Write
OneWriteup
  • Login
  • Register
  • Trending
  • Articles
  • Blog
  • Tutorials
  • News
  • Research
  • Top 10 Lists
  • Case Studies
  • Writeup
  • Interviews
  • Personal Stories
  • Infographics
No Result
View All Result
  • Trending
  • Articles
  • Blog
  • Tutorials
  • News
  • Research
  • Top 10 Lists
  • Case Studies
  • Writeup
  • Interviews
  • Personal Stories
  • Infographics
No Result
View All Result
OneWriteup
No Result
View All Result

OSCP vs OSCP+: What New Changes Have Been Made?

FOUNDER by FOUNDER
September 2, 2024
Reading Time: 5 mins read
51
1
Share on FacebookShare on Twitter

 

The Offensive Security Certified Professional (OSCP) certification has long been considered a benchmark for cybersecurity professionals looking to prove their skills in penetration testing and ethical hacking. Recently, OffSec, the organization behind the OSCP, announced significant changes to the exam format and the introduction of a new certification, OSCP+. This article delves into what these changes entail, why they were made, and how they impact both current and future OSCP holders.

Introduction to OSCP and OSCP+

The OSCP is a well-respected certification that tests a candidate’s ability to perform a range of penetration testing tasks in a controlled environment. It has been a gold standard in the cybersecurity industry for years, helping professionals validate their offensive security skills. With evolving cybersecurity threats and practices, OffSec has updated the OSCP exam and introduced the OSCP+ certification. Starting November 1, 2024, these updates will come into effect, bringing changes to the exam format, scoring system, and certification maintenance requirements.

Overview of OSCP Certification

The OSCP certification is known for its rigorous, hands-on approach that requires candidates to hack into a series of machines within a 24-hour period. Since its inception, the OSCP has been a challenging yet highly rewarding certification, demonstrating a candidate’s ability to perform penetration testing under real-world conditions. The certification has no expiration date and remains valid for life, representing a solid foundation in cybersecurity.

Why Update the OSCP Exam?

OffSec decided to update the OSCP exam to keep pace with the changing cybersecurity landscape and ensure that the certification remains relevant. The new exam format aims to better prepare learners for real-world scenarios, specifically addressing Active Directory (AD) environments—a common target in real-world penetration testing.

Key Changes to the OSCP Exam

Starting from November 1, 2024, the OSCP exam will see two major changes:

  1. Enhancements to the Active Directory Portion: The updated exam introduces an “assumed compromise” scenario, where learners start with a standard user account on the AD domain and work towards achieving full domain compromise. This update allows candidates to earn partial points within the AD domain, reflecting a more practical and realistic approach to penetration testing.
  2. Removal of Bonus Points: Previously, candidates could earn up to 10 bonus points by completing certain labs and challenges in the PEN-200 course. With the updated exam, bonus points have been removed to create a fairer, more consistent experience across all OffSec certifications.

Detailed Explanation of OSCP+

The OSCP+ is a new designation introduced alongside the updated OSCP exam. When a candidate passes the updated exam, they earn both the OSCP and OSCP+ certifications. However, unlike the OSCP, the OSCP+ certification has an expiration date—three years from issuance. To maintain the “+” designation, candidates must complete one of the three continuing education paths:

  1. Take and pass a recertification exam within six months of the OSCP+ expiry date.
  2. Take and pass another qualifying OffSec certification exam before OSCP+ expires (e.g., OSEP, OSWA, OSED, or OSEE).
  3. Successfully complete OffSec’s new Continuing Professional Education (CPE) program.

Active Directory Enhancements

The changes to the Active Directory (AD) section of the OSCP exam are a significant update. The new “assumed compromise” model allows candidates to start with a standard user account on the AD domain, simulating a real-world breach scenario. This change means that:

  • Candidates will earn points for compromising individual machines within the AD set, allowing for partial credit.
  • The new format provides a more realistic assessment of a candidate’s ability to navigate and exploit AD environments.

Removal of Bonus Points

Bonus points were previously awarded to encourage learners to complete specific exercises in the PEN-200 course. However, OffSec found that most learners did not need these bonus points to pass the exam. The removal of bonus points aligns the OSCP with other OffSec certifications and complies with ISO 17024 standards, which do not recognize bonus points in certification exams. This move ensures a more standardized and fair approach across all OffSec certifications.

How to Earn the OSCP+ Certification

To earn the OSCP+ certification, learners must pass the updated OSCP exam starting from November 1, 2024. The OSCP+ will automatically be awarded alongside the OSCP upon passing the exam. However, to maintain the OSCP+ designation beyond three years, learners must follow one of the continuing education paths mentioned earlier.

