A few weeks ago I took a couple exams and passed them both. One was the AWS Cloud Practitioner exam. This is the entry level AWS certification that teaches students how Amazon Web Services works, the services offered, and the pricing and billing concepts. AWS suggests people with 6 months of experience with AWS should attempt this course, but honestly that could probably be less.

I have been working in IT since 2002 and as a systems administrator since 2004 with heavy emphasis on web support and infrastructure. I have a deep level of knowledge on all sorts of concepts that helped digest and understand AWS offerings pretty quickly. But, other than maybe a singular hands-on workshop a few years ago, I’ve really not been hands-on or actively knowledgeable about AWS at all beyond hearing about insecure S3 buckets and this Lambda serverless craze. And really, my lack of knowledge has probably been around not having personal time to dive hard into it, and also until recently not having worked for a company that adopted anything cloud-based.

And that brings me to my motivations, which foremost includes the business I work for going hard into cloud adoption in the next couple years. Also, as I get older and technologies come and go, I do feel the need to remain current, or at least conversant with current stuff. And I really felt like there were two places I could improve and grow a lot: application security and cloud (AWS) security. So, to tackle the latter topic, I’d decided to soft-scope some AWS studying into the second half of 2019.

I opted to start with AWS Cloud Practitioner mainly due to the fact that I really didn’t think I knew AWS enough to pass that exam if I had taken it 6 months ago. And that would have been true! There’s zero chance I would have passed, and likely not even gotten anything but the concepts/benefits of cloud-computing correct. The goal is to go further, so this cert is just a stepping stone into AWS.

For study, I followed a pretty quick timeline lasting only about a month. I had planned to take a little bit longer when I was less sure about the scope of the material, but in my timeline I built in a review period where I would drop other ideas and tasks if I felt like things were progressing well and I had overestimated the exam depth. That was a good idea, as I ended up finishing the exam in something like 20 minutes with a 957/1000 score, and saved several additional weeks of work and study.

I first signed up for a 7-day trial at ACloud.Guru. I had read that they’re a great training resource, but maybe could go deeper into some topics and best consumed alongside a second resource. So I started there. I then cancelled my account on day 6, so I really spent no money on this step.

I took Introduction to AWS (1 hour), AWS Certified Cloud Practitioner 2019 (5 hours), AWS Certification Prep Guide (2.5 hours), and as a bonus to myself, the Mastering the AWS Well-Architected Framework course (4.5 hours). Most of this was pretty good, with the clear standout of the Well-Architected Framework course which was excellent, and easily digested due to my background. Still, I didn’t feel completely prepared for the exam. It’s hard to tell for sure, but I suspect I may have been a lot closer to the passing cut off if I had just done these courses.

I also started working through the Udemy “course” AWS Certified Cloud Practitioner Practice Exams 2019 by Neal Davis which I purchased when it was on sale for $20. These are 6 practice exams and probably ate up about 10-12 hours of effort to take and review them. I highly recommend going through these practice exams. The only caveat is that these exams are decently harder than the real exam I took. But, that’s a good thing! I scored around 76-86% on these.

I also have a Linux Academy subscription already, so I augmented my studies with a newer course AWS Cloud Practitioner (CLF-C01) by Tia Williams (11 hours) . There are also some labs scattered in here, which, while very much just follow the instructions and click things, was nice to get some hands-on time for me, since I really haven’t had any. Also, note how this course is much longer than the one from ACloud.Guru. In my estimation, had I stopped and not done this Linux Academy course, I’m not sure I would have passed the exam; it would have been close!

I also made a couple Coggle mindmaps during my studies to keep track of the groups of concepts and services. This was a wonderful idea I found mentioned on another blog review of the course. ( https://www.shanebart.com/aws-cloud-practitioner/ )

As a last step, I took a few hours to breeze through actual material from AWS, namely the Overview of Amazon Web Services, Architecting for the Cloud: AWS Best Practices, and How AWS Pricing Works whitepapers.

As I said, I had more things planned, but I suspected this is more than enough to pass the exam, and apparently I was correct!

Moving forward, I plan to do more cloud studying before the end of the year. Next, I’d like to read the materials for and pass the CCSK certification. I will then start preparing for the AWS Solutions Architect – Associate exam and start doing some AWS projects. My ultimate goal is to earn the Security Specialty in early 2020 and maybe the CCSP later in 2020 as well. I’m still being a little aggressive here, but I think this is doable and a little less pressuring like lots of my other heavy technical studies in the past few years.

I would also say that unless someone is comfortable discussing the various services in AWS, the benefits of the cloud, the pricing structure of AWS, and the support offerings, this cert is a good and pretty inexpensive (in time and money) option to get started. Otherwise, for others with comfort in the above topics, it may be worthwhile to just dive into one of the Associate level tracks.

