|
Judge Schnoopy posted:From what I gather the CEH "exam" is a lab environment that you break into. You must get the highest level admin prompt on the target machine by 'breaking through' multiple layers of a network, utilizing exploits at every step to move forward. I think if I remember correctly it's like an 8 hour exam. That's either completely wrong or just backward. OSCP is a lab exam where you have a network that must be penetrated and report d on. It's a 24hr exam with 24additional hours to complete the report. CEH is just a generic multiple choice exam. If you want to actually learn hands in exploit development and penetration testing skills OSCP is absolutely the only choice. I'd only recommend CEH if you have a specific requirement for it, especially if you do government contracting/work.
|
#
?
Mar 4, 2016 21:27
|
|
|
|
| # ? Jun 9, 2024 19:08 |
|
|
OSCP is pretty intense. Regardless, the PWK course is worth taking if you're involved in security in any way.
|
|
#
?
Mar 4, 2016 21:50
|
|
|
Doug posted:That's either completely wrong or just backward. OSCP is a lab exam where you have a network that must be penetrated and report d on. It's a 24hr exam with 24additional hours to complete the report. CEH is just a generic multiple choice exam. Ah, OK, I definitely had those backwards. I looked at both of them at the same time trying to map out my cert track and must have horribly confused myself.
|
|
#
?
Mar 4, 2016 21:59
|
|
|
^thats what I thought too from everything I have read but wanted to verify. How are you liking OSCP so far? Did you have any hands on with vuln analysis before starting? I'm going to start saving up for the 90 day lab/PWK materials. Thinking about getting a CBT nuggets sub for the time I'm studying for it too.
|
|
#
?
Mar 4, 2016 23:13
|
|
|
crunk dork posted:^thats what I thought too from everything I have read but wanted to verify. How are you liking OSCP so far? Did you have any hands on with vuln analysis before starting? I'm going to start saving up for the 90 day lab/PWK materials. Thinking about getting a CBT nuggets sub for the time I'm studying for it too. I had experience with security assessments, forensics, analysis, and signature creation beforehand, but the PWK course goes even as far as having you perform remote code execution via buffer overflows and overwriting register memory addresses and beyond. Best part is that it's real poo poo, not some phony java lab. That being said, you don't really need anything going into it other than general familiarity with Linux, a basic understanding of scripting/programming, and generalized knowledge of networking and operating systems. I don't know if I'm going to go for the actual certification right now, though, because I've got a lot on my plate between studying for 4 other certifications and participating in a master's program. I would say that unless you already have a lot of experience with penetration testing or straight up hacking, you should prepare to spend 1-2 hours a night in the lab if you want to get to the level you need to pass the exam.
|
|
#
?
Mar 5, 2016 00:32
|
|
|
crunk dork posted:^thats what I thought too from everything I have read but wanted to verify. How are you liking OSCP so far? Did you have any hands on with vuln analysis before starting? I'm going to start saving up for the 90 day lab/PWK materials. Thinking about getting a CBT nuggets sub for the time I'm studying for it too. I had tried (and failed) a lot of buffer overflow tutorials on the internet and done a little bit of CTF stuff at cons but I was far from any kind of red team pro. I'm finding the labs fairly challenging but not impossible. Through some pretty hard work I've made good progress on my first 30 days of lab time. I'd definitely recommend the full 90 days of lab time if this is your if you're anything less than an intermediate skill level with red teaming things. For the most part though, they do a good job of doing intros on a lot of the topics, but be prepared for a decent amount of independent research as well. I'll be trying for the cert since it's an included part of the cost, but I've got to say at this point I don't have terribly high hopes.
|
|
#
?
Mar 5, 2016 00:50
|
|
|
That's badass guys. That's exactly what I am looking for. Did either of you use vulnhub to find stuff to practice on? I'm about done with WGU and have been preparing to start a kind of pre-training for the PWK course immediately after I'm done with the degree. Figured learning about some basic exploits and just getting a feel for metasploit (mainly the meterpreter from what I've read) would be good prior to paying for the course.
|
|
#
?
