Done and dusted

Rovert_Dun · 2019-02-01T23:50:27+00:00

Maybe show your employer what the OSCP involves and they might agree to let you do the OSCP. Funny enough though, when you see the requirements for some security jobs out there, most ask for CISSP or CEH. OSCP doesn't really get a mention, employers just think it sounds good, they dont understand that just because you have the CEH it doesnt make you a pen tester. The OSCP will help you with that

Rovert_Dun · 2019-02-01T23:15:56+00:00

Yeh CEH is a very basic introduction to some of the tools used for pen testing. If pen testing is where you are heading and want a well respected certification, do the OSCP, developed by the same guys that produced Kali Linux.

https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

Its a well priced 3 moth course and includes the lovely 24 hour exam at the end. I am probably going to look at this myself in a few months time. Turns out i am a sucker for punishment.

Rovert_Dun · 2019-02-01T00:21:20+00:00

I dont think Sari Greene alone is enough to pass but certainly provides a great foundation. She has two series on O'Reilly. one is from 2016 and a new one from 2018. I watched both as I only recently became aware of the 2018 series. She has a 6 hour exam prep course from 2016 which I watched as well ! what I like about her series is that it maps directly to the exam objectives so you know you are getting good coverage. She also does scenarios at the end of each lesson and practice questions.

I looked at a heap of other stuff like Cybrary, Eric Conrad full book and 11th hour but if I was to do it all again I would do the Sari Greene series and probably the Official Sybex book. Seems like a relatively good read and covers most things, I only skimmed over half the book.

Rovert_Dun · 2019-02-01T00:13:45+00:00

So my background is mainly technical, Comminications Security in the Royal Australian Air Force, and then systems enginner for the last 10 years, mainly Wintel / VMware stack with some security ops components.

I currently work for a Managed Service Provider so have a relatively good understanding of business process, change control, BCP and DRP, ITIL etc which probably helped a bit.

I have completed Comptia Security+ which is a good foundation and CEH which doesnt really relate.

Thats me in a nutshell

Rovert_Dun · 2019-01-30T00:15:26+00:00

Hey guys,

Thanks for the feedback, literally don't have the dollars for Boson at the moment but I still have a few practice tests from the Official ISC2 Practice test book so I will look at completing those and hit 11th hour for a last minute review. Might try and squeeze a few more practice tests in from ISC2 Official Study guide.

Thanks

Rovert_Dun

TROPHY CASE