Passed Pentest +

I just took and passed the exam. I thought it was actually harder than CASP. For anyone interested in taking this exam I would seriously review python and web attacks. I honestly hope this becomes 8570 because it definitely deserves either the analyst or incident response role.

I mainly used Jason Dion’s Udemy course and I reviewed my GCIH books for study material. Just about everything Jason covered helped out tremendously but even then I felt it wasn’t enough. I’m hoping to take the new version of Linux + sometime this year.

Find more posts tagged with

Comments

Cuse0311

Congrats on the pass!

Infosec_Sam

Congratulations! You'll have to keep us posted on how the Linux+ goes!

securitychops

Congratulations on the pass!

Infosec_Sam

How do you think the Pentest+ sizes up against the CEH? I'd be curious to know which one you'd recommend, if I were to only pick one.

charismaticx

I would honestly rank CEH low in terms of difficulty when compared to GCIH, CySA and Pentest +.

Infosec_Sam

charismaticx said:

I would honestly rank CEH low in terms of difficulty when compared to GCIH, CySA and Pentest +.

I've been hearing that from a number of different people now - that it's more of an entry-level cert compared to the others. Do you think the knowledge you gained from the CEH helped you take those more difficult exams?

charismaticx

I actually took CEH after I took GCIH. Everything I learned from that course helped me out considerably for CEH. The only thing I really studied was the nmap switches. Most people that sit down in a CEH course will blow off the material because it’s not what they expected.

Infosec_Sam

Interesting! Thanks for the insight!

Spiegel

Congrats!

ahardinjr

Congrats and thanks for sharing regarding Jason Dion's class!

mizterkewl

charismaticx said:

I thought it was actually harder than CASP.

Oh wow...what made it harder than CASP?

charismaticx

CASP is very broad and relies on experience. The Pentest exam requires a more in depth knowledge on a number of attacks and how to remediate them. Web attacks for me have always been confusing. Another thing to watch out for is python. Python scripting can be confusing if you don’t have enough experience.

mizterkewl

Do you think Jason's Pentest+ course could be used to study for CEH?

charismaticx

There’s a lot of overlap between CEH, CySA and Pentest +. However, Pentest + is much harder than CEH. CEH only attracts people because of the name value.

mizterkewl

@charismaticx well i'm studying for CySA+ right now and my next class for WGU is CEH and i know Pentest+ is harder but figured if there's enough overlap it would be smart to utilize it and maybe take the test for it as well at some point. Just trying to plan accordingly lol

charismaticx

Well if that’s the case get them all.

Celifrog

Congrats on passing, hope to end up like you!

charismaticx

It’s easily CompTIAs hardest exam.

spiderjericho

How would you compare it to GPEN?

charismaticx

GPEN is still much harder. Pentest + is great for those who want to take reasonably priced certification. If you can get your employer to pay for GPEN then do it. It lays the foundation for how to conduct a successful Pen test while staying current with the latest tools and exploits.

egrizzly

Congrats on passing the Pentest+ I used all the study materials you mentioned and took it but failed it miserably. Anyway, I deconstructed my experience and feel I have to study scripting and nmap switches harder.

charismaticx

Scripting takes a while to learn and I’m still no expert on it. I can read a script just fine, but making my own still takes some effort on my part. The nmap switches were a huge part of CEH and that’s what helped me for the exam. This exam is easily the hardest CompTIA exam they have.

egrizzly

charismaticx said:

Scripting takes a while to learn and I’m still no expert on it. I can read a script just fine, but making my own still takes some effort on my part. The nmap switches were a huge part of CEH and that’s what helped me for the exam. This exam is easily the hardest CompTIA exam they have.

No kidding dude! It put me flat on my ass! and mind you for tough exams like the CCNA, CCNP, or CISSP I studied for those in less time than I did the Pentest+ and passed them on the first attempt. It really needs dedication to scripting and Nmap to punch through the hard walls of the Pentest+

charismaticx

Wow that’s surprising! However, it’s hard for me to compare when I haven’t taken those exams. In the past few months, I’ve learned that you can’t really compare the exams. Each exam is it’s own different beast. If all depends on on your interpretation of the material.

If Jason Dion isn’t for you then I strongly recommend looking up The Cyber Mentor on Udemy. His course was incredible and it help build on some further skills when I was studying for GPEN.

JDMurray

CompTIA's "cyber exams" (CASP+, CySA+, Pentest+) require more hands-on experience with using tools, reading logs, interpreting code, and working in an operations environment than other CompTIA exams. This makes it more likely that a candidate won't pass from simply memorizing study materials. It gives these certifications, and the certification holders, more integrity in the cyber job markets. All of us cert "old timers" just need to realize that a "+" at the end of a cert acronym no longer means "entry-level certification" anymore.

charismaticx

CASP, CySA, and Pentest + are what I consider the real trifecta in CompTIA. Each one requires a different degree of experience. By no means are they easy, but their not impossible. CompTIA has really stepped up their game in terms of quality exams to meet industry standards.