The exam is 4 hours long and consists entirely of multiple choice questions, but unlike other multiple choice exams I have taken, this one does not let you come back to a question later, you can either answer the question or skip it entirely. The other thing with the exam that I have not encountered before is that it is an open book exam, meaning you can take whatever books and notes you want to take with you in to help you in answering the questions.

When I first found out it was multiple choice open book I wondered what the point was but after some research on the internet I soon found out that the exam covers many topics and tools and expects you to have a fairly in-depth knowledge of how they work and why. The practice tests helped me immensely in the preparation, I noted the subject of the question and made notes to get further information later on for anything I was not immediately familiar with. Further to this, experience in manual Penetration Testing and Systems Administration helped a whole lot too. Getting hands on with the tools covered in the exam is also important, for Metasploit there is the free “Metasploit Unleashed” course I have mentioned before and for the rest you can google, read man pages and search the Microsoft tech net archives.

I wont list all the software here on my site as there are lists out there on the internet and the practice exams will cover all of them too, it is worth taking a practice exam as early as possible in to your preparation, the report generated will give you a rating out of 5 in each area of focus, this will help you study more effectively for the actual exam.

So in a nutshell, if you are planning on sitting the GPEN exam I would suggest you:

1. Take your first practice exam as soon as possible
2. Note down the subject of each question as you go along (you have plenty of time)
3. Review your report and identify the gaps in your knowledge needed to pass the exam
4. Run through your notes and ensure you are comfortable and have extensive notes on the software in your list
5. Sit your second practice exam using your notes / books as you will do in the real exam
6. Study up on any remaining weak areas and improve your notes to take with you into the exam
7. Get plenty of sleep or caffeine and go pass the real exam =]

At the time I sat the exam SANS had some technical difficulties and the exam ended over an hour early, within four SANS had resolved this and I was able to complete the exam and score a pretty reasonable 93%.

I would love to attend some of the SANS training courses like SEC660 "Advanced Penetration Testing, Exploits, and Ethical Hacking" and SEC542 "Web App Penetration Testing and Ethical Hacking" but at the moment these are out of my price range and will have to stay on my "Someday Maybe" list.

The CREST exams look interesting with a mix of practical assessment, multiple choice and long form written exam questions. The syllabus looks to be well rounded covering a range of topics from both infrastructure and application testing. The NBSIE have posted some material with suggestions on how to prepare for the exam here.

Interestingly the NBISE (national board of information security examiners) in the US have teamed up with CREST and are piloting the exams in the US. Paul Roberts wrote an article over at threatpost “New Certification Will Set High Bar for IT Security Pros” which is worth a read.

Personally I think a lot more value is gained from a certification that actually tests your hands on skills rather than your ability to retain enough information long enough to pass a written exam.

I sat the exam last week and passed, which I am really pleased about. I did expect it to be harder but it was no walk in the park either, it was well designed and enjoyable. I had the points I needed after 11 hours but carried on for a good while longer, it was good to see the offsec humor present on the target machines.

Really not a whole lot I am allowed to say about the exam but it was good fun and not as painful as I expected after reading some of the experiences others have had.

I am now extending on what I have learned so far and hope to sit the second course from offensive security “Cracking the Perimeter” some time in the not to distant future.

Firstly the course does not assume too much, and you can learn everything you need to know as you go along. If you are like me though you will be itching to get started and learn something.

Course syllabus, have a look at the course syllabus and make sure you are at least familiar with the concepts of the material you are going to be learning about. Google is your friend here, I would reccomend learning a little about the tools you will be using. The syllabus and objectives can be found here.

Linux, unless you are familiar with Linux and the command line I would recommend doing some preparation, this is not mandatory as you will learn during the course but it save you time in the long run, linuxcommand.org will help get you up to speed.

Get familiar with BackTrack Linux, sounds like a no-brainer but there is a whole lot of tools included with this operating system, many of them you will be using during the course so knowing your way around the OS will help.

Programming, this is the part that had me worried. I have very little programming experience and thought that I would be really held back by this but during hte course I have written small programs in Python, Perl and edited exploits in Ruby and C, understanding how a program works will help, but knowing how to program is not essential. If you are planning to learn programming in python check out “Think Python - How to Think Like  Computer Scientist” by Allen B. Downey.

If it will be a while before you start the Pentesting with Backtrack course you may want to check out the free Metasploit Unleashed course from Offensive Security, if you can, please also consider donating some money to hackers for charity, more information on the front page of the course.

That’s all for today, hope you found this helpful. If you have some good resources to add please comment below.

Anyway, I am currently working on the PWB v3 course from Offensive Security and it is the best training course I have ever done. I am two weeks in and have learned so much already, even if I don’t pass the final exam and get the OSCP certification it will have been well worth while (I will pass the exam though, even if it takes me more than one try).

The training materials consist of a PDF file and over 7 hours of video where Mati Aharoni (muts) demonstrates the material covered in the PDF, you can find the course syllabus here and also a demo video here.

At the end of each module you are given exercises to carry out in offsecs fantastic lab network. Each student is provided with a VPN connection to the lab network, a Windows XP lab machine and a large variety of servers to practice your skills on. The course also has ‘extra mile’ exercises which will encourage you to expand on what you have learned in the course by giving you problems to solve that will require further research and learning. You are then invited to gain access to as many machines on the lab network as you can and detail all of your findings in a penetration test report.

I have not sat the final exam and don’t think I will be ready for some time yet, but I will report back when I do and let you know how I got on.