Monday, November 30, 2009

The Last Several Weeks

I noticed that I had not written anything since the middle of the month. Since the first of the month, I have been studying via an online course on Network Penetration Testing. It was a relatively inexpensive course, only $550 for 30 days. I needed the Continuing Education credits to keep my CISSP certification. For over three weeks, I studied 10-12 hours per day. I shot myself in the feet a few times. I underestimated how thoroughly they wanted the exercises documented and I had to go back and redo some exercises using an XML editor called Leo. That in itself took two full days. It also took me two days to get through their final challenge. I signed up for the certification exam almost immediately after finishing the course. I had an inkling that their pass rate was low. The exam is also 24 hours long. Out of five systems I was supposed to break into, I succeeded with one and got local access on another. Pretty poor showing. I am awaiting word from them on my results. Since I didn't pass, I will have to take the exam over which is another $60 which is cheap. My question though, is will I need a third attempt, and am I allowed three tries or more in order to pass?

I haven't named the company for fear of driving people away. Their class is worth it even if one fails because you learn a lot of practical hands-on knowledge. Most security classes that I have taken are aimed at high school level intellects and aren't very challenging. They are mostly rote memorization. This course could be considered a practical lab course, and it was possibly graduate school caliber. I could be wrong, since I was never a Comp Sci major in college, but the amount of effort I had to put in was graduate school level.

After I had bombed the exam, I spent Thanksgiving with a friend and his family. I did absolutely nothing the last four days, but relax and read science fiction short stories. I tried to stay away from computers. But with the start of a new week, I have to start preparing for the next attempt. So, I am researching exploits against Linux and Windows systems. I also plan to study for another IT Security exam and take it before Christmas in case I just can't pass this trial. If I had put the amount of effort into the other exam that I put into this course, I'd be done by now with that exam. Oh well, hindsight is 20/20.


Good luck with your future exams John. It sounds like the strategy of the security course was to experience the hacker point of view. Ironies everywhere.

Take care

Post a Comment

Links to this post:

Create a Link

<< Home

This page is powered by Blogger. Isn't yours?