Secure Digital Life #22
Recorded July 5, 2017 at G-Unit Studios in Rhode Island!
Pentesting Cert. Shootout
Offensive Security Certified Professional -- their server was down, not a good sign.
offensive security started in 2006
Basically, this is actual pen testing using Kali Linux to break into five servers. You have 24 hours to complete the exam. Requires documentation Does NOT require recertification once completed Doesn't seem to be a good course for beginners. Requires that you take some sort of training One job that said Highly Prized but was not required
CEH -- Certified Ethical Hacker EC - Council A 4 hour multiple chance test of the Exam Vue style -- 125 questions Requires 2 years of information security experience validated 700$ for the exam
GPEN -- GIAC certification from SANS 115 questions 3 hours renews every 4 years 1,699 price
CPT -- IACRB Exam has two parts 50 questions in 2 hours Take home practical with three challenges 499$
Talk a bit about training course types Online streamed / asychronous Seated
Cost of Each CEH == 100$ -- similar costs for training OSCP == 750 minimum + 60 for each retake (requires at least the online training, the seated training is 4000)
Jobs I looked at usually required "one or more" of the certs if they required them at all. Most of these jobs required B.S in Cybersecurity or Computer Science and work experience.
What is your testing ability? How about your study habits? Can you self study? Test taking strategies 9tut? Transcenders You will need to study and practice to take any of these tests and succeed.
Our recommendations If you can afford it, GPEN absolutely If you can't afford it, CEH may be the cheapest and easiest If you like to sit in a dark room and hack things, maybe the OSCP
Talk about employment more Ensure these add value to your resume Look at jobs for which you can apply and ensure these are required or desired Be careful and read reviews of instructors and classes before you shell out Under no circumstances borrow money for certs unless it is a guaranteed job and maybe not even then