Mar 5, 2016 02:15
|
|
|
SaltLick posted:Passed 410 woo. Skin of my teeth 768/1000 but hey every point after passing is time wasted studying I just finished the 412. It was the hardest I've ever studied for an exam, and I have a university degree. I failed the 410 before Christmas, then hammered the 410, 411 and 412 off in the span of a month. The key thing to remember is that the 410 is a fairly broad exam. As you progress to the 411 and 412, the topics get narrower, but the detail gets wider. It's a tough exam, but remember that many have passed before you and many will pass after you, so why not you too?
|
|
#
?
Mar 5, 2016 03:05
|
|
|
crunk dork posted:That's badass guys. That's exactly what I am looking for. Did either of you use vulnhub to find stuff to practice on? I'm about done with WGU and have been preparing to start a kind of pre-training for the PWK course immediately after I'm done with the degree. Figured learning about some basic exploits and just getting a feel for metasploit (mainly the meterpreter from what I've read) would be good prior to paying for the course. That's a solid idea. Metasploit is a good idea but unfortunately won't get you too far in PWK as the use is pretty limited and almost non existent in the exam. Tell you what: if you're interested I've got a "barebones" license for eLearnSecurity's pen test student class. For $200 you can upgrade to a full license and get a simulated network similar to PWK and it would be an excellent jumping off point. If you want it, send me a PM and I'll get you the credentials.
|
|
#
?
Mar 5, 2016 05:11
|
|
|
Passed my 210-260 CCNA Security finally. 860 required and I got an 890. Lab is still broken. Just glad to have it behind me
|
|
#
?
Mar 7, 2016 21:07
|
|
|
Nice work!
|
|
#
?
Mar 7, 2016 21:16
|
|
|
Vadun posted:Passed my 210-260 CCNA Security finally. 860 required and I got an 890. 
|
|
#
?
Mar 8, 2016 01:53
|
|
|
Congrats! Glad to hear folks are getting ahead of the broken sim 
|
|
#
?
Mar 8, 2016 05:00
|
|
|
HPL posted:I just finished the 412. It was the hardest I've ever studied for an exam, and I have a university degree. I failed the 410 before Christmas, then hammered the 410, 411 and 412 off in the span of a month. The key thing to remember is that the 410 is a fairly broad exam. As you progress to the 411 and 412, the topics get narrower, but the detail gets wider. It's a tough exam, but remember that many have passed before you and many will pass after you, so why not you too? I'm finally seeing how broad the 410 really is. I just started using the practice exams that came with the book im using to study to get my MCSA and I failed the first 2 practice exams.
|
|
#
?
Mar 8, 2016 16:47
|
|
|
Company just bought a 1 year full sub to CBTNuggets! Awesome, this will really help with supplemental material for my WGU certs! Let's just pop open the A+ overview and - 35 hours? poo poo, that's thorough, let's bump up the speed a little bit and see what we've g-  
|
|
#
?
Mar 8, 2016 18:26
|
|
|
Ashley Madison posted:Congrats! Glad to hear folks are getting ahead of the broken sim You are a cool person who almost always congratulates people who passed a cert.  Judge Schnoopy posted:Company just bought a 1 year full sub to CBTNuggets! Awesome, this will really help with supplemental material for my WGU certs! I get what you're saying, but I don't really blame them. The amount of material A+ covers is kind of stupid (and there is no reason that it should be two exams). There's no depth to it, but there's a whole lot of it.
|
|
#
?
Mar 8, 2016 18:51
|
|
|
Judge Schnoopy posted:Company just bought a 1 year full sub to CBTNuggets! Awesome, this will really help with supplemental material for my WGU certs! That's awesome. I take it you can access any of the videos on there with a full sub? I'm thinking about getting a sub but not sure if it's worth it
|
|
#
?
Mar 8, 2016 20:01
|
|
|
crunk dork posted:That's awesome. I take it you can access any of the videos on there with a full sub? I'm thinking about getting a sub but not sure if it's worth it Yeah, you can get all of them with a full subscription. I wish we had that; we just have an access code thing where we have to request courses. I can get any that I want, but I can't skim courses etc.
|
|
#
?
