2021-04-30 09:41:00
Earlier this year I completed CIN's TTT (train-the-trainer) for Security+, CompTIA's entry-evel InfoSec certification. I hope to teach the subject matter at ITVitae or elsewhere in the near future, so I'd better prepare myself on the exam objectives.
Overall I'm pleased with the body of knowledge covered by Security+; there's a reason why I frequently recommend the learning path to colleagues starting out in IT security. The BoK covers security fundamentals which I feel should be understood by anyone in IT: developer, engineer, risk management, I don't care. Everybody in IT should know this stuff. :)
Paul Jerimy's excellent security certification roadmap places Sec+ at the foundational level. There's no shortness of comparisons between Security+, SSCP, CISSP, GSEC, CEH and others on the Internet, for example this one. Most of us agree: Sec+ is foundational knowledge for those starting in IT.
I sat the exam this morning, version 601, and I passed. Would've been worrisome if I hadn't! ;)
I'm pretty happy with the exam's contents: there's a decent spread of topics covered and only two out of my 82 questions were worded sub-optimally. The PBQs actually were pretty good!
kilala.nl tags: work, studies,
View or add comments (curr. 0)
2021-04-23 09:45:00
A little under three years have passed since I last took the CompTIA Pentest+ exam. Like last time, I took the beta-version of the exam. Just like last time, I decided to go into the exam completely blank, only taking a glance at the official objectives beforehand.
The OnVue at-home testing experience offered by PearsonVue, like always, was decent. The tooling works well enough, the proctor was communicative, waiting times weren't too bad. The software feels kind of intrusive, as to what it wants to do on your laptop, but at least it didn't want me to install anything, nor does it require admin-level rights.
As to the exam itself, my experiences mirror what I felt back in 2018:
I feel that the PT1-002 exam needs some polishing and a few corrections, but overall the level of difficulty and the type of questions asked do in fact do a fairly good job at testing someone with 2-3 years of pentesting experience.
I'm curious whether I've passed! As was said: I went in without preparation and there's definitely a number of objective areas where I don't have experience.
EDIT:
A forum acquaintance reminded me of the following:
"You see a preponderance of exam items referring the same concept because the vendor is attempting to determine which of those (experimental) items to include in the (production) exam item pool. ... When taking a beta exam, you are helping to create the exam item pool for the initial public release of the exam, not taking the initial public release of the exam itself."
kilala.nl tags: work, studies,
View or add comments (curr. 1)
2021-04-06 13:21:00
2009 is a long time ago, but I recall very much enjoying "Bakemonogatari" (explained here) back then.
One of the lines from that show that's always stuck with me is something Hanekawa says multiple times. It's kind of become my tagline in life and work.
It matches my Jill-of-all-trades, T-shaped engineering approach. ( ^_^)
"I don't know everything, I just happen to know this."
View or add comments (curr. 0)
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Tess Sluijter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.