uddannelse,

eLearnSecurity Junior Penetration Tester (eJPTv1)

Christian Henriksen Christian Henriksen Follow Jan 20, 2023 · 2 mins read
eLearnSecurity Junior Penetration Tester (eJPTv1)
Share this

eLearnSecurity Junior Penetration Tester (eJPTv1)

Difficulty: Easy

Pricing: $400.00

Course Content

In order to pass this exam I took the ‘Penetration Testing Student’-learning path on ine.com. The path is structured to cover 4 tracks:

  • Prerequisites
  • Preliminary Skills & Programming
  • Penetration Testing Basics
  • eJPT Exam Preparation

I was mainly focused on the 3rd one, as the other skills seemed a bit too basic for me. The course material is giving you a very high-level overview of the different techniques related to penetration testing, like

  • Fingerprinting
  • Network enumeration
  • Vulnerability scanning
  • Web-enumeration & exploitation
  • Metasploit
  • Basic Wireshark and/or reading a PCAP file
  • Etc.

Throughout the material, there are 3 Black-box Penetration tests, and I recommend doing these before attempting the exam.

Exam

The exam experience was super fun and actually easier than I expected it to be. You get to explore various techniques to exploit the network, and it’s ideal to learn about pivoting, as the course material does not cover that.

The time frame for the exam is 3 days, and you access the exam through snaplabs, where you will get your course materials and an OpenVPN file.

The exam is a multiple-choice test of 20 questions, and you will have to use your hands-on activities to cover the questions.

I actually managed to crash one of the servers that I was trying to exploit, and while doing that I didn’t realize that I actually crashed it. So I wasted many hours trying to exploit it in various ways before actually restarting the lab, and then my first exploit worked - yay…

I think I spent a total of 4 hours on the exam, and after that, I was confident that I had enough correct answers to pass the exam.

Overall Conclusion

I think this is a very nice entry certification for people entering penetration testing, as you will get hands-on experience with a variety of tools and techniques that are often used in real-life engagements. However, if you are more experienced, I would rather suggest going for the CRTO, as this is more focused on exploiting Microsoft Enterprise environments, which is very typical to see on a pentest.

Christian Henriksen
Written by Christian Henriksen