CARTP Course & Exam Review
Certified Azure Red Team Professional (CARTP) Course & Exam Review
In this blogpost, I will write down my thoughts about both the course and the exam to obtain the Certified Azure Red Team Professional (CARTP) certification. Even though I don't usually write about the certification I obtain, this time I will make an exception to thank Nikhil Mittal.
The Course Material
The Course material provided by the Altered Security team consists of:
- The Course Videos
- The Course Videos are the Main resource if you take the self-paced version of the course. Those videos will cover both the theory and the Learning objectives that you can see as the practical section of the course.
- The Walkthrough Videos
- The Walkthrough videos, a resource that I did not use. But I see why they exist and how a learner can rely on them to review his steps to understand what he is doing wrong.
- The Lab Manual
- In short, this is a well-written PDF where a learner can find the command used to solve the Learning objective. You can see it as a written version of the Walkthrough videos. I used them initially as a cheat sheet, then as a source to write down my personal cheat sheet.
- Lab Diagrams
- Initially, I overlooked this resource, but later on, I found it as a valuable way to solve the lab using a different approach. This resource helped me complete the lab following 5 different paths.
- Tools
- An encrypted zip archive that contains all the tools used during the course. Really useful resource both during the preparation for the exam and during the exam itself.
The Course
Before I start talking about the CARTP course itself, I should point out that what I knew about Azure before starting this course was that Azure was the Cloud provided by Microsoft.
This course is structured on the Red Team approach to exploit Azure and its misconfiguration. I really enjoyed this course from the beginning to the end, because it's really well planned. Furthermore, Nikhil has exceptional teaching skills, which he uses to explain even the most complicated concepts simple and clearly understandable.
As I wrote above, the Diagrams called Kill Chains during the course put this course on another level.
The learner is provided with four Kill Chains. Provided that each step of a Kill Chain is a Learning objective, which is explained during the course by Nikhil, you can see a Kill Chain on how to properly use each topic explained in the course.
So, making a short recap, you have 5 ways to exploit the lab's misconfiguration
- Completing each Learning Objective alone
- Following Kill Chain 1
- Following Kill Chain 2
- Following Kill Chain 3
- Following Kill Chain 4
The CTF
The CTF is basically a hidden Kill Chain that you have to figure out by yourself. It is totally optional, but a great learning option. Sadly, I had to skip this part since I chose to take the 30-day labs option, and because I had a few little issues with a thing called life, I had to opt into skipping the CTF to prepare myself for the exam.
The Exam
The Exam is very well planned, it covers the course topic, adding a little twist every now and then.
Taking the exam, you have to find the final flag exploiting a few Azure resources within 24 hrs. If you complete the exam, to obtain the CARTP certification, you have to send a full report that shows each step you took within 48 hrs.
I completed both the exam and the report in 12 hours, though most of that time was due to a silly mistake that cost me 6–7 hours.
After sending the report, via email, to the Altered Security team, you will receive an email in which the team tells you that your report will be evaluated by them and that you will receive a response, PASS or FAIL, within 7 business days.
After a few business days, I received the email with the CARTP certification.
Commenti
Posta un commento