Whew! How may questions in Pentest+ about Script Analysis?

egrizzly

For those of y'all who have taken the exam how many script analysis questions did you encounter?  I mean those questions where you have to look at the script then say what the script is doing?

I'm just curious about this because I've been studying using the Mike Chapple book Pentest+ Study Guide and the chapter on script analysis is quite intense.  You're literally learning programming in Python, Bash, Powershell, etc.

iBrokeIT

Good, someone claiming to have a certified pentest test skillset should be able to read, understand, and edit basic scripts at a very minimum.  Many of the pentest tools run on those languages and you need to know how to modify them to meet your testing criteria.  

You should download the exam blueprint from Comptia's website which has the detail exam breakdown.

SteveLavoie

From exam blue print

Objective 4.4 :Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell).
• Logic - Looping - Flow control
• I/O - File vs. terminal vs. network
• Substitutions
• Variables
• Common operations - String operations - Comparisons
• Error handling
• Arrays
• Encoding/decoding

Well. basic programming is into scope So it is up to you if you take the chance to be less prepared for those question

egrizzly

yeah, but from personal experience with the exam has anybody actually checked the number of scripting-related questions?

JDMurray

Discussing such specific information about the exam's content would be a violation of the CompTIA non-disclosure agreement that we have all signed--including you.

egrizzly

Ok.  I've found a solution to this though. In the book Pentest+ Study Guide (by Mike Chapple, David Seidl) they have a system for identifying what type of script you're presented with.  It also provides many effective ways to learn the various components of scripting (Flow Control, Variables, etc).  

Problem solved 

yoba222

Took the beta version 1, so my anecdote probably isn't all that accurate anymore. That said, from I remember, I left the testing center with the feeling that if I didn't have a good grasp on how to read a script, I would not have passed. There were numerous script questions.

egrizzly

yoba222 said:

Took the beta version 1, so my anecdote probably isn't all that accurate anymore. That said, from I remember, I left the testing center with the feeling that if I didn't have a good grasp on how to read a script, I would not have passed. There were numerous script questions.

From the book above I picked up creative ways on how to recognize whether a script was done in Bash, PowerShell, Ruby, or Python.

I ENDED my relationship with Ruby my ex-girlfriend (Ruby scripts always contain an END statement)
I bashed the IF backwards into FI (Bash scripts always end with FI, or the reverse of the conditional statement)
I crown my sayings with powerful crowns {} (PowerShell statements use curly braces which I see as crowns for memorization)
A python looks like a colon-the large intestine (Only Python scripts use colons)

So for the recognition part they give you a nice methodical way.  I went further by associating them with creative stories.

charismaticx

When I took it last year, it had a quite a bit of of scripting questions. If you know how to break down the script then you generally have an idea of what it’s doing. Scripting has always been a weak area of mine, but it’s something I have worked on the last few months. 

r073r

egrizzly said:

Ok.  I've found a solution to this, though. In the book Pentest+ Study Guide (by Mike Chapple, David Seidl) they have a system for identifying what type of script you're presented with.  It also provides many effective ways to learn the various components of scripting (Flow Control, Variables, etc).  

Problem solved 

Found the chapter that's 11 right will go through it after breaking the other chapters in half, tho i already have experience of some chapters want to take this around December and just ace it once and for all. LOL

bjpeter

egrizzly said:

For those of y'all who have taken the exam how many script analysis questions did you encounter?  I mean those questions where you have to look at the script then say what the script is doing?

I'm just curious about this because I've been studying using the Mike Chapple book Pentest+ Study Guide and the chapter on script analysis is quite intense.  You're literally learning programming in Python, Bash, Powershell, etc.

When do you plan to retake PenTest+?

r073r

I just hope it'll be something straight forward and not the way poeple who passed it making it look scary 😸😅