Active Directory Set New Focus of 2022 OSCP Exam
In December 2021, OffSec announced that it will change its exam to put greater emphasis on the Active Directory set and less on the role of the Buffer Overflow target. To create a more realistic experience, the new exam will require completion of at least 10 PWK lab machines along with a detailed report, including all of the PWK course exercise solutions. This change allows OffSec to leverage techniques from the Client-Side Attacks and Port Redirection and Tunneling modules which they have not done before. So, what does all this mean? Let’s dive in:
Q. How does Active Directory Reflect Cybersecurity Threat Trends?
More and more Fortune 500 companies are relying on the Cloud and Microsoft 365 products that are paired with an Active Directory to provide complex processes and systems for user authentication and authorization. As the use of Active Directory becomes more widespread, sometimes involving thousands of computers, companies risk greater exposure to opportunities for hackers to infiltrate their networks and enterprise systems. To mitigate the risk IT professionals must be skilled in performing penetration testing using the most up-to-date tools to discover vulnerabilities, issuing reports, making presentations, and being proactive in solving problems.
As both a student and a teacher, I found the best way to learn what to expect in the field as a pentester is honing your skills in labs simulated to reflect real, active threat environments. Evolve Academy’s OSCP curriculum has always included performing penetration tests where students mimic real-world attacks to identify methods to circumvent the security features of an application, system, or network. Students new to OSCP preparation and those who’ve been in mid-level positions in the field gain more confidence as they progress through our Bootcamp, and employers tell us that their experience and depth of knowledge make them better employees. We are happy that OffSec is now giving more weight to the Active Directory lab work and believe that this new focus will raise the value of having an OSCP Certification.
Many successful pentesters start out as system administrators but soon learn the importance of having the mindset of a hacker.
Q. In addition to labs and simulated environments, what are some of the other ways to prepare to pass the new OSCP exam?
First, the labs and the other ways to prepare for the exam are interconnected in my mind, and this is the way that Evolve approaches the modules in our OSCP Bootcamp.
There are many single-topic courses available from various organizations, but most are generally about 90 days, while our Bootcamp is 18 weeks. The shorter courses can be helpful, but they are intended for participants to absorb the knowledge and then study on their own. While I’ve seen students do this and pass the exam on the first or second try, I also know people who have studied for three years and still struggle. Then there are those who earn the OSCP Certification but have difficulty applying their skills in their first pentesting job.
Of course, in an 18-week Bootcamp, students have more time to cover various components in depth. However, there’s more. Our program brings students together so that they can learn together, not only from our experienced, full-time, OSCP-certified instructors, but also from one another. When working adults form cohorts, they inevitably find unique things to share. They learn to ask questions and communicate, as they might in their jobs when being part of a team. All of our students have access the OffSec PWK curriculum materials, study guides, and labs, and we pair them with mentors for those times when they may be studying or practicing on their own.
Another added benefit of our Bootcamp is our relationships with employers. We have a reputation in the industry for preparing students to not only pass the exam, but also to gain the skills and understanding to be a true pentester, Many times, companies send their students to the OSCP bootcamp for the exposure they will get to others with varying levels of experience and to up-skill their teams.
The OSCP is a difficult exam and that has not changed. Passing is about the quality of the time you spend learning and practicing, not necessarily the amount of time.
Q. How can I learn more about preparing for the OSCP Exam?