I've also done the beta exam for this new version of the Pentest+, the PT0-002 and I agree with you! I saw some effort by Comptia, trying to bring some relevant concepts but it is as you say... it falls short when it comes to the practical part of it. Ethical hacking/Pentesting is a practical subject and there's no way around that. The best way to learn is to get your hands dirty and learn by doing! So maybe they should add a Practical Section as you suggested! Thank you taking the time to make this video Heath ♥
You're quickly becoming one of my favorite channels. I'm trying to build a foundation to break into the field and you have literally been an invaluable resource, thank you so much.
My take on Pentest+ and the "is it worth it?" question: Pentest+ will be of limited value when it comes to "getting jobs", but it does a decent job of introducing a student to the foundational knowledge needed for corporate pentesting. * If you have zero professional experience and need a first leg-up -> Maybe. * If you need a DoD 8570 CCSP approved cert -> Yes. * If vacancies you're interested in ask for it -> Yes. * Do most jobs require it -> No. * If you're outside of the USA -> less so, because CompTIA is less * If you want a stick at your back while studying, forcing progress -> Yes. Basically, I fully agree with you Heath.
Name another person in the cybersecurity and cyber education field who is as helpful, straight-forward, and easy to understand as TCM? You can't, because he is the best. Because of his courses like Practical Ethical Hacking and the PNPT exam, which I am going to take soon, he has provided an incredibly helpful road map for people like me who are trying to break into the ethical hacking field. Making a career change in your 30's is daunting, but Heath, you have been a huge help and I can't thank you enough!
To answer your question, Black Hills Information Security, Wild West Hackin' Fest, John Strand, and an entire host of their friends, peers, and colleagues who are consistently offering in depth training at affordable prices and also pay-what-you-can. Heath and TCM Security are doing an incredible job as well. Hats off to everyone who is putting that knowledge out there for the community.
I dont think the Pentest+ holds any pentester value. I think its improperly named. It should be considered a blue team cert. I found it to be a waste of my time.
I think you’re right, the name is kinda misleading. If they changed the name to something that reflects the forensic/defensive concepts the exam covers it might hold more value. A number of questions in the 002 exam were about identifying code that had been run on your systems, and/or choosing what could have mitigated it
Multiple choice is multiple choice. More and more employers are not only doing technical interviews, but taking it a step further with hands on/simulated environment to test your skills. Penetration testing & red teaming is also not typically considered “entry level”.
Great video. Thank you. I started on my study journey on this not fully knowing where I want to be in cyber (blue team?red team?) and found pentesting concepts interesting. I am going to stick with it since I am more than halfway through studying for it. I'm told by some industry experts I know that while its true it won't likely get me in the door to pentest, it can still help to obtain something like a SOC analyst role, just for the fact that it gives you a good runthrough of many of the offensive fundamentals that are valuable even on the defensive side. Obvious CYSA+ is the SOC Analyst-type cert and I think I might go for that afterward. My goal right now (5 years in IT Support) is not really to obtain a pen test role, which honestly is out of my league, but rather to get into an IRA or SOC role. I know Comptia certs are entry level compared to ones like OSCP, but if either of these has what it takes to slide me into a SOC role (and especially if the company pays for it), it seems 100% worth it. Super informative video though. Thank you.
I have CEH (Practical) and would compare it to eJPT. Not a whole lot better than CEH in terms of content. If you can afford to do it or just want to pass it and have it, great. Not super worth it imo
yeah, I kinda felt like the CySA+ is the same way...I have it and really haven't had any additional bites on job offers. I took the Pentest+ beta as well, and bombed it...it was almost too much programming for a sys admin to understand...then again it was a beta and no study book was available at the time.
I took the Pentest+ last year after finishing CySA+ which contains roughly 30% of what is on Pentest+. Failed first time then passed the second. Is the cert worth it? Everything TCM has stated is on point. I'd also just add this cert maybe of some value if you're just seeking a high level understanding of what pentesters do prior to going for certs like CASP+, CISSP and even CISM or any other tech lead/managerial position in the cybersecurity market. If you're managing a cybersecurity team, having this cert can at least give you the understanding of what's going on without going way deep on the tech side.
Thanks for your review, I was actual thinking about taking the exam. But now I would like to know witch exam/study you would recommended to take instead of this one? As you say, a more practical, usual day to day certification that will be more useful.
I recently completed Ibm python data science certification in February. wanted to learn web vulnerability reporting to implement machine learning algorithms on gathered data to simplify hacking.
