📝eJPTv2-Notes

eLearnSecurity Junior Penetration Tester (eJPT) v2 Notes

Course duration & Topics ⏳📚

~ 145 hours (~56h of videos)Activities: 4 sections , 12 courses , 229 videos, 154 quizzes, 120 labs

Where to find the PTSv2 (Penetration Testing Student v2) course? - INE Learning Paths
Where to find the eJPT certification exam? - eJPT

Time limit: 2 days (48 hours lab on)
Questions: 35
Expiration date: yes (3 years)
Objectives:
- Assessment Methodologies Domain (25% of exam):
  - Evaluate information and criticality or impact of vulnerabilities
  - Identify open ports and services on a target
  - Exam Score to pass: at least 90%
- Host and Network Auditing Domain (25% of exam):
  - Gather hash/password information from target
  - Enumerate network information from files on target
  - Exam Score to pass: at least 80%
- Host and Network Pen Testing Domain (35% of exam):
  - Conduct brute-force password attacks
  - Conduct exploitation with Metasploit
  - Exam Score to pass: at least 70%
- Web Application Pen Testing Domain (15% of exam):
  - Exploit web app vulnerabilities
  - Locate hidden files and directories
  - Exam Score to pass: at least 60%
Overall Exam score: at least 70% + above minimum score requirements in each domain section
From a technical perspective the exam is set out to simulate a black box penetration test
- minimal amount of information about the target network
- in browser labs (no vpn)
- a complete unrestricted access to the lab environment for the entire duration of the exam
- letter of engagement
Flexible structure for the user
Hands-on, open book
Dynamic flags: randomly generated flags injected into the lab environment
Testing your ability to find the answer. How you do it is up to you.

🙏🏻 Thanks to Alex for allowing me the opportunity to fork his notes.🙏🏻

📖 Read the Letter Of Engagement📖 Read the Lab Guidelines

Last updated 1 year ago

eJPT Exam 📄🖊️

Time limit: 2 days (48 hours lab on)

Questions: 35

Expiration date: yes (3 years)

Objectives:

Assessment Methodologies Domain (25% of exam):
- Evaluate information and criticality or impact of vulnerabilities
- Identify open ports and services on a target
- Exam Score to pass: at least 90%
Host and Network Auditing Domain (25% of exam):
- Gather hash/password information from target
- Enumerate network information from files on target
- Exam Score to pass: at least 80%
Host and Network Pen Testing Domain (35% of exam):
- Conduct brute-force password attacks
- Conduct exploitation with Metasploit
- Exam Score to pass: at least 70%
Web Application Pen Testing Domain (15% of exam):
- Exploit web app vulnerabilities
- Locate hidden files and directories
- Exam Score to pass: at least 60%

Overall Exam score: at least 70% + above minimum score requirements in each domain section

From a technical perspective the exam is set out to simulate a black box penetration test

minimal amount of information about the target network
in browser labs (no vpn)
a complete unrestricted access to the lab environment for the entire duration of the exam
letter of engagement

Flexible structure for the user

Hands-on, open book

Dynamic flags: randomly generated flags injected into the lab environment

Testing your ability to find the answer. How you do it is up to you.