PT1-002: CompTIA PenTest+ Certification Beta Exam

Took the beta today found it on Pearson's site last week and scheduled. My test was heavy on NMAP and the various switches. Really annoying The code snippits are crazy if you don't code and like never figured out where to enter my answer on some of the questions. The questions were being overlayed on top of the selections a lot of back and forth really made it confusing. The testing site had 20 inch monitors which is horrible for scenario based testing.

trojin

jeremywatts2005 said:

Took the beta today found it on Pearson's site last week and scheduled. My test was heavy on NMAP and the various switches. Really annoying The code snippits are crazy if you don't code and like never figured out where to enter my answer on some of the questions. The questions were being overlayed on top of the selections a lot of back and forth really made it confusing. The testing site had 20 inch monitors which is horrible for scenario based testing.

ty, for sharing the exam exp

JDMurray

jeremywatts2005 said:

The questions were being overlayed on top of the selections a lot of back and forth really made it confusing.

You just described a feature of the Cloud+ beta exam we all took last year.

jeremywatts2005

JDMurray said:

jeremywatts2005 said:

The questions were being overlayed on top of the selections a lot of back and forth really made it confusing.

You just described a feature of the Cloud+ beta exam we all took last year.

Yep took that one and passed it. Same crazy stuff really annoying. Hoping for a CASP beta to come up. This pen test coding stuff is not my game.

trojin

jeremywatts2005 said:
Yep took that one and passed it.

Do you have results for Cloud+ beta?

AverageJoe

Hmmm... no PenTest+ e-mail and I don't see anything about the beta on CompTIA's site, but I do see it on Pearson VUE so I'll give it a try and see how it goes.

Eston21

https://www.comptia.org/certifications/pentest

AverageJoe

Eston21 said:

https://www.comptia.org/certifications/pentest

Oh, yep, sure enough, there it is!

Anyway, looks like you can take the exam between now and the end of June. I signed up for a May exam date to give me about a month to prep and some buffer to re-schedule if necessary. We'll see how it goes.

jeremywatts2005

trojin said:

jeremywatts2005 said:
Yep took that one and passed it.

Do you have results for Cloud+ beta?

Yep I passed the Cloud+ beta when it was out and CySA+ when it came out also.

JDMurray

jeremywatts2005 said:

Yep I passed the Cloud+ beta when it was out and CySA+ when it came out also.

You took the Cloud beta exam in 2016? We're talking about the Cloud+ beta exam given in 2020. Those results won't be released until June 2021.

trojin

I passed too in 2016. it doesn't count anymore

FluffyBunny

Copy/pasting from my private blog:

A little under three years have passed since I last took the CompTIA Pentest+ exam. Like last time, I took the beta-version of the exam. Just like last time, I decided to go into the exam completely blank, only taking a glance at the official objectives beforehand.

The OnVue at-home testing experience offered by PearsonVue, like always, was decent. The tooling works well enough, the proctor was communicative, waiting times weren't too bad. The software feels kind of intrusive, as to what it wants to do on your laptop, but at least it didn't want me to install anything, nor does it require admin-level rights.

As to the exam itself, my experiences mirror what I felt back in 2018:

It feels like there's an over-reliance on NMap and its flags. The objectives state that 30% of your score comes from Attacks & Exploits, with a further 16% coming from Tools and Code Analysis. In my test, it felt like NMap-related questions made up 10-15% of the total question base. That doesn't sit right with me, but of course my impressions could be wrong.
A very small amount of questions were not good, from a test-taker perspective. Some were overly wordy, with long run-on sentences. Others either had zero correct answers (due to syntax mistakes), or made little sense logically.
The PBQs (performance based questions) were similar to last time, with the one I disliked the most making a re-appearance. It's one where you have to both categorize and remediate 7-10 vulnerabilities, where in some cases all responses are sub-optimal.

I feel that the PT1-002 exam needs some polishing and a few corrections, but overall the level of difficulty and the type of questions asked do in fact do a fairly good job at testing someone with 2-3 years of pentesting experience.

I'm curious whether I've passed! As was said: I went in without preparation and there's definitely a number of objective areas where I don't have experience.

JDMurray

Remember that you took a beta exam. Betas help certification vendors test potential exam items with real exam takers. You see a preponderance of exam items referring the same concept because the vendor is attempting to determine which of those (experimental) items to include in the (production) exam item pool. There is also an imbalance of 'too easy' and 'too difficult' and 'too confusing' items on betas because the cert vendor is looking to identify and drop the edge cases before the exam is released to the general public. When taking a beta exam, you are helping to create the exam item pool for the initial public release of the exam, not taking the initial public release of the exam itself.

FluffyBunny

You know? You make a fair point JDM!

While I may have been fully aware of what you explained, a few of the pieces didn't fit together yet. You're right! The fact that I got so many NMap questions may definitely mean they just want to weed out a (large) number of the questions that are sub-optimal.