Category Archives: Certified Ethical Hacker

Passed the Cloud+ (CV0-002) Exam. Next Focus is PenTest+ Exam

Posted on by
1

Managed to pass the most recent version of the Cloud+ exam, avoiding the loss of that certification (had a February 2019 deadline). Moving on to the new PenTest+ certification exam. I did take the Pentest+ “train the trainer” class taught by T. Lee McWhorter, Jr. in June and July, but wanted to knock off the Cloud+ for certification maintenance purposes. Score was not exactly great (784/900), but a little margin of comfort above the 750 minimum score. Always questioning the value of the designated performance based questions, I did look at them but can’t really say that I spent much time trying to answer them correctly. That lack of attention probably helps explain why I did not break 800.

The  CV0-002 Score Sheet is available for viewing. As with past activities, I want to provide useful help. My initial focus on the exam was to use the e-Book titled CompTIA Cloud+ Study Guide, 2nd edition, authored by Todd Montgomery and Stephen Olson. I found the book very helpful in terms of providing an update for my study purposes. Following my usual pattern, I created a “worksheet” by copying and pasting the CV0-002 Exam Objectives into a table in a Microsoft Word document. The “worksheet” is available for download.

I’ll try to upload study aids I develop for the new PenTest+ exam. The book I’m using, with a heafty 423 pages, is the CompTIA Pentest+ Study Guide by Mike Chapple and David Seidl. An additional book that is worth having is Penetration Testing – A Hands-On Introduction to Hacking by Georgia Weidman. The “worksheet” I’ve created for this exam is available for download. From what I’ve been able to ascertain based upon forum postings, you will need to have a good handle on Nmap and other open source tools in order to have a successful experience with the exam. A good review of the PenTest+ exam is provided on the Tevora blog site, available by clicking HERE. It does a good job of comparing this exam to the EC-Council’s Certified Ethical Hacker (CEH) exam. Other exam reviews that point to study resources include those provided by Jon Wood, Alpine Security, and a video created by Motasem Hamdan.

Additional resources available on the Internet include:

I hope to be in a position to take the exam by late January. I need to get through it, and start focusing on the new CASP exam, as it looks as though I’ll lose that certification if I do not meet the continuing education requirements by May 15, 2019.

HackNet, a Diversion from Certification

Posted on by
Reply

Before I start my primary focus of this post, I want to briefly update my certification goals. With the release of the two new exams (220-901 & 220-902) for the CompTIA A+ certification, I plan to take both of those sometime in January or February. I’ll follow that up with the CompTIA Server+ exam (SK0-004) before turning my sights to the (ISC)2 CCFP exam that I need to complete by the end of June in order to take advantage of the free exam voucher the organization provides to faculty.

My new focus, in part driven by my desire to improve content for my College’s CIS 152 Ethical Hacking course, is to try and “master” the HackNet game available through Steam. This simulated hacking exercise has received a large number of favorable reviews, and I’m thinking as I continue to play it that it may prove to be a valuable tool, providing students with “hands on” experiences in a safe environment to practice their investigative skills. I’d encourage you to give it a try. At a cost of less than ten dollars ($10), it certainly makes sense if you are interested in learning how hackers operate.

To help you in your efforts, I prepared, based upon game content, a list of commands that are utilized in HackNet. The list of commands can be accessed HERE.

Steve