Hello there! I’m Ramazan, professionally a lawyer but fascinated by cybersecurity. My journey into this field is quite unique as I don’t have any IT background, except CompTIA CompTIA A+, Network+, and Security+ certifications. You can read about how I passed these exams on the first attempt in my previous Medium article here.
In this piece, I’m excited to share my study approach, which helped me clear the Practical Jr Penetration Tester (PJPT) exam by TCM Security in just 8 hours.
The 8-Hour Challenge
The PJPT exam is a practical test of penetration testing skills. I started the exam at 10 AM on a Saturday and submitted my report by 6 PM the same day. It took me five hours for the practical task and three hours for reporting.
Upon submitting my report for the PJPT exam, the waiting period for the results was surprisingly brief. In just 2.5 hours, a notification arrived in my inbox with the exam results.
Key to Success: The Practical Ethical Hacker (PEH) Course
The cornerstone of my preparation was the Practical Ethical Hacker (PEH) course. This course is comprehensive, and everything you need to know for the PJPT is included in it. I strongly advise against practicing outside the course’s scope, as it may introduce attack techniques not covered in the PEH and the PJPT exam itself.
The Power of Detailed Notes
Taking detailed notes was invaluable. The PEH course, led by Heath, is packed with useful information on using various tools. While I can’t share my notes in full (as it’s important to develop your own), I can attest to their usefulness during the exam.
I utilize Notion for note-taking because it offers cloud backup, ensuring I always have a secure copy available just in case.
Example of my notes in Notion:
Review and Understand Your Notes
After completing the course, I reviewed my notes as if I were approaching the exam without prior knowledge of the PEH course. This helped me identify any gaps in my understanding. I even rewatched certain sections of the course 3–4 times to solidify my grasp of the concepts.
Plan Your Attack
A key element of the PEH course is the attack approach, which is explained multiple times in the course, including PEH course material related to AD cases discussions. Grasping this concept is critical for success in both the course and the exam.
Before the exam, I spent time strategizing. How would I discover hosts? What’s my approach to scanning and identifying different computers? These questions helped me refine my attack plan, ensuring my notes covered all bases.
Ensure that you have a clear, step-by-step attack plan in mind. It’s crucial to understand the purpose of each step, the expected outcome of every attack, and how each phase seamlessly connects to the next in the overall strategy.
Mindset Matters
During the exam, I approached the tasks as if they were part of a regular penetration testing job, rather than an exam. This mindset helped reduce stress and allowed me to take regular short breaks to maintain focus.
Keep It Simple
The mantra of keeping it simple was central to my approach. There was no need to overthink and going into rabbit holes, as the PEH course had already covered all necessary material. Good notes and having attack approach are key.
Preparation timeframe
In addition to the exam experience, it’s worth noting the preparation timeline that led to this achievement. I dedicated myself to studying for the PJPT exam, committing to a regimen of 4 hours per day over a period of 5 weeks.
Resources
For those interested in further exploring the materials and tools that were instrumental in my journey, here are some valuable resources:
- PJPT Certification Details: To understand more about the Practical Junior Penetration Tester certification and its requirements, visit TCM Security’s official certification page.
- Notion: The versatile tool I used for organizing and securing my study notes. Discover its features at Notion’s official website.
- My CompTIA Journey: Read about how I successfully passed the CompTIA A+, Network+, and Security+ certifications on my first attempt in my Medium article, “Zero Retakes: How to Pass CompTIA Cert A+, Network+, and Security+ Certs on the First Attempt”.
- Credential Verification: For those interested in verifying my PJPT certification, you can view it online here.
Connect with me on LinkedIn
As we wrap up discussion on PJPT, I’d love to extend an invitation to connect on LinkedIn. Networking with peers and fellow IT enthusiasts can be incredibly rewarding, offering opportunities for sharing experiences, advice, and support.
Looking forward to seeing you on LinkedIn!
