Palo Alto Networks Certified Network Security Administrator (PCNSA)

Yesterday, I passed the PCNSA exam. I previously did the PCCSA/PCCET exam, which was more of a general overview about security concepts and the Palo Alto product range. By contrast, the PCNSA is more practical, so it’s aimed at people who do hands-on tasks with a Palo Alto firewall. In particular, it’s mostly focussed on …

My first 50 certifications

I did my first (vocational) IT exam in 1999. This was after an annual appraisal from my (then) manager, who said “I’ve spoken to lots of people, and they’re all very impressed with your work. However, there’s no way for me to quantify your performance, so you don’t get a pay rise.” Based on that, …

OSCP: Try Harder

I recently passed the OSCP exam, on my third attempt. OffSec’s slogan used to be Try Harder, and I’ve been thinking about what that means. (The slogan has recently been replaced by a 5-step learning approach: trial, failure, adaptation, growth, and triumph.) I’m quite active on the OffSec Discord server, and I’ve spent a lot …

CREST Practitioner Security Analyst (CPSA)

In May 2022, I took the CREST Practitioner Security Analyst exam. This is a multiple choice theory test, which is a pre-requisite to become a CREST Registered Penetration Tester (CRT); the basic idea is to do a theory test and a practical test, similar to getting a driving licence. There are various organisations offering training …

BCS CISMP (v9)

In March 2022, I passed the CISMP-V9 exam, and gained the BCS Foundation Certificate in Information Security Management Principles. As the name suggests, this is related to setting up an ISMS (Information Security Management System). Basically, it falls under GRC (Governance, Risk, and Compliance) rather than hands-on technical skills. So, who’s the target audience for …

Microsoft Security, Compliance, and Identity Fundamentals (SC-900)

In July 2021, I took the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam.NB The exam content has changed since then, so some of the specifics in this blog post might be out of date. According to the exam description:“Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft …

Microsoft Azure Fundamentals (AZ-900)

In May 2021, I took the Microsoft Azure Fundamentals (AZ-900) exam. This is similar to Microsoft 365 Fundamentals (MS-900), i.e. it’s asking about what the technology does rather than how you use it. However, I thought this was a better exam than MS-900, i.e. it was more relevant to what you actually need to know …