What do you think about eJPT?? I am starting and I thought that getting this cert instead of spending waay more time than I have to prepare for the OSCP. The eJPT cert would be my foothold for jobs. What do you think? Thanks Heath for these videos!! 🙌🙌🙌
@@TCMSecurityAcademy my bad you guys are right, I thought it was practical. So, what practical cert would you recommend for a beginner? Is the OSCP the only worth cert??
so Heath , can you give us any recommendations aside TCM courses, because I kinda of planned to take pentest next month but uve kinda change my mind now..
Do you think this is worth having if your focus is blue team? I'm currently going for the CySA+ and wasn't sure if it's worth the studying and test-taking to go for the Pentest+ if I just want a foundation of pentesting knowledge.
Hey Maurice! I have both, and the Pentest+ is very good if you just want to have a foundation of Pentesting Knowledge. But you don't actually need to go for the exam to get that knowledge. There's a lot of great and relatively cheap courses (TCM has the PEH) for you to learn from :)
Wow! Thanks for dropping "gems"! I was really thinking that I needed to go after that cert but focus my pathway on becoming a "red teamer". Thanks for the info!
I took the beta. Now, I had just passed the Security+ exam and at the time I had 0 days experience as a cybersecurity engineer, so I failed miserably (I didn’t study because there really wasn’t much out there at the time) it seemed like an ok test. Definitely wasn’t easy but I figured for $25 (I think that’s what it cost me) why not give it a shot.
Just subscribed to your channel. Congrats on bringing good information and not trying to act like some zaney zonky crack head like half the other IT TH-camrs out there haha 🎉.
Found your channel recently, thank you for the informative content! About the academy, do you have any wireshark content? By a quick peek I did not find any.
What certs do you recommend if not pentest+ for someone that wants to get into ethical hacking? I have my Sec+ and am proficient in using Linux, so this was gonna be my next step.
I ALSO took the beta and passed whatever v1 of the exam was 4 years ago... I DID get into a security job. But not to perform penetration testing. I ended up needed a break from security work (at an MSP) and let the cert lapse because... working on oscp. My python section in the exam was string slicing. Thanks for the overview Heath - hoping to this give those unfamiliar a perspective
I'm about to enroll in a bootcamp where I'll het the following certs... Just wanted to know what job I'll land with these certs and the average salary.. I have zero IT experience... the certifications are as follows the trifecta, Linux, cloud, server, and pen test?
Thanks so much! I still think I'm going to go for the Pentest+, personally. I would love yo see a video of all the certs you do recommend for beginners.
Hello Heath, Love from India. I follow your videos alot and i also have bought lot of courses from TCM. Thanks for creating such courses. It has helped me to achieve my dream job. I have a request for you. Can you please create a video/playlist on how to bust scammers, paid or free , anything will work. I need to learn how i can bust scammers online so that i can give some contribution to this industry and help people to leave this scamming buisness by catching them. There are people who are doing it on TH-cam but i am curious to know how do they do it. Thanks.
I appreciate you for sharing for hands-on point of views. I hope alot people can see this video and also your other videos on how to break into the industry. Thanks
I took it in beta too as just a "whatever, it's cheap" cert. I had just failed my OSCP and didn't expect to do well but did pass and get the cert. I attribute my pass to good guessing, strong coding skills, and tool familiarity I also got my CEHv8 in high school after a day of cramming. CEH is me at best
What would you recommend as a starting point then? I'm currently on the INE penetration testing student path, in the hopes of passing the eJPT and then working towards OSCP. Is this something you would encourage? I know you have spoken highly of eLearn Security before, which is how I found out about it.
The eJPT is a great place to start, but hopping straight through to OSCP from there might be a bit of a jump. It has definitely been done before and personally I did OSCP without professional experience or eJPT, but still. This message is more meant to prepare you for culture shock. :) You can definitely try, but be wary that the OSCP labs and exam are a very different beast.
I've also done the beta exam for this new version of the Pentest+, the PT0-002 and I agree with you!
I saw some effort by Comptia, trying to bring some relevant concepts but it is as you say... it falls short when it comes to the practical part of it.
Ethical hacking/Pentesting is a practical subject and there's no way around that. The best way to learn is to get your hands dirty and learn by doing!
So maybe they should add a Practical Section as you suggested!
Thank you taking the time to make this video Heath ♥
he mentioned that there are better sources than pentest+ would u suggest any? thanks.
@@mostafakhemissi34 are you talking about study resources or certifications?
@@DavidAlvesWeb Do you have any study resources you recommend?
