How did my journey to Licensed Penetration Tester (Master) Certification begins and ends. My own thoughts. #LPTMaster #penetrationtesting #infosec #eccouncil @ReadynezSocial @ECCOUNCIL

My journey began 2018-07-09 at Readynez ( Örenäs Slott) a rely warm summer week for Sweden anyway, almost 30 degrees Celsius. Here is what I think about about the journey that I choose to take.

LPT-Master-Logo

CEH Course

There is a lot talk about this course on social media. But for a beginner like me this was a great course. Of course it depends on the teacher (as always). I had the privilege to have a great teacher (Jens Gilges). He is the teacher that go the extra mile for his students.

My thoughts about this course is that everybody that works in IT would benefit a lot of the content. In IT this should be mandatory. The books contains a lot of information, prepare your self to read a lot.

LPT Course

If you take the theoretical stuff out of CEH course add more advanced stuff you get LPT. This is a really hands on course. I like those, I am a practical guy.

This is the course where you keyboard is burning, and will prepare you for the LPT exam.

I liked it a lot because of the practical side of the course.

CEH – Test

1 test with 125 Questions. Not much to say about this. Read the books and you will get this one.

CEH – Practical

6 hours pentest in a closed environment.

Get used to US keyboard, get used to work in web browser.

You can only use one monitor, no dual screen and it is proctored all the time.

No Linux, you need to run Windows or Mac on the machine.

You will get access to your environment thru a web browser.

1 Windows box and 1 Kali Linux box.

You will get 20 questions to answer. A question can be like this.

What is Roger Berglings social security number.

To get to this information you need to compromise machines and get access to a MySQL database and extract that information.

Put the answer into the Questions box, and do the next one.

My tip here is:

Read all the questions first (20) 2 pages on the question bar!

Take it easy.

To pass you need to complete 15 of 20 questions.

You will get Pass or Fail the same time you commit the test.

 

LPT Master – Test

The layout of the test is the same as CEH Practical. But less questions.

The test is divided into 3 days event. 6 Hours per day a total of 18 Hours.

You can schedule the test like this:

Monday 13-19 Level 1

Wednesday 13-19 Level 2

Friday 13-19 Level 3

Level 1 3 questions

Level 2 3 questions

Level 3 3 questions

You need to get 1 questions at least to get to new level. And you need to to have 5 answers in total. So 1+2+3 is fine, also 2+2+1 is also fine.

Then you need to submit a Penetration test report. This report then get reviewed and the you get pass or fail. For me, the review took 12 days. But it was during holiday. I think it is max 10 working days you need to wait.

Because of the report writing, document everything you do, and the findings you get.

I used Cherry tree to take notes, and do screenshot of the results. It is easy to forget stuff when you are typing the report if you do not document everyting you do.

The test is a open book. So it is possible to search internet for tips and tricks. But from the test environment it is not.

Timeline

LPT Timeline

 

 

Links:

CEH

https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/

https://www.eccouncil.org/programs/certified-ethical-hacker-ceh-practical/

LPT

https://www.eccouncil.org/programs/licensed-penetration-tester-lpt-master/

Aspen

https://aspen.eccouncil.org/

Test your PC

https://proctor.examspecialists.com/User/TestEquipment.aspx

Buy Test

https://store.eccouncil.org/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.