A coworker pointed out in mid-April that CompTIA had a $50 USD beta exam for the PenTest+ certification. I’ve never heard of this cybersecurity certification. I signed up for it anyway since I work in government IT for a three-letter agency. If I passed, I would get a $370 USD certification for $50 USD. If I failed, I would have taken my first certification exam in 15 years. After ten weeks of studying, I took the beta exam this week. It was an interesting experience.
STUDYING THE STUDY GUIDE
After I signed up for the beta exam, I bought the “CompTIA PenTest+ Certification Bundle” ebook. I spent a month reading the study guide from beginning to end. What kept jumping out at me was the frequent references to Kali Linux. A specialized Linux distro with all the cybersecurity tools pre-installed.
I pulled out an old Dell laptop and installed Kali Linux. After poking and prodding for a few days, Kali Linux needed its own study guide. I bought the “Kali Linux Penetration Test Bible” by Gus Khawaja. After glancing through that book, Kali Linux should have been a requirement for the certification.
HANDS-ON EXPERIENCE (OR LACK THEREOF)
The PenTest+ certification calls for three to four years of hands-on experience. As a system administrator, I validate the monthly Nessus scan data and remediate any outstanding issues. That means I’m slicing and dicing spreadsheets with 200,000 items to find the 5,000 items to remediate. Seven years of Microsoft Excel wasn’t going to cut it.
RESCHEDULING THE BETA EXAM
I had to reschedule the exam from Memorial Day to late June. I got the first dose of the Pfizer COVID vaccine on Friday before Memorial Day weekend. My concentration went to hell for a day. I got the second does a week before the exam. My concentration went to hell for two days.
I tried to reschedule for a second time to get more time studying. That option wasn’t available in the Pearson Vue website. If I wasn’t ready after ten weeks of studying, oh well.
PC COMPATIBILITY (OR LACK THEREOF)
The biggest challenge for taking an online exam at home was finding a compatible PC. My editing PC failed the hardware check because the exam software couldn’t find the webcam and the microphone. Never mind that every other software I had worked with the webcam and the microphone. I swapped out the editing PC for my test PC that had a fresh install of Windows 10.
TAKING THE BETA EXAM
The beta exam had more questions and more time to answer than the regular exam. My approach to taking an exam is to read, understand, and answer each question in two minutes or less. Most questions are answered in one minute or less. I got this exam—like all my previous exams—done in 90 minutes.
NITPICKING BETA EXAM
My impression of the beta exam can be broken into three parts.
- Half the questions were familiar.
- Half the questions were unfamiliar.
- The command line questions were overwhelming.
Familiar and unfamiliar questions was what I expected on the beta exam. Familiar questions came from the old exam and covered by the study guide. Unfamiliar questions should appear on the new exam and covered by an updated study guide.
My problem with the command line questions came from my lack of hands-on experience. If I were to take the exam again, I would flag all the command line questions for review. After I answer all the other questions, I would use the remaining time to answer the command line questions.
Because this was a beta exam, I won’t find out about the results until the new exam goes live in October. I’ll get a snail mail from Pearson Vue informing me of the results. If I pass the beta exam, the new certification will show up in my CompTIA account.
My plan for the next three months is to keep studying for the PenTest+ certification. Dividing my time between Kali Linux and the study guide. If I failed the beta exam, I would wait for an updated study guide before scheduling the new exam later this year.