Mar 8, 2016 20:04
|
|
|
crunk dork posted:That's awesome. I take it you can access any of the videos on there with a full sub? I'm thinking about getting a sub but not sure if it's worth it The full sub is $1000 for the year. It gets you every course, a bunch of legit practice tests, and labs for a bunch of Windows certs. An absolute ton of information available for a year, though the price is a little steep. Otherwise I've had great luck with Udemy courses at $15 a pop to provide more focused studying.
|
|
#
?
Mar 8, 2016 20:07
|
|
|
Judge Schnoopy posted:The full sub is $1000 for the year. It gets you every course, a bunch of legit practice tests, and labs for a bunch of Windows certs. An absolute ton of information available for a year, though the price is a little steep. Which UDemy courses did you take?
|
|
#
?
Mar 8, 2016 20:14
|
|
|
yikes that's a lot of money, I didn't know it was that much. I'm assuming they do stuff ala carte as well so maybe I'll just buy access to the series I want when I'm ready.
|
|
#
?
Mar 8, 2016 20:20
|
|
|
Tab8715 posted:Which UDemy courses did you take? Laz Diaz's CCNA Route and Switch, Chris Bryant's CCNA Security Bootcamp, Ryan Kroonenburg's AWS Solutions Associate. Laz can be a little grating but drat if I didn't learn everything he taught. Most of the course is him standing in front of packet tracer. Bryant is a bit more dry, most of the course is staring at a console screen, but again it was good to see exactly what to expect at a console for the security stuff. Kroonenburg was awesome for AWS, got me up and running quickly. Didn't cert this one but still have a good amount of workable background knowledge. I also got Jerry Banfield's CEH course and Kali Linux course but haven't gone through them. Right after I bought them I proposed CBTNuggets to my employer and they were all for it, so these courses are in a permanent holding pattern until my degree is done.
|
|
#
?
Mar 8, 2016 20:25
|
|
|
Jang's RHCE7 book is going to be out just in time for RHEL8 
|
|
#
?
Mar 8, 2016 23:52
|
|
|
Looking for some advice regarding the MSCE:BI certification path. Bit of background: I'm a director of research at a public policy research institute for a state university with 10 years experience in quantitative data analysis. Think social scientist/statistician/"data scientist"/number-cruncher. I've gone about as far as I can here, and jobs are pretty limited in my part of the country. I've noticed that there's a bit of a disconnect between the social science/public policy research world, and the more business oriented/corporate side of data analysis; I have a hard time expressing my skill-set to potential employers and I get passed up for a lot of jobs I could easily do. So I've decided to use some staff-development funds from my current job and work on a Business Intelligence certification. I'm taking the first course next week, and I'll definitely have more staff-dev funds available for future courses/exams. But are there any good (and cheaper) resources that I can use to prepare for other exams in the chain, rather than actually taking the courses via a training center? Is there a threshold you reached after the first few courses to where you felt like you could self-teach for the remainder of the exams? Like I said, future funds will be available, but due to the nature of our business, they're not always available when you want them. I'd like to be able to fast-track this as much as possible. Scarf fucked around with this message at 17:30 on Mar 10, 2016 |
|
#
?
Mar 10, 2016 17:27
|
|
|
I've got CCNP - ROUTE tomorrow. wish me luck!
|
|
#
?
Mar 10, 2016 23:32
|
|
|
sudo rm -rf posted:I've got CCNP - ROUTE tomorrow. wish me luck! For me this was the hardest of the 3 tests. Mostly because it can be pretty easy to get lost in redistribution if you're not paying attention. I took it a couple years ago, but I'm pretty sure redistribution is still going to be a thing.. The moral of this post is know redistribution, AD, etc.
|
|
#
?
Mar 10, 2016 23:49
|
|
|
sudo rm -rf posted:I've got CCNP - ROUTE tomorrow. wish me luck! Good luck!
|
|
#
?
Mar 11, 2016 01:09
|
|
|
I am currently working for a 100+ person law firm as part of a two-man team. I do tasks that would largely be "junior sysadmin" material (deployments, usual windows server stuff with AD, etc) with 3+ years so far of experience doing those tasks in various organizations without the "title" that goes with it. Does the title matter when looking for jobs? Never mind that though, my question is: Should I skip the A+, etc certifications with the qualifications I have and go straight for Cisco and MCSA/MCSE as that is the direction I want to take my career in - or should I at least get the A+/Network+ certs to have them, to show I at least did them.
|
|
#
?
