4

Which is harder? If I see 2 pentesters, one with one and one with the other who would this information alone qualify above the other? I know it doesn't work like this and it is all down to experience but from what I've been told the OSCP exam is harder than the CRT exam? Something about breaching 30 systems in 24 hours while for CRT you need to breach two? Am I woefully misinformed?

bosh
  • 41
  • 1
  • 2
  • 1
    OSCP does not require you to breach 30 systems in 24 hours - the training lab has 30 systems. The exam has a much smaller set. – schroeder Apr 14 '15 at 16:14
  • Thanks - and how does it compare to the CRT exam? – bosh Apr 14 '15 at 16:16
  • The OSCP lab has more than 30 systems, but you are not required to breach all, or indeed any, to pass. The exam has a smaller number, but yes you have 24hours to breach "enough" of them to pass, and then 24hours to write up the report. – AlexH Apr 14 '15 at 16:19

1 Answers1

1

it's pretty hard to compare those two exams, IMO. Crest CRT is taken on-site with very limited Internet access and OSCP is done remotely, so they favour different types of people.

In terms of level of technical content, I'd expect the OSCP to have more challenges to overcome as it's a longer exam (24 hours IIRC) against the practical element of the CRT which is only a couple of hours long (but then that's part of the challenge!). So a straight comparison of number of systems probably isn't the best.

Rory McCune
  • 60,923
  • 14
  • 136
  • 217
  • 1
    Yes - OSCP is 24 hours, CRT is 3.5 hours, with 2.5 hours recommended for the practical. OSCP has a lab to exploit too, and some coursework exercises, but these are only looked upon in the case of the candidate being borderline on the exam result. The number of machines in the lab is meant to be secret as it is part of the information gathering phase, but it is not too hard to figure out particularly as you are given contact with other students. – SilverlightFox Apr 15 '15 at 10:28