Tech blog
In Oct 2023, I took the CCSA exam. In Dec 2024, I followed this up with the CCSE exam. NB You have to pass the CCSA before the CCSE, but it doesn’t have to be active. I.e. it still qualifies after it’s expired, as long as it’s for a recent version. In my case, I …
Continue reading “Check Point Certified Security Expert (CCSE)”
Back in March, I did Palo Alto’s PCNSA exam. Since then I’ve been working with Check Point firewalls, so I decided to do their CCSA exam (for R81.20). Normally, I would start by looking at the exam objectives. However, in this case I can’t, because they’re behind a paywall! The nearest thing that’s publicly available …
Continue reading “Check Point Certified Security Administrator (CCSA)”
Yesterday, I passed the PCNSA exam. I previously did the PCCSA/PCCET exam, which was more of a general overview about security concepts and the Palo Alto product range. By contrast, the PCNSA is more practical, so it’s aimed at people who do hands-on tasks with a Palo Alto firewall. In particular, it’s mostly focussed on …
Continue reading “Palo Alto Networks Certified Network Security Administrator (PCNSA)”
I did my first (vocational) IT exam in 1999. This was after an annual appraisal from my (then) manager, who said “I’ve spoken to lots of people, and they’re all very impressed with your work. However, there’s no way for me to quantify your performance, so you don’t get a pay rise.” Based on that, …
In March 2023, I passed the OSCP exam, to become an OffSec Certified Professional. Combined with the CPSA, this also made me a CREST Registered Penetration Tester (CRT). The OSCP is sometimes described as an “entry level” pen testing certification, which can be a bit confusing. It’s certainly not aimed at beginners to IT! For …
I recently passed the OSCP exam, on my third attempt. OffSec’s slogan used to be Try Harder, and I’ve been thinking about what that means. (The slogan has recently been replaced by a 5-step learning approach: trial, failure, adaptation, growth, and triumph.) I’m quite active on the OffSec Discord server, and I’ve spent a lot …
In Feb 2023, I took CompTIA’s CASP+ (Advanced Security Practioner) exam, and I passed first time. I used Jason Dion’s Udemy course to prepare for this. That was the only specific training that I did for this exam, but I also spent the previous 6 months preparing for the OSCP, and I have prior knowledge/experience.
In May 2022, I took the CREST Practitioner Security Analyst exam. This is a multiple choice theory test, which is a pre-requisite to become a CREST Registered Penetration Tester (CRT); the basic idea is to do a theory test and a practical test, similar to getting a driving licence. There are various organisations offering training …
Continue reading “CREST Practitioner Security Analyst (CPSA)”
In April 2022, I did a beta exam for Project+. The beta exam was PK1-005, and then the “real” exam was released as PK0-005 (which is what shows on my exam history at CertMetrics). Beta exams aren’t free, but they’re significantly cheaper than a normal exam. In this case, it cost me £30 rather than …
In March 2022, I passed the CISMP-V9 exam, and gained the BCS Foundation Certificate in Information Security Management Principles. As the name suggests, this is related to setting up an ISMS (Information Security Management System). Basically, it falls under GRC (Governance, Risk, and Compliance) rather than hands-on technical skills. So, who’s the target audience for …