A few weeks ago, I received an email stating that I had passed the eJPTv2 certification. I wanted to share my perspective on the exam and how to prepare for it.
The exam consists of 35 questions with a passing score of 70%. You have 48 hours to complete it. The exam is an entry-level certification aimed at people looking to get a fundamental understanding of penetration testing. If you are brand new to the realm of cybersecurity, I highly recommend this certification! It will provide you with the fundamentals of various attacks and methods used during a penetration testing assessment.
Start with TryHackMe
I have been using TryHackMe for about two years now, and it has helped me learn most of the techniques used in penetration testing. Going into the exam, I already had the eJPTv1 and eCPPT certifications, so I didn't need extensive preparation. I did go through the eJPTv2 course, which has about 144 hours of easy-to-understand content.
Since this is an entry-level certification, don't expect to see anything complex or advanced, such as firewall bypass techniques. The course covers the basics of information gathering, enumeration, scanning, vulnerability assessment, network-based attacks, exploitation, privilege escalation, pivoting, and more.
A Word About Scoring and Browsers
I have seen articles about the way the exam is scored and how it can be confusing. The exam requires that you pass with an overall score of 70% or more. There are four domains that have specific tasks that need to be achieved to pass the certification. Each domain has different score levels that you need to pass. However, you must pass all the domains to pass the certification. For example, if you pass three out of four domains, you will fail the exam. They want you to not only answer the 35 questions but also prove that you learned all the techniques specified within the course.
One downside was the in-browser Kali machine. I wasn't expecting the exam to be in a browser. I tried to copy and paste out of the in-browser VM, but it didn't work. It took about two hours to finally get copy and paste to work. INE provides you with the necessary tools, but I was unable to download external tools during beta.
Helpful Tips for Your eJPTv2 Exam
Here are some helpful tips for people wanting to take the eJPTv2:
Take your time! Being patient and understanding the material is more valuable than the exam. Education is where you grow and learn. If you try to rush the training without any preparation, you have a higher chance of failing.
When studying, focus on material that you're having trouble understanding. Sometimes when taking a course like the eJPT, it can be frustrating not knowing what the instructor is talking about. If you're having issues understanding what's going on in the video, try looking at articles or a different video explaining the same concept. YouTube and Google are your friends too! You don't just need to work on the INE material. Expand your horizons and see what other cool stuff you can discover.
Leverage TryHackMe – it’s a valuable resource! This hacking platform has everything you need to understand the fundamentals of penetration testing. They have a ton of Capture the Flag (CTF) challenges to help you practice various attack vectors. In the resource section, I've listed a few TryHackMe rooms to try. If you can complete them, you're on the right track for passing the eJPTv2. Remember that these rooms are not the only resources you'll need to pass. You'll still need to identify your weak points.
Remember, the questions on the exam are meant to help you, not trick you. If you get stuck, look over the questions and see if any of them stand out. They may contain clues in them about what the next steps are.
Additional Resources for the eJPTv2 Exam
Overall, I felt the exam was fair. The training that was provided was very informative and should be sufficient to help you pass the exam. Here are some additional resources.
Some TryHackMe rooms: Blue, Ice, Blaster, Pentesting Fundamentals, Ignite, Blog, Startup, Chill Hack, Bolt, VulnNet: Internal, ColddBox: Easy, Poster, GamingServer, Brooklyn Nine Nine, Skynet, Wonderland
Thanks and good luck!