Share this post:A few weeks ago I signed up for eLearnsecurity’s(eLS) Penetration Testing Student(PTP) course along with vouchers for the eLS Junior Penetration Tester(eJTP) certification exam. This was due to the overwhelmingly positive reactions I was seeing from the security community around the eLS certs.
But is the training and certification experience that you get really that good? It was all I could hear about it. The ‘Elite” package for eJPT was $500 for a practical pentesting certificate with dedicated labs, 3 vouchers for retakes, and other perks.
Now that I’ve completed the PTS course, I passed the eJPT exam. I must say that this was the most enjoyable experience I’ve ever had studying for and taking a certification exam. The eJPT is a great place to start your journey into ethical hacking/penetration test.
However, I have been asked a lot of questions about the exam and training, so I thought I’d answer some frequently asked questions.
“What questions are on the exam?”
This was the question I asked before I started the exam. Although I knew there would be 20 questions, I was not sure how they would be integrated into a “practical exam”.
The good news is that I loved this exam because of the questions. It was like a digital scavenger hunt to hackers. This doesn’t mean that it was a CTF. There weren’t any crazy logic puzzles or unrealistic stego challenges. This is not a game, it’s an exam. It was still enjoyable because I was able to ask questions that could only have been answered by someone with an ‘insider’ knowledge of the network. This exam is not meant to be a trick or to assess your ability to take a test.
I was able to score enough points to pass the exam after about five hours. However, there were still a few items I wasn’t sure of so I just kept going because it was fun.
This leads us to the next question that I hear a lot…time.
“How did your time management skills work?”
These ‘time’ questions were a common topic, so let me quickly address them. If you feel prepared for the exam, which is if you have a good understanding of the courseware and can complete all the exercises, then the 72 hours they give you should not be a problem. I was actually surprised to realize that eLS had removed any time pressure from me, giving me so much of it, about an hour into my exam! This allowed me to relax, and allow me to take my time.
Does that mean that everyone will never need this much time? It’s not something I would say, but it’s perfectly acceptable if you do. This doesn’t mean that you aren’t a good pentester. It just means that eLS tries hard to ensure you have enough time for success.
“I’m new in programming. What was the required programming in the exam?
I can understand why this question was asked. You’d be tested on programming skills by the courseware’s Programming section. This is a primer in C++, Python, Bash. I hope to clarify this for you.
To be successful with the eJPT, you don’t need to know programming per-SE.
BUT…
In my exam, I used a lot programming.
eLS doesn’t restrict you in your exam methodology, tools, tactics, etc. This means that you can create and use your tools as you wish. I did. I often forget to complete tertiary tasks, or get sucked into rabbit-trails. To avoid these mistakes, I created an automated tool for scanning and counting, which allowed me to be more efficient and productive during the enumeration phase of my test. Although it wasn’t required to pass the exam this helped me tremendously.
Programming is a useful skill in almost any IT vertical. It is especially useful for ethical hacking. Nevertheless, I was very happy to see that eLS included it in their PTS course. It was a great idea.
There you have it. This certification is highly recommended if you are interested in Penetration Testing/Ethical Hacking. It really does a remarkable job of exposing your to the skills that you will need to succeed in this space.
You can find supplementary training in my “Hands on Hacking” series. I will show you how to use your pentesting skills against vulnerable system to help you create a hacking strategy.
Daniel Lowrie’s Journey To eJPT