In this video, Marc Menninger describes the OSCP certification. Learn how this certification can be important to your IT security career. Discover topics you can expect to see on the exam and if there are any experience requirements to take it. Explore which jobs often require the OSCP certification and resources to help you prepare for it.
- [Narrator] The Offensive Security Certified Professional or OSCP, is a highly regarded technical certification designed to demonstrate that the holder is qualified to conduct penetration tests. The exam for the OSCP certification isn't a traditional multiple choice exam. Instead, students are given 24 hours to attack and penetrate a lab network. If they can't compromise the network in that time, then they fail the exam. While there's no experience requirement to take the OSCP exam, completion of the Offensive Security Penetration Testing with Kali Linux training course is required.
A solid understanding of TCP/IP, networking, and Linux goals are also highly recommended. Skills that will help you pass this exam include knowledge of information gathering techniques to find targets on a network, script and tool writing ability to facilitate penetration testing, ability to modify exploit code to successfully compromise a host, successful execution of attacks, both remote and client-side, ability to identify and exploit web application vulnerabilities such as cross-site scripting, SQL injection, and file inclusion vulnerabilities, ability to bypass firewalls with tunneling techniques, and creative problem solving and lateral thinking skills.
IT job listings that often require the OSCP certification include IT security technicians, specialists, analysts, consultants, and penetration testers. The best resource to help you pass this exam is the penetration testing with Kali Linux training course you need to take anyway. In addition, these books might help you prepare. The Hacker Playbook 2: Practice Guide to Penetration Testing is the go-to book for many penetration testers. Penetration Testing: A Hands-on Introduction to Hacking covers core penetration testing skills and techniques.
And The Web Application Hacker's Handbook covers step-by-step techniques for attacking and defending web applications. For links to these resources and other related information, please see the handout for this video. Because you can't really study for the OSCP, it's considered one of the most challenging IT security certifications. You can only pass it if you truly understand network attacks and penetration testing. Passing the OSCP is a significant accomplishment. And the good news is, once you have the OSCP, it never expires and doesn't require CPEs.
If you plan to be a penetration tester or you're just looking for a challenging certification to validate you strong technical skills, you can't go wrong with the OSCP.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- The job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself