The elearn security certifications are growing in terms of popularity and I was thinking for quite a few months to test my skills ,somewhere in an exam scenario. One of my dearest friend recommended me to give eJPT for that which I of course didn’t pay heed to it at first . But he gave me a voucher of 50% discount on the exam and that’s what exactly instigated me to give the exam :) HE HE !
A little background of me goes kinda like ; I am not an infosec guy ,neither I had taken computer science after 10th Boards and far away from any thing which relates to any kind of computer LOL!! ; same scenario in my college .But I always cherished an interest in hacking and cybersecurity. I am not a very regular CTF player in Vulnhub and Hack The Box , but have solved a couple of Rooms in Try Hack Me and few machines of VulnHub(Of course with a little bit of hints and what not).
KEY TAKEAWAYS
- Everything you need to pass the eJPT exam is covered in the Penetration Testing Student (PTS) learning path on INE, which is part of the free Starter Pass
- You have 72 hours to complete your exam and 1 free retake if you fail
- The exam is hands-on and has 20 multiple choice questions based on your findings
- PTS Training for Free
- Because the PTS training is free, you’ll only have to pay for the $200 eJPT voucher to get certified.
How I studied PTS at first
I started with networking and I hit a wall. Most probably as per me ,this is one of the hardest thing you need to gulp down ,(and the most probable exorcist you are going to face in exam with poor networking skills ). I did N+ course of Mike Meyers ,which you can get at udemy ,but if you are a free loader like me ,you are just one step away from Googling it out and download for free. My best recommendation when things get difficult in this course is to keep going(philosophy af ,in reality only 50% of people follows it ,rest are suckers like me). I read all of the slides and watched all the videos and did the labs twice except the 3 Black Boxes . I kept the BlackBox Labs for last 2 days to solve and to my misfortune the labs were down in the very last 2 days before appearing for exam .I thought it’s extremely important to understand the theory, but because of my intimidation, I spent way too much time on it. and eventually overlooked the important part of it.Looking back, I understand why I would get stuck….
PTS study recommendations
Make sure to focus on networking skills ,and pcap file analysis with Wireshark ,cuz that’s what you need for the exam ,if you complete that part in exam trust me 80% of your exam is over ,atleast that happened for me
Go through the INE PTS materials more than once
And if you can ,just complete the Complete Beginner pathway of TRY HACK ME(not manditory but will help you in exploitation first).It won’t cost you more than 10$ ,but if you have some good connections ,you can manage a free voucher.
Exam Experience
This is probably the part which most people must be waiting for. So here’s the deal with the exam, you’ll hear a lot of people saying that the exam is damn easy and easy to pass which I agree . However, it’s not that easy also ,atleast not like the people saying … So the exam format is like this :-
-20 multiple choice questions with one or more than one.
- In order to answer these questions, you’ll be given a letter of engagement and a VPN pack with which you’ll have to connect to their network and perform a penetration test. Read the letter very carefully word toword.
- The time to complete the exam is three days or 72 hours. I took me around eight and half hours to complete it with a score of 19/20 .
- The networking section took me more than 5 hours to dig out the problem ,and rest went on smoothly .My previous experience in Vulnhub and THM helped me to complete the exploitation .Once I was in a rabbit hole while solving the windows machine but recovered and another thing I faced during exam is sometimes after 6 hours they close the lab ,you may need to check if your connection is up .I didn’t noticed that and successfully wasted almost half an hour in a dilemma of why aren’t the commands executing successfully
- The exam setting was so cool, something which I was already missing the moment my exam got over. But the experience was awesome…
Few points about the exam which you should take care and not make the mistakes I made:-
1-Try imagining the network structure (this will help you with the routing thing if you got stuck)
2-Don’t rush into things and get excited about something ,which I did and in that Adrenaline rush ,I ran into a silly problem early on , after which I took a step back to take a look at what was I not able to see only to find the answer staring back at me.
3-Maybe the payload isn’t suitable with the system? or whatever you have done for the same scenario in Lab; you need to think something ahead of that.
4-Think like a hacker ,you can use Metasploit ,so try to utilize it’s power ,you may have to do trial and error looking for the exact exploit to work ,and in this context take help from youtube and google .And also lemme tell you Old systems may have more than one vulnerability ,you can try looking for other exploits to get a system shell ;)
5-Keep a calm head, the answer will probably the first thing which you had thought of but dismissed it thinking that it would have been too easy.Also don’t waste your time in useless heavy nmap scans, the basic scan will suffice.
Final words of encouragement
- You have a whole community of people rooting for you.
- If I can do it, why not you?
I hope this write-up will be helpful to you and you will also pass the exam with flying colors …. Follow me on twitter for cybersec content https://twitter.com/AnonY0gi
