Sunday, April 29, 2012

How to fail a certification test

My last post was all about Goals for 2012, and I will tell you I am already failing them. I have had a lot going on personally, nothing bad, just a lot going on right now. The only thing I have completed so far is I took the Offensive Security Pentesting with Backtrack class.

I highly recommend taking this class to anyone who works in Information Security. If you think a pentest consist of running a vulnerability scan and then maybe using metasploit to pop a system, you MUST take this course.

What I enjoyed about this class was the chaos in the labs. Most classes have labs were you follow a set procedure and you have root/admin. In the real world a pentest is not like that. Basically you are given a network address and told to attack. From there you penetrate further into the network using any number of techniques.

After the lab time expires you can register for the certification exam. The certification exam is like the lab, a number of systems must be rooted in a 24 hour period.

After registration I was prepared to sit the exam. When doing a test like this, I know when you get stuck on something move on to something else can come back later. Additionally, take breaks often to mentally recharge. I always do this for these types of test, except this time. I spent 18 hours on one problem with one 10-minute break, and made stupid mistake after stupid mistake. I lost complete confidence in myself after this and went to bed wiped out. I got about 4 hours of sleep, and pounded away to finish up and promptly fail the exam. Although I failed the exam I learned a lot during the experience, and I don’t mean technically. I plan to sit for the exam again in a couple of weeks, and this time I will much more prepared. This time, I am sitting a maximum 15 minutes on a problem and then moving on.

To summarize, on how to fail at a hands on certification, go in with a game plan and at the first issue throw out the game plan. Even though I failed the OSCP first time around, I will pass it. I failed the exam, not because I didn't know what to do, I failed it because I did not stick to my game plan. Next time I wont make that mistake.
Site Meter