So i'm going to take the Pentest+
Long story short, I started a MSc in Security which was 3 years long, however, I found that the support was a bit lacking and it wasn't really tailored to what I do in my day to day job. So my plan is to quit it before I get too far in, then get the Pentest+ and then the WAPT. I got my OSCP back in 2015 but I only landed my first penetration tester role in 2019, so I need to regain the mindset.
The Pentest+ looks very infrastructure focused which is a shame, i'd have liked to have seen more web app stuff, but either way, it's a new challenge and I think I should be able to pass it without too many hiccups along the way.
Comments
All the best to you!
Have you thought of challenging the GPEN since you have the knowledge?
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
I've paid for Certmaster (CompTIA's official question pack to help train you up).
I need to go through the study guide again, hammer certmaster and hope for the best. Certmaster has been showing me what a hard exam this is going to be. But hey, I'm up for a challenge....!
I'm hammering sample questions and collating a list of things I'm weak on e.g powershell and various post-exploit tools. I'm planning to delve into them a little before the exam to get a practical sense of them.
If the exam is anything like the Certmaster prep, it's going to be a close one. It's saying I've got 74% knowledge at the moment and I think you need 80% to pass? Does that sound about right? Going to read the book in these 7 weeks, run through the book's sample Q's, maybe run through the Udemy course again and finish the whole of certmaster. It's gonna be a busy 7 weeks!
Connect With Me || My Blog Site || Follow Me
My advice for anyone taking it is simply know the content inside out and back to front. Passing mark is 750, I got 763. So I just scraped through it.
I didn't fully read the book, and used Jason Dion's course/pdf. To be honest, his course didn't come in very useful. His pdf however saved my bacon. He provides a pdf with his course which details key points. I read all 71 pages prior to the exam and I think this is what pushed me over the pass mark.
Also, and I don't mean this to be a loaded question and out of curiosity, how much do you feel that your pentest knowledge has grown, comparing when you began studying for Pentest+ and now that you've passed the exam? How would you compare that to the same situation, but with OSCP? It kind of sounds like you passed mainly by prior experience, so maybe my questions aren't really applicable.
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
I certainly felt as if I could fail the Pentest+. The killer questions for me were along the lines of: "Which of the following is the BEST choice....". Those totally crushed me. They're subjective and I truly wish CompTIA would eliminate them from their exams. One company might choose A and another might choose B....and as a pentester, I might choose C. I just wish CompTIA would stick to questions with factual answers, rather than subjective answers.
TL;DR - You can gain a lot of knowledge from the Pentest+, if you apply it practically. I think ultimately, CompTIA really need to start providing labs so students can practice skills.