to the CEH or some of the other expensive ones.


    Hack the box HTB and Vuln Hub walk through are probably the best bet starting out taking stuff learned from books to actual labs. https://forum.hackthebox.eu/discussi...for-a-beginner
    Last edited by Doc1500; 02-26-2018 at 03:23 AM.
    Reply With Quote Quote  

  16. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,424

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+, CySA+, Cloud+, CASP & IT Fundamentals+; MCSA: Windows 7, ITIL F/CSI/OSA, CCNA: Cyber Ops
    #15
    I am following this thread. I signed up for the exam and then cancelled once I started reading that it was way more than a simple CEH-style theory exam. I've decided that I'll wait until the next version of the exam comes into beta and take that one. By then (three years or so from now), I should have theory and tools usage knowledge to help me pass this one.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  17. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    814

    Certifications
    PenTest+, CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #16
    1) Prior experience.
    I've got about 3 years of infosec exp. and some of that was vulnerability assessments, vulnerability management, and penetration testing.

    2) The PenTest+ Exam Objectives.
    This is THE most important resource.

    3) GPEN course books.
    Borrowed a copy of the 2016 version and will read through once, probably at a pace of 30 pages per day.

    4) Prior programming experience.
    I know Python and bash, though I haven't touched Ruby or PowerShell in years.


    At that point whatever is left on the exam objectives I haven't used or heard of, I'll read up on it, watch Youtube vids on it, and lab with it.

    No CEH materials for me.
    Last edited by yoba222; 02-26-2018 at 06:09 AM.
    2018: CCNA Cyber Ops cohort 7
    2019: OSCP | CISSP
    Reply With Quote Quote  

  18. Member
    Join Date
    May 2015
    Posts
    95
    #17
    Quote Originally Posted by wannabeanOSCP View Post
    I'm a big fan of yours .When are you taking exam?
    Hey, Scheduled for the 19th of March currently
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Feb 2017
    Location
    Washington
    Posts
    125

    Certifications
    OSCP, OSWP, GPEN, CEHv9, eJPT, A+, Security+, Linux+, CySA+, PenTest+, LPIC-1, CCENT, Linux Essentials
    #18
    Quote Originally Posted by JollyFrogs View Post
    Hey, Scheduled for the 19th of March currently
    Holy smokes, @JollyFrogs lives!
    Reply With Quote Quote  

  20. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,668

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #19
    Start with eJPT and move from there
    Goal: MBA, March 2020
    Reply With Quote Quote  

  21. Junior Member
    Join Date
    Aug 2015
    Location
    USA
    Posts
    22

    Certifications
    CISSP, GCED, GCIA, GCIH, GCUX, GCWN, GPEN, ISO2700, CCNA-SecOps, Sec+, Net+, A+, Linux+, Pentest+, MCITP
    #20
    After taking the exam this week, I would feel more confident in pen testing skills and knowledge, knowing that I passed this exam compared to C|EH. When I passed the C|EH in 2013, I was disappointed in what EC-Council felt someone needed to know to be considered a hacker from the questions they asked. Anyway, this was definitely an exam based on knowing processes, procedures, documentation, tools, reporting, information gathering, vulnerability analysis, etc. Like any exam environment, knowing acronyms and terms will only get you so far. Then again, it could give you those extra few points to make it over the mark. After studying the exam objectives for a few weeks, I felt better about what I was getting into. One thing to mention, the test details listed in the Exam Objectives PDF v3.0 do not match the Test Details on CompTIA's website. They did a good job of giving you enough time for the exam and review. If you're weak in one of the domains listed (I do not do any programming), ensure you are strong in the other four. This should help get you over the cut off score when the Beta is over. I plan on re-taking the exam this summer if I find out I didn't make the initial cut.
    Reply With Quote Quote  

  22. Junior Member Registered Member
    Join Date
    Nov 2013
    Location
    Tarija
    Posts
    5

    Certifications
    MCP. MCSA+S. MCSE+S. MCTS. MCSITP: Enterprise Admin. MCSA Server 2008, 2012. Windows 8. MCSE: Private Cloud. MCT. ITIL. ISFS. CEH.
    #21
    Quote Originally Posted by PC509 View Post
    I figured as the PenTest+ is multiple choice, that it'd focus more on theory and procedure and less of the hands on (which is where the eJPT/OSCP would come into play). It seemed like it would be out of place and more equate to the CEH style of exam, which I didn't care for (again - theory and procedure and less of the hands on).