@@SD-kw2bn Yes! The CompTIA PenTest+ Study Guide: Exam PT0-002
You're quickly becoming one of my favorite channels. I'm trying to build a foundation to break into the field and you have literally been an invaluable resource, thank you so much.
Do you break into the field or not ?
a very helpful, unbiased review. thanks heath!
Can you do a video on what certs we should get to become a pentester?
Thanks bro.
I failed this cert first time, but passed the second time. Then I went on to the OSCP and passed that on my third attempt.
Yet you succeeded Well done!
Do you have to pay for the retake?
Did you get any job yet?
My take on Pentest+ and the "is it worth it?" question: Pentest+ will be of limited value when it comes to "getting jobs", but it does a decent job of introducing a student to the foundational knowledge needed for corporate pentesting.
* If you have zero professional experience and need a first leg-up -> Maybe.
* If you need a DoD 8570 CCSP approved cert -> Yes.
* If vacancies you're interested in ask for it -> Yes.
* Do most jobs require it -> No.
* If you're outside of the USA -> less so, because CompTIA is less
* If you want a stick at your back while studying, forcing progress -> Yes.
Basically, I fully agree with you Heath.
This stick is very expensive. Maybe I get a real stick for this
Heath: And now a word from our sponsor.
Me: Oh no...
Heath: Our sponsor is TCM Security..
Me: Oooh yaaay!
Well played sir.
Haha it's hard to find sponsors worth having in a video :)
2022 looks good on you bro, only the best for you man... you inspired my journey since your very first posts.
Name another person in the cybersecurity and cyber education field who is as helpful, straight-forward, and easy to understand as TCM? You can't, because he is the best. Because of his courses like Practical Ethical Hacking and the PNPT exam, which I am going to take soon, he has provided an incredibly helpful road map for people like me who are trying to break into the ethical hacking field. Making a career change in your 30's is daunting, but Heath, you have been a huge help and I can't thank you enough!
Same same same SAME!!! What you said about Heath/TCM, being in your 30s, EVERYTHING! LOL
To answer your question, Black Hills Information Security, Wild West Hackin' Fest, John Strand, and an entire host of their friends, peers, and colleagues who are consistently offering in depth training at affordable prices and also pay-what-you-can. Heath and TCM Security are doing an incredible job as well. Hats off to everyone who is putting that knowledge out there for the community.
I dont think the Pentest+ holds any pentester value. I think its improperly named. It should be considered a blue team cert. I found it to be a waste of my time.
I think you’re right, the name is kinda misleading. If they changed the name to something that reflects the forensic/defensive concepts the exam covers it might hold more value. A number of questions in the 002 exam were about identifying code that had been run on your systems, and/or choosing what could have mitigated it
Multiple choice is multiple choice. More and more employers are not only doing technical interviews, but taking it a step further with hands on/simulated environment to test your skills. Penetration testing & red teaming is also not typically considered “entry level”.
Great video. Thank you. I started on my study journey on this not fully knowing where I want to be in cyber (blue team?red team?) and found pentesting concepts interesting. I am going to stick with it since I am more than halfway through studying for it. I'm told by some industry experts I know that while its true it won't likely get me in the door to pentest, it can still help to obtain something like a SOC analyst role, just for the fact that it gives you a good runthrough of many of the offensive fundamentals that are valuable even on the defensive side. Obvious CYSA+ is the SOC Analyst-type cert and I think I might go for that afterward. My goal right now (5 years in IT Support) is not really to obtain a pen test role, which honestly is out of my league, but rather to get into an IRA or SOC role. I know Comptia certs are entry level compared to ones like OSCP, but if either of these has what it takes to slide me into a SOC role (and especially if the company pays for it), it seems 100% worth it. Super informative video though. Thank you.
Hey Heath! Just wanted to ask if the CEH practical exam worth it? Thank you for your video!
I have CEH (Practical) and would compare it to eJPT. Not a whole lot better than CEH in terms of content. If you can afford to do it or just want to pass it and have it, great. Not super worth it imo
@@omargraziano3351 thanks for your response!😊
@@omargraziano3351 Wow really? Dang. Just passed Security+ today and was looking at CySA or Pentest. Guess I'll do CySa and work from there.
yeah, I kinda felt like the CySA+ is the same way...I have it and really haven't had any additional bites on job offers. I took the Pentest+ beta as well, and bombed it...it was almost too much programming for a sys admin to understand...then again it was a beta and no study book was available at the time.
