2024-07-22 11:15:00
Here's a bigger version of the mindmap shown above.
After last week's introspection about my career, I've been doing a lot more thinking. I've put a lot of thought into which technical and non-technical skills I need to develop, to stay current in today's market. I'll talk about that another day.
I also realized that I left out one important thing in my mindmap: my personal pitfalls.
kilala.nl tags: work,
View or add comments (curr. 0)
2024-07-18 21:52:00
The past few days I’ve felt a bit stuck in my work, feeling the need for some change although I’m not quite sure what yet. My weekly routine has been quite that: routine.
Every week, I spend four days with my primary consulting customer and the fifth day I teach classes at ITVitae. For over a year I’ve been thinking how I could change that up, especially now that I’m self-employed and “a businessperson”. I don’t just get to run my own career, I have to!
I’ve been juggling all kinds of options.
After a rather big family event (one of our two cats passed away) I turned all the sourer and more introspective. I think I want something to change, but I’m not sure what.
So, I got to mind mapping and brainstorming. Thinking about things that give me energy and things that really eat energy from me. I put those into clouds of “things I like which help others”, “things I like which feed my ego”, “things I enjoy”, “things I dislike” and “things I’m not good at”.
Which resulted in the overview you see above (here’s a larger image). EDIT: Just to give more insight into my process, here's what the whiteboarding session ended up looking like.
I then looked at where those things either feed upon another, or where they clash.
For example:
So… Decisions!
This introspection has been useful!
I’m not done yet though. I need to rethink my planned learning path, to make sure I’m still investing time in the right things.
kilala.nl tags: work,
View or add comments (curr. 0)
2024-06-09 14:18:00
It's been a busy weekend! After spending yesterday at AnimeCon, today I focused on household and on another CompTIA beta exam. About a month ago I wrote about the betas for Pentest+ and SecurityX, today I did Pentest+ PT1-003.
The PT1-003 objectives are available here.
Here's my thoughts on the exam:
In short: I think it's good! At least as good as the SecurityX beta, maybe even better. And much better than the Cloud+ beta which was kinda bad.
kilala.nl tags: work, studies,
View or add comments (curr. 0)
2024-05-20 19:47:00
This morning I woke way too early to take CompTIA's CA1-005 SecurityX beta.
118 questions and I used two hours (out of the three allotted). I thought the invite said four hours max, but okay, fine. I thought the MC questions were mostly pretty good, only a very small amount of stinkers. The PBQ weren't that exciting though, could've been more.
One thing that stands out: CAS-004 was the first CompTIA exam to introduce a PBQ in a real Linux virtual machine. CA1-005 has removed all of the Linux commands from the objectives, which suggests that CompTIA decided to kill that particular subject and the VM PBQ. I for one did not encounter the VM at all.
All in all, is the CASP+ / SecurityX a competent, more technical alternative to CISSP? I think it's not far off! Now the problem to tackle is brandname recognition.
kilala.nl tags: work, studies,
View or add comments (curr. 0)
2024-05-18 00:17:00
I guess most people know by now that I'm a sucker for beta-testing exams. CompTIA went live with not one, but two new betas!
They have published the exam objectives here.
I just spent five hours doing a comparison of the PT0-002 and PT1-003 objectives. The changes to Pentest+ are pretty extensive. Many small details are swapped out. Two big areas are swapped: there is much less focus on mobile (app) pentesting and there is much more focus on the SDLC and containers.
Here's my comparison. It shows which objectives were carried over from 002 to 003, but also which were added (green) or removed (red).
kilala.nl tags: studies,
View or add comments (curr. 0)
2024-05-13 08:58:00
This weekend I had a few spare hours to laze around in my hammock. What better way to spend them, than to do some quick brushing up on my training skillset?
Logical Operations, have a training and certification they call MCCT: Modern Classroom Certified Trainer. It is currently discounted to $95, including the exam and cert.
MCCT is very clearly targeted at trainers who need to migrate from classroom to digital teaching. The training and certification do not go into didactics and curriculum creation, it is purely about achieving success in digital / remote / asynchronous training.
MCCT is by no means a replacement for CompTIA's now-retired CTT+.
Training materials consist of 2.5h of video, a PDF book and slide decks. The exam are 48 multiplechoice questions, 36/48 needed to pass. The exam is untimed, unproctored and open book.
My opinions on the matter:
Jon's training impressed upon me once again the importance of community-building, especially in an async class. Yet again that makes me amazed that Practical DevSecOps appear to actively discourage community-building in their trainings.
kilala.nl tags: studies,
View or add comments (curr. 0)
2024-05-10 17:12:00
It's been almost a year since I last fired up my homelab. I haven't had a need for the 20+ VMs since I did my Ansible and CDP exams as just about all the other exams I prepared on a smaller, local env.
A few weeks back I decided to fire up my R710 again, to see if everything still works. It's antiquated and it runs a version of VMWare ESXi 6.5.x. Since its boot drive is a USB flash drive, I was a bit worried.
Lo and behold, I am greeted by a pink/purple screen that says:
failed to mount boot tardisk
Whelp... I have some inclination what that means and I don't like it. Unfortunately the Internet also wasn't of much help, as that exact error appeared once on a German forum.
After some messing about, I'm happy to learn that my USB boot drive still had a recovery option! Pressing <shift><r> when told to, pops me into recovery mode. It tells me I can restore a previous install (which curiously had the exact same OS version), which I did.
By the sounds of it, all my VMs are booting again. :)
Now to make a backup of that flash drive!
kilala.nl tags: work, studies,
View or add comments (curr. 0)
2024-02-02 07:28:00
In 2020 I took the CV1-003 CompTIA Cloud+ beta. Back then I wasn't really impressed with the quality of the exam. Well, it's time for the next version!
A few weeks ago I took CV1-004 for $50, to see if it's better than last time. Yes, but no.
The questions on the new beta were more diverse than last time. And I still like the exam objectives / curriculum. But in general, I wasn't a fan of the exam questions. I know CompTIA often has questions where you're not supposed to think from real-life experience, but this time around it's really pretty bad. Know that meme of grandma yelling "that's not how any of this works!". Well that was me.
Especially the PBQs felt like CompTIA were struggling to come up with something that works. And if I have to see one more white-clouds-on-blue-sky stock photo I'll scream.
Jill West, an instructor on CIN, wrote it pretty eloquently:
"That was a bizarre exam. Only one of the PBQs really seemed appropriate to the test [...] Some other questions seemed like someone was looking at the objectives to write their questions but didn't really understand the concepts; they just used several items from the objectives as "wrong" answers when those options really weren't congruent with each other [...]"
So yeah. If there's a student interested in learning about cloud computing, I would suggest the read the materials, but I wouldn't suggest they'd take the exam.
===
After passing PDSO's CASP API security exam, I thought I'd look at some of their competition. I'm still going through APISec University's courses (which seem good), but I also gave their CASA exam a quick shot.
In short: I will definitely recommend their training materials to students, but not the CASA. CASA is:
Points 2, 3 and 4 unfortunately mean that, from an employer's point of view, the certification isn't worth much because there's no guarantee that whomever has it didn't cheat in some way. Basically my biggest critique of PDSO's exams as well (which has points 2 and 3, but not 4).
The questions on the test were well written, so that's something. They are a decent way for someone who's taken the APISecU classes to test themselves. And the potential employers will simply need to do better BS-testing in interviews. :)
kilala.nl tags: work,
View or add comments (curr. 0)
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Tess Sluijter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.