My eJPT Journey

-

 eJPT Review


Back Story


Originally I purchased the Penetration Testing Student v4 (PTSv4) bundle from eJPT at the end of 2020 which included training materials and the test voucher. I believe at the time there was a sale going on and this was something that I always wanted to dive into. I took a few side steps between now and then and acquired two other certifications–the Cysa+ and AZ104. While studying for and taking the Cysa+, eJPT joined INE, which meant nothing to me yet. 


Studying for test


The PTSv4 platform had three total sections, with two of them being preliminary skills–Prerequisites and Programming. The prereqs included networking, web applications, and (an introduction) to penetration testing. To be honest I lightly skimmed through the study materials for each of these sections. The PowerPoint format for the study guides was not my favorite format. I did, however, watch each video and complete the labs. I would highly suggest doing these for the prerequisites as these tools will be helpful during the test. 


The final section was the main course, Penetration Testing. This includes six comprehensive chapters on different topics of pentesting. There was also a final seventh chapter called Next Steps which included three black box tests which simulate a capture the flag-like objective that will help prepare you for the exam. I’ve spent most of my time going through these six chapters as they were not just the most important for the exam, but also the most interesting to me. Throughout the course you not only learn concepts of pentesting, but also the different tools of a pentester. This course included hands-on learning for tools such as: Nmap, ncat, Burp, Nessus, Dirbuster, and Metasploit. These are just a few of the tools that you will get experience with. 


The eLearnSecurity course was not my only study tool for this exam. Throughout the year I have used these resources which either directly or indirectly aided me in my eJPT studies:


TCM (Heath Adams)’s Practical Ethical Hacking course: https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course


The All-in-one Comptia Pentest+ Study Guide:


https://www.amazon.com/CompTIA-PenTest-Certification-Guide-PT0-001/dp/1260135942


The Junior Pentesting path on TryHackMe:


https://tryhackme.com/paths



Closing thoughts and next steps


I was very impressed with how simple ELS’s process was to complete this certification. They have seemed to make it even easier to connect and complete the labs within the new INE platform. It was easy to buy an extension for my voucher as I got side-tracked early on and put off my studies (with Azure training). ELS/INE’s customer service was easy to work with through their email support system. My only complaint was that the slideshow study guides were sometimes a struggle to get through. The exam provided me with a 48 hour window to complete a series of multiple choice questions. You will use your skills to determine vulnerabilities, gain access to remote systems, and perform privilege escalation. Be sure to always keep in mind your basic networking skills while completing the exam. Having completed the Network+ and CCNA I thought I was in a good spot, but I over complicated things during the exam which drastically slowed me down. Overall it was plenty of time to complete the exam and as I was submitting my questions at the end I was confident that I would pass.


It may be obvious here that I was also considering taking other exams such as Comptia’s Pentest+ and TCM’s PNPT. I still may take both of these in the future and maybe even one day work at the OSCP. 

Comments

Post a Comment

Popular posts from this blog

Building a SIEM with Elastic Cloud

-
Image
 Building a SIEM Lab with Elastic Cloud     Introduction A recent YouTube video captured my attention as I explored various methods to gain practical experience with SOC and cybersecurity tools. My current role has introduced me to technologies like Elasticsearch and OpenSearch, sparking my interest in integrating professional development with personal learning endeavors. The video, shared by Gerald Auger, offers a comprehensive guide titled "Build a Powerful Home SIEM Lab Without Hassle! (Step by Step Guide)." It draws inspiration from Abdullahi Ali's blog post, "A Simple Elastic SIEM Lab," providing a structured approach to learning. This post serves as an introduction to SIEM and Elastic, often referred to as ELK, which stands for Elasticsearch, Logstash, and Kibana. These three open-source tools, when used collectively, facilitate real-time log analysis, crucial for identifying security breaches and monitoring server communications. SIEM (Security Informatio...
Read more