Today, I received an email from INE that I passed my eJPTv2 beta exam. It means that I obtained the eJPT certification again, but this time it is for version 2.
This post contains affiliate links. If you use these links to buy something I may earn a commission. Full disclosure here.
I discussed my beta exam experience here. I suggest you read it and come back to this. There might be some information that you would want to know before reading the rest of this post.
Preparation
I received an email from INE on August 8th that they selected me to participate in the eJPTv2 beta program. I started going through the material the following day and finished the videos and labs by September 4th.
As mentioned in the other post, I rushed through it because of the massive amount of content to go through in 30 days. At the time, INE said the deadline was September 8th before midnight Eastern time. Eventually, they decided to extend the program until the 19th.
eJPTv2 exam has been released!
Get your exam voucher with 3 months of INE Fundamentals Monthly for free!
While I passed eJPT last year and have participated in several CTF experiences, I know that the Penetration Testing Student (PTS) v2 course is enough to obtain the eJPTv2 certification. I also believe that the learning path is informative and builds penetration testing fundamentals. I think the PTSv2 was a lot more hand-holding than the previous PTS version.
Exam results
I am intrigued by the exam results. I do not know how they assign values to the following. I felt like I performed all of them, but maybe my answer was incorrect. I wish I had more details about the scoring, but I know it will never happen.
For example, I scored zero on the conduct brute-force login attack. I do not remember needing to perform it, but I found the answer by other means. Though I am unclear if the question that I am thinking of is the one that points to this one, I feel like it is.
Another example I do not understand is the “demonstrate pivoting by adding a route” section. I know I did that because I found the answer to one of the questions related to that.
Tips
I think it is safe to say that people read these posts to get some tips for the exam. I can only tell you stuff that I believe is not against the terms and conditions, so do not expect me to reveal anything specific about the exam.
Without further delay, below are my tips to pass the exam on the first attempt in no particular order.
- Make sure you have a good grasp of the PTSv2 course.
- Avoid distractions during your exam as much as possible.
- You can skip questions if you are stuck with one question.
- Effectively enumerate ports, services, etc. This step is vital for a successful exam attempt.
- Understand how the tools will help with your attacks.
- Do the labs twice or more if you are new to penetration testing.
- Create notes as you go through the slides, videos, and labs.
- Do not give up if you cannot answer multiple questions. A different approach will come to you, but you might have to break away. Remember, you have 50 hours to complete the exam, do not be afraid to step away if you cannot answer the questions.
Is it worth it
As of this time of writing, I found 15 jobs in the US on Indeed.com using the eJPT as the keyword. This search result is a 275% increase compared to my search last year. While it seems like it is gaining popularity, PenTest+ is still more popular. I found over 300 jobs in the US on Indeed.com using PenTest+ as the keyword.
With that said, if you are looking for a penetration tester job, this might not yield one. However, I remember hearing a story about a person who successfully transitioned to a Junior Penetration Tester role with this certification.
If you are looking from the learning perspective, I think subscribing to the INE Premium plan and taking the eJPTv2 is worth it. With the INE subscription, you get a bunch of access to plenty of courses for one year.
For someone who took the previous eJPT exam, I think it is not worth it to pursue this certification. While INE increased the exam’s difficulty level, I believe you do not have to take the updated version. You can move on to eCPPT, PNPT, or OSCP.
Final thoughts
If you are new to penetration testing and want to learn it, I believe this is a great way to learn and earn a certification at the same time. Of course, there are other ways to learn penetration testing, like TryHackMe, HackTheBox, PNPT, or OSCP. But, if you want a practical and beginner-level certification exam on your resume, then eJPTv2 might fit the bill.
While I might sound like I was complaining about the massive content of the PTSv2 course, it was from the perspective of someone who took both PTSv1 and eJPTv1. However, I believe they covered the fundamentals of penetration testing, and I recommend taking the course to someone new to the topic.
You might like to read
Disclosure
AndrewRoderos.com is a participant of a few referral programs, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to company websites.