    The more I hear about the exam, the less sure I am of where it fits in the certification realm. Better than CEH, but not the practical stuff like eJPT/OSCP?
    Sorry, but I don't share your opinion on comparing eJPT with OSCP, I know that e-learnsec are hands'on based, but, they are too far from the Offensive Security Courses and Certifications level. I see your point, hands-on vs multiple choices, but, ECSA also is hands-on, but the level compared with OSCP (or OSCE, and so for) is poor.
    Anyway, there are a lot of Pentesting / "Hacking" certifications now, specially because when Microsoft or Cisco promotes their Certifications, the situtation is clear, you must know to admin and configure those technologies, but with pentesting the thing is different, there are Offsec, EC Council, E-Learnsec, SANS, Comptia+, EXIN, and many others; so, which cert you must take?. The best answer for that now, on 23/03/2018 is sharing this Job Position Req:
    "MWR Info Security - London
    OSCP & OSCE won’t hurt your chances, CEH might. We have openings for all grades (Junior to Senior) of consultant in our London, Manchester and Basingstoke... "Right now, you can see this Job on: https://www.indeed.co.uk/Ceh-jobs-in-London
    Offsec guys were real Hackers in the past and in the present: better known as Milw0rm: https://en.wikipedia.org/wiki/Milw0rm
    Only hackers can teach you hacking!
    Best regards.
    Reply With Quote Quote  

  23. Member
    Join Date
    May 2015
    Posts
    95
    #22
    So I did the Pentest+ exam last Friday. It wasn't too difficult but the questions can be tricky... one of the questions I only had right because it asked for a single answer (radio buttons) but two were obviously correct so I was confused (If only one was "correct" I would have clicked it and never looked back). Then I re-read the question and found that those were actually both wrong and there was another, much less obvious answer that was correct after I dismissed it originally. So yes, I suggest to read the questions well. My biggest tip is to simply study the acronyms in the exam objectives (imo just looking up what they mean in wikipedia will be sufficient to answer the questions relating to those acronyms). There were a few tricky questions that I agree one wouldn't know without either being a pentester or having completed the OSCP but they were far and few between and even then you still have a chance to get them right since it's multiple choice. Most questions are straightforward and some required a crystal ball (aka - the answer CompTIA believes is best). The downside of the beta is that the comments count as part of the exam time, but I still commented on quite a few of the questions, whether they were bad questions, ambiguous or good questions. I'm not too worried about passing or failing but if I had to guess I'd say I might score around 80-85%. I'll know in 6 months

    Good luck to whoever is going for this one - it's only 50 bucks and it's entirely doable, especially if you already completed OSCP or did some vulnhubs.
    Reply With Quote Quote  

  24. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    814

    Certifications
    PenTest+, CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #23
    Quote Originally Posted by JollyFrogs View Post
    . . . My biggest tip is to simply study the acronyms in the exam objectives (imo just looking up what they mean in wikipedia will be sufficient to answer the questions relating to those acronyms). . .
    I didn't even think about this. Thanks!
    2018: CCNA Cyber Ops cohort 7
    2019: OSCP | CISSP
    Reply With Quote Quote  

  25. Member
    Join Date
    May 2015
    Posts
    95
    #24
    False alarm - I got an email from Comptia saying I passed, I thought it was the Pentest+ exam from a few weeks ago. But it turns out it was an email for an exam I passed in August 2016 (CySA+)
    Last edited by JollyFrogs; 04-20-2018 at 01:18 AM.
    Reply With Quote Quote  

  26. Senior Member shochan's Avatar
    Join Date
    Sep 2016
    Location
    AR
    Posts
    651

    Certifications
    A+, Network+, i-Net+, Novell CNA 5.0, MCP 70-210, Server+, Security+, Cloud+
    #25
    wow, they are kicking out results much faster than I have ever seen...coolio
    2018 goals -> PenTest+ Beta (failed), Linux+ Beta (Oct), CEH (Dec)
    2019 goals -> Linux+ 103 (Jan), Linux+ 104 (Mar)
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks