rabray

[rabray]

Thanks.  😀

[rabray]

Apologies for got to come back with my view on this book. http://rabray.wordpress.com/2011/05/04/social-engineering-the-art-of-human-hacking-review/

Certainly enjoyed it. Gave me ideas for things to check out further.

[rabray]

Thanks for the info. Come back to take another look. What about safari any views?

[rabray]

Not finished reading ed skoudis counter hack reloaded yet but I would recommend this. A number of core principles discussed in easy to understand manner. Providing info on the important ethical nature of pen testers. Remediation/mitigation strategy, Hoping to see a new edition.

Social engineering the art of human hacking is also an interesting read.

Web app handbook and network security assessment. Both good resources in my view.

[rabray]

Also happy to give more info about the benefits I have personally gained from taking part in a challenging and interesting course.

[rabray]

From the point of view about the books. I would say that you also read these while you study, its what I did and found them useful for areas at the time I felt a bit weak on.

I also recommend using the forums, there is quite a bit of useful information and questions/reply that I also learned things from and really helped me to develop a better understanding.

[rabray]

Anyone recommend this with a tablet or any other online book service with decent sec resources?

[rabray]

Hi,

I am pleased to be able to report back a proud holder of eCPPT.

From my own background and perspective the course and exam was a very enjoyable experience.

I had done CEH prior to this course and personally found CEH useful in giving me a foundation to approach this course. My day to day working life is not at the moment centred on security.

From my initial contact with eLearn security, I was impressed by the way I was handled as a potential customer and supported in terms of believing that I could achieve. I did ponder long and hard before I parted with my own hard earned cash.

After making my decision to join the course, I initially did feel a bit unsure in what I had bought into, mainly due to my concerns that perhaps I could not do this on my own in a distance learning fashion. But my fears where quickly put to rest, once I seen responses to my questions and I had read every post in the forums to make sure I was not adding posts already answered and just creating a nuisance of myself.

The responses I received gave me matters to think about and pointers as to where to head to next, which is useful when you’re learning; building on my understanding was a combination of taking in the good advice and information in the slides/videos and asking appropriate questions. I never felt at any time that if I had tried on my own and had to request for more info that I would not be given some sort of support, be it from someone experienced on the course or Armando the creator himself.

I would also say that network+ and CCNA came in useful, as did some of my previous studies in relation to web technology including HTML, CSS (limited PHP and SQL), a basic understanding of Linux is also helpful.

The challenge of the exam really does focus on expecting you to apply what you learn; I believe this to be an excellent approach. No exam cram sessions on this one I am afraid, if you’re really only looking for another CV filler.

I had good fun and I believe that Armando is building on its success and looking to provide new and interesting experiences for current and potential new students.

If like me you wondered if you had what it took to perform a manual web application penetration test, then this is the one for you!
 

[rabray]

Thanks folks. I hope to hear soon and will come back to you all.

It’s all part of the process.

[rabray]

Quick update. First attempt : FAIL

Not to worry you get a 2nd attempt and very useful feedback.

Armed with the helpful feedback and the various resources from both the course materials and the discussion forums I set about putting matters right (hopefully)

Got my report completed yesterday after a few hours and is back in the digital drop box awaiting review. Once again my fingers are crossed.

[rabray]

I would recommend the course.

For the cost personally I found it to be of good value. As the assessment is a practical exam then it is a bit more of a challenge I think than typical certs, Depending on your current pen test skills will determine the level of the challenge.

The forums are the main support mechanism and if your engaged with the course regular you will find these useful as you try to bridge any gaps in your understanding. Ofc you need to be patient as you wait for a response, the response times are usually quite good.

I would suggest to anyone thinking about doing it, make sure you can dedicate time!

Doing the actual reporting takes longer than you expect. Lesson learned here!

[rabray]

I am not sure about the price of the student version. I believe that this is to be set and will be public fairly soon.

Content wise this has not been made public yet but I believe it is to lead up to the Pro version so more introducing concepts and skills that you need to get you up to speed for Pro.

[rabray]

Agree with Chris on the propaganda points.

[rabray]

The event would likely be in Glasgow, if the numbers are high enough

[rabray]

With regards to the cheaper option at Elearn security. I am on that course at the moment. The web application assessment is very hands on. The courseware presents you with a number of concepts on the tools and techniques aswell as a number of training videos to get you off and running, with a focus on delivering a report like you would be expected to do as part of the job. The course also forces you to think for yourself, which in my opinion is a good thing.

The forums provide the main mechanism for support and do contain other useful information and a chance to submit questions, where either other students will assist or refer you to other external materials or you will get an answer from armando the trainer.

At the moment there is no official material for WiFi, but I’ve asked questions about this area in the forums and still recieved useful info even though its not part of the curriculum yet.

Hope this is useful.

[Author]

Posts