Check Point Certified Security Administrator (CCSA)

Back in March, I did Palo Alto’s PCNSA exam. Since then I’ve been working with Check Point firewalls, so I decided to do their CCSA exam (for R81.20). Normally, I would start by looking at the exam objectives. However, in this case I can’t, because they’re behind a paywall! The nearest thing that’s publicly available …

Palo Alto Networks Certified Network Security Administrator (PCNSA)

Yesterday, I passed the PCNSA exam. I previously did the PCCSA/PCCET exam, which was more of a general overview about security concepts and the Palo Alto product range. By contrast, the PCNSA is more practical, so it’s aimed at people who do hands-on tasks with a Palo Alto firewall. In particular, it’s mostly focussed on …

My first 50 certifications

I did my first (vocational) IT exam in 1999. This was after an annual appraisal from my (then) manager, who said “I’ve spoken to lots of people, and they’re all very impressed with your work. However, there’s no way for me to quantify your performance, so you don’t get a pay rise.” Based on that, …

OSCP: Try Harder

I recently passed the OSCP exam, on my third attempt. OffSec’s slogan used to be Try Harder, and I’ve been thinking about what that means. (The slogan has recently been replaced by a 5-step learning approach: trial, failure, adaptation, growth, and triumph.) I’m quite active on the OffSec Discord server, and I’ve spent a lot …

CREST Practitioner Security Analyst (CPSA)

In May 2022, I took the CREST Practitioner Security Analyst exam. This is a multiple choice theory test, which is a pre-requisite to become a CREST Registered Penetration Tester (CRT); the basic idea is to do a theory test and a practical test, similar to getting a driving licence. There are various organisations offering training …

BCS CISMP (v9)

In March 2022, I passed the CISMP-V9 exam, and gained the BCS Foundation Certificate in Information Security Management Principles. As the name suggests, this is related to setting up an ISMS (Information Security Management System). Basically, it falls under GRC (Governance, Risk, and Compliance) rather than hands-on technical skills. So, who’s the target audience for …

Microsoft Security, Compliance, and Identity Fundamentals (SC-900)

In July 2021, I took the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam.NB The exam content has changed since then, so some of the specifics in this blog post might be out of date. According to the exam description:“Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft …