I am not giving away any spoilers here for the test but I thought that I would write something that would help in the exam.
Going into this exam I worked for a year, on and off due to life, on different rooms in Hack the Box and Try Hack me. I completed 5 machines in Hack the box and I was ranked 3215 in Try Hack Me, I don't know how many machines in Try Hack Me I have completed.
On to the exam. Enumeration is important because you need to know what is on the network before you can begin. Also you are given some items before you begin and you need to know what to look for within some of the given materials as that is important in the later half of the test.
Once the enumeration of the machines on the network is done, being able to use the tools available to you to gain a foothold on the machine is important. The tools that are used to gain a foothold are also the tools that you will use to gain access to the other machines on the networks that you know about.
Pivoting through the network is another important technique that you need because there are obstacles that are in place to prevent you from going smoothly from one machine to another. This was the most frustrating part because the performance of the machines was terrible and I would have to constantly start and stop the connections in order for this to work.
This part isn't required for the test but I took extensive notes while moving through the exam and then I wrote up a report at the end of what the users could have done to prevent the attack from happening in the future. Being able to write reports is important in this field, while at a previous position I got a few reports that I got to look at and they are extremely helpful when they include detailed information and pictures. So, I tried to mimic that with my report.
Don't forget that you can get 1 free retake of this exam, I had to use it due to some technical problems with the machines and not being able to pivot to what is needed.
What's the next step? For me I am applying to different entry level positions and I am also looking at what the next certification that I am going to get. I have been looking at the PNPT from TCM security. This looks intriguing because of the OSINT that is needed and treating it like an actual engagement.
If you have any question, comments or suggestions please email email@example.com.