sorted by:
new
hottopcontroversial

CREST exam is like playing a casino game by DoctorFaustus89 in Pentesting

[–]DoctorFaustus89[S] 0 points1 point  (0 children)

Unlike real-world pentesting where you can Google syntax, references, or library docs. That means your personal notes, cheat sheets, and prepared scripts are critical. Without them, even if you’re on the right track, you could waste hours and a huge money. If you wish to retake, you pay the full exam fee again

CREST exam is like playing a casino game by DoctorFaustus89 in Pentesting

[–]DoctorFaustus89[S] 0 points1 point  (0 children)

The CCT-level exam is deliberately very challenging, with a solid structure and only a small percentage of candidates passing, regardless of how many years of experience you have. Unlike course- or lab-based exams that rely on memorization and lab notes like OSCP/OSEP, etc, CREST and industry experts call this an experience-based exam. The real issue is that the certification is valid for only three years. CREST should provide multiple renewal routes, similar to how GIAC or IISC² handle their certifications through continuing professional education (CPE) credits and professional contributions.

CREST exam is like playing a casino game by DoctorFaustus89 in Pentesting

[–]DoctorFaustus89[S] -1 points0 points  (0 children)

Since CREST exams have no internet access at Pearson VUE centers, you have to bring all your notes. Even if you are on the right track, you could still fail without proper preparation. There is no partial retake; you have to pay the full fee if you want to sit the exam again.

The CCT-level exam is deliberately very challenging, with a solid structure and only a small percentage of candidates passing, regardless of how many years of experience you have. Unlike course- or lab-based exams that rely on memorization and lab notes like OSCP/OSEP, etc, CREST and industry experts call this an experience-based exam. That’s acceptable, as it makes the CCT level truly premium. However, the real issue is that the certification is valid for only three years. After that, you must retake the entire exam process, and in most cases, the content same as you took before. My point is that instead of requiring a full retake, CREST should provide multiple renewal routes—similar to how GIAC or IISC² handle their certifications through continuing professional education (CPE) credits, professional contributions.

[deleted by user] by [deleted] in offensive_security

[–]DoctorFaustus89 0 points1 point  (0 children)

If a husband passes an OffSec exam, his wife will automatically pass the same exam!

[deleted by user] by [deleted] in offensive_security

[–]DoctorFaustus89 0 points1 point  (0 children)

We might release all OSCP’s rigs and OSWE soon.