But it still renews all your other certs for 3 years
Which is best ComPATIA pentest+ and CEH
I took the Pentest+ last year after finishing CySA+ which contains roughly 30% of what is on Pentest+. Failed first time then passed the second. Is the cert worth it? Everything TCM has stated is on point. I'd also just add this cert maybe of some value if you're just seeking a high level understanding of what pentesters do prior to going for certs like CASP+, CISSP and even CISM or any other tech lead/managerial position in the cybersecurity market. If you're managing a cybersecurity team, having this cert can at least give you the understanding of what's going on without going way deep on the tech side.
How do you feel about the CompTIA CySA+? Specifically from a DoD 8570 perspective and someone coming from only a Security+ CE certification?
Thanks for your review, I was actual thinking about taking the exam. But now
I would like to know witch exam/study you would recommended to take instead of this one? As you say, a more practical, usual day to day certification that will be more useful.
Took it passed almost exactly a year ago. I did it more so because it was entry and to complete the entire Comptia certification catalog.
This video has so much value! So much better than network chuck. Thank you! I’ve been in IT 12 years currently studying for pentest + and Ejpt;
I Hate chucks soyboy thumbnails
I recently completed Ibm python data science certification in February. wanted to learn web vulnerability reporting to implement machine learning algorithms on gathered data to simplify hacking.
What do you think about eJPT?? I am starting and I thought that getting this cert instead of spending waay more time than I have to prepare for the OSCP. The eJPT cert would be my foothold for jobs. What do you think? Thanks Heath for these videos!! 🙌🙌🙌
@@CameronNoakes nope, you must be confused with CEH exam. eJPT is a practical exam where you hack
eJPT is actually multiple choice (while there's a practical aspect to it). He's right, it's very entry level and won't land a job.
@@TCMSecurityAcademy my bad you guys are right, I thought it was practical. So, what practical cert would you recommend for a beginner? Is the OSCP the only worth cert??
@@CameronNoakes Thanks!
It's amazing how far the TCM academy has come. I remember when it was first launched!
Thanks so much, I’m so happy to see your regular videos again
Wish you would recommend a certification path. It would help. There’s so many out there. OSCP, CISP, CEH, etc.
so Heath , can you give us any recommendations aside TCM courses, because I kinda of planned to take pentest next month but uve kinda change my mind now..
I watched your videos since a year you,david bombal,network chunk you three are my inspiration
Do you think this is worth having if your focus is blue team? I'm currently going for the CySA+ and wasn't sure if it's worth the studying and test-taking to go for the Pentest+ if I just want a foundation of pentesting knowledge.
Hey Maurice! I have both, and the Pentest+ is very good if you just want to have a foundation of Pentesting Knowledge. But you don't actually need to go for the exam to get that knowledge. There's a lot of great and relatively cheap courses (TCM has the PEH) for you to learn from :)
@@DavidAlvesWeb I appreciate that info. I’ll definitely look into it then. Thank you for your time!
@@mauriceandrewsjr5929 My pleasure! 😊
Just paid $200 for the pentest+ certmaster practice yesterday lol
Wow! Thanks for dropping "gems"! I was really thinking that I needed to go after that cert but focus my pathway on becoming a "red teamer". Thanks for the info!
Make one video on Top certificates to Land a job
Awesome advice - a buddy I know has a bunch of other Comptia certs so for him, renewing them all by passing this would probably be the best benefit
This Video was posted on My B-DAY!🎂🎂🎉🎉🎈🎈
what are your thoughts on the eJPT cert.
I took the beta. Now, I had just passed the Security+ exam and at the time I had 0 days experience as a cybersecurity engineer, so I failed miserably (I didn’t study because there really wasn’t much out there at the time) it seemed like an ok test. Definitely wasn’t easy but I figured for $25 (I think that’s what it cost me) why not give it a shot.
From an intro or foundational level, yes, it's worth it. But to be an actually High Tech/Advanced PenTester, not relevant.
Just subscribed to your channel. Congrats on bringing good information and not trying to act like some zaney zonky crack head like half the other IT TH-camrs out there haha 🎉.
Found your channel recently, thank you for the informative content! About the academy, do you have any wireshark content? By a quick peek I did not find any.
Thank you! A very small amount is in the PEH. Not much in the other courses, if any, I don't believe.
@@TCMSecurityAcademy Thank you for the heads up. Quickly iterated over topics in the courses, going for the all-access-pass (:
Heath, you're such a gift to our world and I appreciate you so much!!!
What certs do you recommend if not pentest+ for someone that wants to get into ethical hacking? I have my Sec+ and am proficient in using Linux, so this was gonna be my next step.
