OSCP's ability to gauge Linux knowledge
scenicroute
Member Posts: 56 ■■□□□□□□□□
I'm aware OSCP is a solid security certification, but for those who've gone through the PWK course and obtained OSCP, would you say that doing so means said certified person has a certain baseline of Linux knowledge? Or in other words, if you were hiring a junior Linux system admin, would you think a person with OSCP is likely competent enough for the role?
Just to clarify, I'm not asking if OSCP is a good cert to get for a system admin. I'm also not asking if OSCP is a good cert to get to show your Linux knowledge. I'm just asking if it could be said, incidentally as a side effect, that said OSCP certified individual possesses the necessary baseline of knowledge to jump into a junior Linux sys admin role.
Hope that makes sense.
Just to clarify, I'm not asking if OSCP is a good cert to get for a system admin. I'm also not asking if OSCP is a good cert to get to show your Linux knowledge. I'm just asking if it could be said, incidentally as a side effect, that said OSCP certified individual possesses the necessary baseline of knowledge to jump into a junior Linux sys admin role.
Hope that makes sense.
Comments
No, the OSCP requires use of Linux sure, and it is likely that a cert holder is comfortable doing some things in the command line. But it does not insure by default that they have any knowledge of how linux works, is set up, or that they have any capability in more than one distro. It would not tell you that if someone were have a problem with "X" that they would know how to troubleshoot and figure out that issue.
Alright, that makes sense. Thanks.
What are the experience requirements listed on the job description? Usually Jr roles are 1-4 years... I'd say PWK would qualify as a portion of that for sure ...
My strict answer to your queston would be, "Yes, the OSCP does generally demonstrate enough skills to be a junior linux admin."
That said, the OSCP does not require you to do much to build, install, patch, and manage a Linux system. Nor to actually secure one. But it does mean you have installed and maintained (to some degree) a working Kali Linux VM (largely terminal-based) for an extended period of time. You can navigate and manage that Kali VM, including networking services, authentication, and so on. You can also attack other Linux systems, navigate around those systems via CLI, understand web server architecture, various network services, internal security settings, and so on. You'll also have a keen appreciation of what leads to insecurity and how to think like an attacker. But it's still mostly about breaking into and tearing apart a Linux system, rather than building one up.
Basically, someone with an OSCP should at the very least be considered a novice with Linux at the worst, and ready and open to learning more about it. No one should really pursue the OSCP without some Linux experience or aptitude to pick it up *very* quickly.
That said, it's always possible their OSCP journey was largely tackling Windows lab targets and maybe some luck in the exam, but those seem like slim odds.
You'll also want to be concerned about where this person wants to go with their career. I applaud anyone who pursues and achieves the OSCP cert, but I also know that most who get it really want security or even straight pen testing work, rather than general systems administration.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?