2024-05-20 19:47:00
This morning I woke way too early to take CompTIA's CA1-005 SecurityX beta.
118 questions and I used two hours (out of the three allotted). I thought the invite said four hours max, but okay, fine. I thought the MC questions were mostly pretty good, only a very small amount of stinkers. The PBQ weren't that exciting though, could've been more.
One thing that stands out: CAS-004 was the first CompTIA exam to introduce a PBQ in a real Linux virtual machine. CA1-005 has removed all of the Linux commands from the objectives, which suggests that CompTIA decided to kill that particular subject and the VM PBQ. I for one did not encounter the VM at all.
All in all, is the CASP+ / SecurityX a competent, more technical alternative to CISSP? I think it's not far off! Now the problem to tackle is brandname recognition.
kilala.nl tags: work, studies,
View or add comments (curr. 0)
2024-05-18 00:17:00
I guess most people know by now that I'm a sucker for beta-testing exams. CompTIA went live with not one, but two new betas!
They have published the exam objectives here.
I just spent five hours doing a comparison of the PT0-002 and PT1-003 objectives. The changes to Pentest+ are pretty extensive. Many small details are swapped out. Two big areas are swapped: there is much less focus on mobile (app) pentesting and there is much more focus on the SDLC and containers.
Here's my comparison. It shows which objectives were carried over from 002 to 003, but also which were added (green) or removed (red).
Nov 8th'24 disclaimer: these comparisons were made using information available at the time. This information is subject to change, as CompTIA can and will tweak exam objectives. Always grab the latest objectives doc for yourself.
kilala.nl tags: studies,
View or add comments (curr. 0)
2024-05-13 08:58:00
This weekend I had a few spare hours to laze around in my hammock. What better way to spend them, than to do some quick brushing up on my training skillset?
Logical Operations, have a training and certification they call MCCT: Modern Classroom Certified Trainer. It is currently discounted to $95, including the exam and cert.
MCCT is very clearly targeted at trainers who need to migrate from classroom to digital teaching. The training and certification do not go into didactics and curriculum creation, it is purely about achieving success in digital / remote / asynchronous training.
MCCT is by no means a replacement for CompTIA's now-retired CTT+.
Training materials consist of 2.5h of video, a PDF book and slide decks. The exam are 48 multiplechoice questions, 36/48 needed to pass. The exam is untimed, unproctored and open book.
My opinions on the matter:
Jon's training impressed upon me once again the importance of community-building, especially in an async class. Yet again that makes me amazed that Practical DevSecOps appear to actively discourage community-building in their trainings.
kilala.nl tags: studies,
View or add comments (curr. 0)
2024-05-10 17:12:00
It's been almost a year since I last fired up my homelab. I haven't had a need for the 20+ VMs since I did my Ansible and CDP exams as just about all the other exams I prepared on a smaller, local env.
A few weeks back I decided to fire up my R710 again, to see if everything still works. It's antiquated and it runs a version of VMWare ESXi 6.5.x. Since its boot drive is a USB flash drive, I was a bit worried.
Lo and behold, I am greeted by a pink/purple screen that says:
failed to mount boot tardisk
Whelp... I have some inclination what that means and I don't like it. Unfortunately the Internet also wasn't of much help, as that exact error appeared once on a German forum.
After some messing about, I'm happy to learn that my USB boot drive still had a recovery option! Pressing <shift><r> when told to, pops me into recovery mode. It tells me I can restore a previous install (which curiously had the exact same OS version), which I did.
By the sounds of it, all my VMs are booting again. :)
Now to make a backup of that flash drive!
kilala.nl tags: work, studies,
View or add comments (curr. 0)
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Tess Sluijter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.