Published on

Junior Penetration Tester (eJPTv1) Review

Authors
  • avatar
    Name
    Nicholas Chong
    Twitter
ejptv1

Coursework

This article doesn't really go through much about the coursework but rather my experience as a someone who was new to cybersecurity.

Prior Exam:

I started studying for the eJPT before enrolling for a bachelor’s degree in information security. At that point, I had virtually no experience in the field. I spent about 2 months going through the course materials and labs. However, I did not feel ready to take the exam yet. Then school started. After the first term, there was a 2-week break. During this time, I only managed to go through the labs again, while referring to the solutions. Although referring to solutions are often discouraged, I felt that it was more productive to do so, in order to be able to visualize what the lab is about. If you are doing so, I still recommend to poke and mess around the system to observe how the tools and the system behave and react.

The short break ended, and school started again. Unfortunately, I didn't work on the coursework much due to the workload at school was a bit overwhelming and I did not want to suffer from burnout.

Exam

Around 10:30am, I started the exam. After reading the assignment and going through the files provided, I started running the tools required. I will not say what the exam is about now, but the exam is fun and thought-provoking. I know this course is aimed at those who have little to no experience with penetration testing. Several reviews say, “the materials are sufficient to pass the exam”. I would not disagree with that, but I would add: “It is also better to go through some THM and HTB walkthroughs to understand how the tools can be used against different networks”. Here is a breakdown of what I did in chronological order:

  • 10:30am Look through files given for the exam.
  • 11:00am Begin scanning
  • 12:00pm Lunch
  • 12:30pm Vulnerability Assessment
  • 2:00pm Exploitation → Enumeration → Exploitation → and so on
  • 4:30pm Submitted the exam and passed

Final Thoughts

Overall, the coursework did expose me to offensive security and giving me confidence in tackling future certifications. There are many talks on how this coursework prepares you for OSCP but in my humble opinion, it doesn't. The exam format of OSCP is way more intense than eJPT. However, eJPT does provide anyone new to cybersecurity a foundation to build on.

ejptv1-result