A few weeks ago I took a couple exams and passed both. One was the Linux+ (powered by LPI) LX0-104, which is the second exam in the Linux+ certification track. This pass resulted in my earning both the Linux+ and LPIC-1 certs as I had taken and passed LX0-103 earlier this summer.

I’ve been a relatively casual user of Linux since about 2001. I’ve used it as my primary desktop at home for probably the last 10 years, but that doesn’t mean I’m any sort of power user. I know enough to pilot myself on Kali Linux through the PWK labs and the OSCP cert, and probably approach a Linux administrator job. My day-to-day tasks on Linux at home are just general web browsing and media playing on Ubuntu; things where you can just set things up and stay in the GUI all day every day.

Still, all of that exposure left me very comfortable in Linux and able to pick up on things very well to fill in my gaps of knowledge when studying the Linux+ topics.

And that is the main part of my motivation for this cert: To shore up my foundational knowledge on Linux. I’m comfortable, but I certainly have gaps as I am not a full-time Linux admin or power user. And having that strong foundation can carry over to many other things like cloud servers, linux forensics, linux pen testing, securing linux servers, etc. While I’m comfortable in Linux, I’ve seen the opposite end of the spectrum in something like the SANS forensics course FOR 508, where students with nearly 0 Linux experience have a huge learning curve just to be able to operate inside the main forensics tools and VMs. I’m glad I’m not at that point, but going even further helps that comfort.

I’ve also long looked at Linux+ as a cert I’d like to get to illustrate some knowledge of Linux, but have never really put the time or effort into pursuing it. At the start of this year, I found that CompTia was going to change this cert later this year by updating its content from v4 to v5, ending the relationship/connection with LPI, and also converting the lifetime status of the cert to by something you’d need to renew. I really like my lifetime Security+, so this change helped prompt a decision to make getting this cert a goal of mine for this year.

Since I already had a Linux Academy subscription, I used them as my primary resources for studying. As the Linux+ cert content is being updated, some of these courses are no longer useful, and I was initially confused on which courses I should be focusing on. I utilized the Linux Academy labs for tasks I wasn’t quite as familiar with. Their cloud-based ability to spin up a CentOS server for me to read man pages and help files was really nice!

I started with Linux Essentials (14 hours) last year, and finished it early this year.

I followed that up with LPIC-1: System Administrator Exam 101 (v5 Objectives) (21 hours), which was partly confusion on my part due to the exam changes, where I should have been looking at v4 content and not v5. Still, I welcome the learning.

Then I completed Linux+ and LPIC-1: System Administrator – Exam 101 (v4 Objectives) (20 hours) before taking and passing the first exam.

Lastly, I took Linux+ and LPIC-1: System Administrator – Exam 102 (v4 Objectives) (23 hours) before taking and passing the second exam.

From the exams, I don’t remember much about the first exam already, but on the second, I did score lower than I wanted to score. I blame that on taking a month to start studying AWS before my exam date, so most of my exam experience was pulled from ingrained experience rather than recent memory from studying things. To be fair, I only spent about 25 minutes on that second exam.

The exam was fine, but it was definitely off-putting to get several questions dealing with IPv6 vs IP4 and IP addressing and subnetting. I get the need, but should have been out of scope of this particular type of exam.

I was a little skeptical taking this on as a personal goal this year, as I already know plenty of Linux and it was maybe sort of a “I had this idea years ago and I’d like to complete it” sense of vanity. I also really had nothing to gain from the cert itself; it won’t land me my next job or trigger a raise. However, I’m glad for having done it, as it’s really my first formalized amount of training on Linux, which helped answer questions, fill in gaps, and learn some new things. (So, that’s why dual booting was such a pain so many years ago!)

I feel more even more confident in Linux now, which can open up further doors down the road like diving harder into Linux forensics, Linux pentesting, managing my own attacker platform better, and so on. These were all probably approachable already for me, but now even more so.

Moving forward, I don’t have any plans right now to get any other Linux certifications. The effort and cost for pursuing the Red Hat or Linux Foundation tracks when my job title does not include “Linux” just isn’t a priority for me. If I had to choose one, it would be difficult. Red Hat is more recognized, but Linux Foundation wouldn’t require travel. I wouldn’t entertain doing any more LPI as it is just multiple-choice.

For others looking to get this cert, I think for anyone looking to be a Linux administrator should make the Red Hat or Linux Foundation tracks a priority, with this an optional step along the way. I’m not really sure the cert itself is worth it, but the studying towards it would be. For someone with no or little Linux experience looking to put something on the resume, maybe for a blended security role, and not looking to do a hands-on admin practical, this makes for really one of the only options. After October, 2019, there will be Linux+ and LPIC-1 as separate, competing certs, but I’m not sure which would be preferred. Probably Linux+ as it could help support renewals of other CompTia certs, and vice versa. For someone comfortable in Linux, this really becomes a personal decision that could go either way, which is the boat I was in.