How CPENT Is Superior and Entertaining to All Other Pen Testing Certifications - Insights from A Seasoned Cybersecurity Professional Holding 45 Certificates.
Job Title: Author, Professor, Researcher, 13 Books in Cybersecurity 28 years Teaching Cybersecurity
Country: United States
Tell me about your journey as a cybersecurity professional.
It started way before cybersecurity as we know it. Before the year 2000, and even in 2000, we used to study security from a Microsoft, Cisco standpoint, and so on. And I was able to earn Microsoft and Cisco certifications. However, I thought it was not adequate for cybersecurity professionals because they see a hybrid environment in their workplace. And so, teaching them from a vendor standpoint does not prepare them for a job. My journey continued with creating curricula for students to teach them penetration testing and hacking in cybersecurity. I’ve written 13 books in cybersecurity and IT. They got translated into multiple languages, including Portuguese, Korean, and many others. point is that cybersecurity has always been a big part of my interest. And that’s why I continue to study, as it is pretty much endless. I’ve been teaching cybersecurity at higher education institutions for about 28 years. So, it is essential to embed cybersecurity at the professional level and learn what’s coming and new.
What caught your attention about the C|PENT program? How were you introduced to it?
That’s a good question. Well, before CPENT, I earned the CompTIA Pentest+ and the OSCP. They’re good certifications. I encourage everybody to take them, but CPENT is different. Because in CPENT, I saw how it prepares an individual, a professional, to be a perfect penetration tester for an organization and not just capture the flag solver. It is a tough exam. But CPENT includes topics not available in any other exam like penetration testing, scoping, and engagement like open-source intelligence or OSINT, mobile device penetration testing methodology. IoT is another component in CPENT that I have not seen in any other certification. So
CPENT carries more weight because of what it includes. It pretty much mimics a real-world penetration testing environment.
How difficult was the C|PENT certification? What was the hardest part of the exam?
Well,
As I said earlier, it’s a real-world environment. And what differentiates CPENT from other organizations offering certifications is that you must deal with firewalls. DMZ is web application firewalls and other defense mechanisms I have not seen in others. So, like I said, the time is different, and labs are crucial. I cannot tell you how important it is to take the labs. I also encourage candidates to try the pen test plus from CompTIA and OSCP. You will find out where you stand before you take the CPENT. So, it’s not discouraging.
What are 3 things that you really liked about the C|PENT program?
That is a good question.
Well, as I said, it’s real life. It is not a joke. It is not capturing the flag solver. C|PENT is a real-world environment, and you must know Kali well. So, I like that it’s the real world.
I like that it includes new topics not included in any other exam, especially the IoT penetration testing and removal device penetration testing methodology. I also find the penetration testing scoping and engagement part very enlightening. I did that before but did not do it in a structured format the way C|PENT explains it, so that’s what I like about it. Another thing I like is how you’re working on a real kali Linux machine and executing the commands. There are multiple ways of doing the same thing, and CPENT encourages that. PowerShell is phenomenal. The emphasis on PowerShell and the ability of the candidates to use PowerShell is amazing. It is a hybrid and meshed environment you will see while doing penetration testing for the organization. So, I can’t say enough good things about CPENT. I have 45 certifications in cybersecurity. I would say that CPENT was the most entertaining and the toughest exam. The exam I enjoyed out of all the 45 exams I took in cybersecurity.
I don’t feel so excited about an exam you can take by studying from a book. You read the book and take the exam if you know the content. You can take the exam and earn certification, but have you learned something? And the learning part is what makes it very interesting.
What tools or topics from the program do you use on a day-to-day basis?
Wireshark and Hydra are my two best friends. Of course, I can talk enough about shell and scripting. That’s very important. And I would not call this a tool because that becomes like eating and drinking daily for any human, so your shell is your best friend. But specifically, for the
CPENT exam, I would say that Hydra and Wireshark were my life savers.
How has the C|PENT benefitted your career?
Well, my answer would be different than a typical answer. It has benefited my career because I got the idea to write a book about penetration testing. The proposed name for the book is penetration testing from contract to report because of all the journey that professional penetration testing will take. So, I think my answer to that question will be skewed because I’m an academician. I’m an educator. I’m a professor. So,
The difference is the top five modules that come right to my head because I was amazed by them. It’s like a wow moment. Wow, you guys cover IoT penetration testing, you guys cover mobile device penetration testing methodology, or you guys cover open-source intelligence. So those are the wild things.
CPENT is different. It is real-world and includes firewalls, DMZs, WTF, and other defense measures. It is hard to compare CPENT to any other certification. It is the certification you will see as a whole or part of your job, meaning your job will be a subset of what you learn in CPENT. Versus other certifications will be a subset of what you can see in your profession. So, if you want the whole thing, CPENT is the way to go.
Certified Ethical Hacker
WE DON’T JUST TEACH ETHICAL
HACKING WE BUILD CYBER CAREERS