Thank you cyber mentor. Which cert is good for some one with little coding background want to shift from functional tester to security tester ? ?
Official degree like a Bachleor in CyberSec or certs like OSCP/CEH etc..?
Hi I have bought all your course and I can see that it is from 2019 does it matter? because I do not want to learn anything old
Am interested in learning ethical hacking through pen test+
How much does it cost a course and how can I pay the money
I'm considering this cert simply because it renews my Security+.
I need advice i want to do the IBM cyber security Analyst course on coursera is it worth it please help
heath is so inspiring. The way he explains these hacking concepts wont be found anywhere else on YT. Thanks mate.
PNPT… first practical Certification on the 8570???👀
What do you think about the CEH cert ? How does it compare to the PNPT cert ?
The Hornets hat for the win!
no..its only good for helping u get a general idea of an area you may have overlooked. Hence why schools request it..
Brother do you have any suggestions or opinion on CREST certifications?
Just paid for pentest+ 😔, should have seen this video earlier
Hey dude! Thanks for all the content. Still watching last ethical hacking video Greetings from Algeria.
I ALSO took the beta and passed whatever v1 of the exam was 4 years ago... I DID get into a security job. But not to perform penetration testing.
I ended up needed a break from security work (at an MSP) and let the cert lapse because... working on oscp.
My python section in the exam was string slicing.
Thanks for the overview Heath - hoping to this give those unfamiliar a perspective
That would b my next move after I do security + 👏🙏👍🥰
What are the "decent" certifications you are referring to that are on the DoD website?
that beard... jeez, just shave it off xD
I'm about to enroll in a bootcamp where I'll het the following certs... Just wanted to know what job I'll land with these certs and the average salary.. I have zero IT experience... the certifications are as follows the trifecta, Linux, cloud, server, and pen test?
From theses certification which are the top 4 most important?
Thanks so much! I still think I'm going to go for the Pentest+, personally. I would love yo see a video of all the certs you do recommend for beginners.
Please help sir
How to learn Ethical hacking
Thank you Heath and I have been following your videos and learn a lot from you in pen test field
I'm doing the PEH course!
Can you recommend any certification for pentesting?
When u sponsor your own product's Event ✨🥂
Hello Heath,
Love from India.
I follow your videos alot and i also have bought lot of courses from TCM. Thanks for creating such courses. It has helped me to achieve my dream job.
I have a request for you. Can you please create a video/playlist on how to bust scammers, paid or free , anything will work. I need to learn how i can bust scammers online so that i can give some contribution to this industry and help people to leave this scamming buisness by catching them. There are people who are doing it on TH-cam but i am curious to know how do they do it.
Thanks.
so according to u which certificate should a btech student take for the job in india. (important certificate)
I appreciate you for sharing for hands-on point of views. I hope alot people can see this video and also your other videos on how to break into the industry. Thanks
Sir I like your practical pros and cons assessment. Keep up the good work sir
I like the idea of this series. Would be interested to see your thoughts on CRTP from pentesters academy vs. CRTO from zeropoint
thank you for website bro...
is the CYSA+ worth it?
My guy. My mentor from far away. 👍🏾👍🏾
Studied for 6 hours yesterday and took the test passed 😅.
please answer me i am learning basic of java script now i want to be web bug bounter what should i learn
honest and informative...thanks!
Thanks bru
Really love the material you’ve been putting out lately. Currently undergoing the ethical hacking course, and enjoying every bit of it.
me too! hope you’re still doing well bro
Ty for this info !!!
I was initially thinking about attempting Pentest+ before going for OSCP and TCM's own PNPT, but this video has kinda swept that off
Same here
@@ceovgospel8936 Wanna team up?
Love these videos
I took it in beta too as just a "whatever, it's cheap" cert. I had just failed my OSCP and didn't expect to do well but did pass and get the cert. I attribute my pass to good guessing, strong coding skills, and tool familiarity
I also got my CEHv8 in high school after a day of cramming. CEH is me at best
What would you recommend as a starting point then? I'm currently on the INE penetration testing student path, in the hopes of passing the eJPT and then working towards OSCP. Is this something you would encourage? I know you have spoken highly of eLearn Security before, which is how I found out about it.
The eJPT is a great place to start, but hopping straight through to OSCP from there might be a bit of a jump. It has definitely been done before and personally I did OSCP without professional experience or eJPT, but still. This message is more meant to prepare you for culture shock. :)
You can definitely try, but be wary that the OSCP labs and exam are a very different beast.
Just get PNPT or OSCP
Lmao sup fam
@@kingplutoxiao1 Hack The Planet