Mar 11, 2016 01:56
|
|
|
TheShazbot posted:I am currently working for a 100+ person law firm as part of a two-man team. I do tasks that would largely be "junior sysadmin" material (deployments, usual windows server stuff with AD, etc) with 3+ years so far of experience doing those tasks in various organizations without the "title" that goes with it. Does the title matter when looking for jobs? A+ will contribute nothing to your resume. Definitely skip it. I'd go straight for CCNA /MCSA depending on which is more interesting.
|
|
#
?
Mar 11, 2016 02:06
|
|
|
TheShazbot posted:Should I skip the A+ I was in the same position as you, albeit with only one year experience and decided to get the Network+ first and now have MCSA: 2012R2. In retrospect I should have just gone for the CCNA, but it was a nice basic cert and mostly all useful for the CCNA.
|
|
#
?
Mar 11, 2016 02:14
|
|
|
Passed Network+ today with an 850. Probably could have skipped it and gone directly to the Cisco track, but I already bought a book for it a while back, and the company I work for reimburses for passed tests, so hey. Felt pretty good, but seriously screw you CompTIA for putting a survey in between finishing the test and giving me my score. I just wanted to know if I passed, drat it!
|
|
#
?
Mar 11, 2016 06:38
|
|
|
Kakesu posted:Felt pretty good, but seriously screw you CompTIA for putting a survey in between finishing the test and giving me my score. I just wanted to know if I passed, drat it! Every exam is like that, regardless of provider. Now that you're done Network+, try Security+. It's like Network+, but with some extra material.
|
|
#
?
Mar 11, 2016 06:55
|
|
|
HPL posted:Every exam is like that, regardless of provider. VMware asks before the test.
|
|
#
?
Mar 11, 2016 07:00
|
|
|
Microsoft does a survey before and after the test.
|
|
#
?
Mar 11, 2016 07:08
|
|
|
Japanese Dating Sim posted:A+ will contribute nothing to your resume. Definitely skip it. I'd go straight for CCNA /MCSA depending on which is more interesting. I'd agree here; I got my foot in the door with hobbyist experience and A+ Certification, but after almost two years working Help Desk the amount of stuff I've learned is way ahead of the A+ Certification. If IT gets any insight into who is being looked at for hiring I can't imagine A+ being ranked higher than a solid year of Help Desk experience. Working on Network+ myself right now, I'm going to have to make some loving flashcards for transmission length specifications for various cable types if I ever want to remember them.
|
|
#
?
Mar 11, 2016 07:13
|
|
|
HPL posted:Every exam is like that, regardless of provider. Security+ is definitely on my list, but I need CCNA for a promotion, so that's my next step.
|
|
#
?
Mar 11, 2016 07:16
|
|
|
With CCNA R&S reportedly being more difficult since the last revision - and the common thing I hear is that they moved a lot of previously CCNP-level material down to it - did the CCNP R&S exams get harder in the same way?
|
|
#
?
Mar 11, 2016 19:51
|
|
|
I dunno what the old stuff was like but my CCNA was not terrible.
|
|
#
?
Mar 12, 2016 05:43
|
|
|
Passed CCNP - route 923/1000  Wasn't as bad as I was expecting. After I got surprised on Switch by some of the questions, I made sure to go through the exam topics and read through all the small random subjects because I felt like the one you're not 100% on is inevitably the subject you'll get asked about the most, haha.
|
|
#
?
Mar 12, 2016 06:14
|
|
|
|
| # ? Jun 9, 2024 19:08 |
|
|
MrBigglesworth posted:I dunno what the old stuff was like but my CCNA was not terrible. I got mine between March-August of last year over two tests and it really wasn't that bad at all. ICND1 felt like an expanded Net+ with Cisco stuff tossed in. ICND2 seemed a great deal more difficult but I think it's because the scope is narrower with much greater depth on the topics they do cover.
|
|
#
?
Mar 12, 2016 14:40
|
|