Differences Between OSCP and OSCP+

oscp+

The primary differences between the OSCP and OSCP+ are as follows:

  • Validity: The OSCP certification is valid for life, while the OSCP+ certification is valid for three years.
  • Recertification Requirements: The OSCP+ requires periodic recertification or completion of additional education paths to maintain the “+” designation.
  • Exam Format and Scenarios: The updated OSCP+ exam includes the new AD scenario and changes to point allocation.

Benefits of Holding an OSCP+

The OSCP+ certification signifies not only a mastery of the material but also a commitment to staying current with the latest industry standards and practices. It reflects a learner’s dedication to continuous learning, which is crucial in the ever-evolving field of cybersecurity.

Impact on Existing OSCP Holders

Current OSCP holders can upgrade to the OSCP+ by taking the new exam after November 1, 2024. OffSec offers a promotional rate of $199 USD for the new exam for those who register between November 1, 2024, and March 31, 2025. After this period, the regular price of $799 USD applies.

Recertification Paths for OSCP+

To maintain the OSCP+ designation, learners can choose from three paths:

  1. Recertification Exam: Pass a recertification exam within six months of the OSCP+ expiry date.
  2. Additional Certifications: Pass another qualifying OffSec certification exam before the OSCP+ expires.
  3. OffSec CPE Program: Complete the Continuing Professional Education (CPE) program (details to be announced in late 2024-early 2025).

OSCP+ for New Learners

New learners aiming for the OSCP+ certification have multiple options for exam preparation:

ADVERTISEMENT
  • Course & Cert Exam Bundle: Includes the PEN-200 course and one OSCP exam attempt.
  • Learn One Subscription: Provides access to the PEN-200 course and two exam attempts during the subscription period.
  • Learn Unlimited: Offers unlimited access to all OffSec content and unlimited exam attempts.

Pricing and Registration Details

The updated OSCP+ exam will cost $799 USD. However, current OSCP holders can take advantage of a promotional price of $199 USD for a limited period. Registration for the updated exam opens on November 1, 2024.

Frequently Asked Questions (FAQs)

  1. I already have an OSCP, does this change my certification? No, your existing OSCP remains valid for life.
  2. What happens to the OSCP+ designation after three years? You must recertify or complete other qualifying activities to maintain the OSCP+ designation.
  3. Can I get OSCP+ if I earn another OffSec certification after November 1, 2024? No, you must first pass the updated OSCP exam to earn OSCP+.
  4. What if I fail my OSCP+ recertification exam? You will need to repurchase the OSCP+ recertification if you wish to attempt it again.
  5. What are the changes to the OSCP exam format? The new format allows partial points for AD tasks and removes the need for bonus points.
  6. How can I prepare for the updated OSCP+ exam? You can prepare using the PEN-200 course and other OffSec resources, or by self-study.

Conclusion

The introduction of the OSCP+ and the changes to the OSCP exam format reflect OffSec’s commitment to evolving with the cybersecurity landscape. These updates not only enhance the value of the OSCP certification but also provide a clear path for continuous professional development with the OSCP+. For cybersecurity professionals, these changes signify an opportunity to stay current and demonstrate their up-to-date skills and knowledge in the field.

ADVERTISEMENT
FOUNDER

FOUNDER

Cybersecurity aficionado committed to disseminating expertise, crafting articles that empower others to resolve errors and fortify online defenses with ease.

Recently Posted

HOW To BECOME AN ETHICAL HACKER ROADMAP

Free Cybersecurity Roadmap for Ethical Hacking Career in 2025

November 15, 2024
406
Top 4 Cyber attacks Commonly used for Hacking Websites!

Top 4 Cyber attacks Commonly used for Hacking Websites!

November 9, 2024
121
How to use bloodhound tool for pentesting

How to use Bloodhound / Sharphound for Pentesting Active Directory?

November 6, 2024
136
Pass The Hash

How to perform Pass The Hash Attack on Active Directory in 2024?

November 2, 2024
106
Load More

Comments 1

  1. Mukesh Bhatt says:
    3 months ago

    Informative 💡
    It’s really helpful, provides clear context of both certifications, OSCP and OSCP+ are one of the most confusing exams, this article helps in understanding them deeply.
    Thankyou for writing this Informative article.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

ADVERTISEMENT

Recommended

How To Create Your Open Source SIEM Home Lab?

How To Create Your Open Source SIEM Home Lab?

September 25, 2024
392
Safe your PC with Windows MRT 😊

Safe your PC with Windows MRT 😊

May 5, 2024
96

Popular Story

  • Download the Top 100 Free Cybersecurity Courses, Resources, and Study Materials for 2024

    Download the Top 100 Free Cybersecurity Courses, Resources, and Study Materials for 2024

    179 shares
    Share 72 Tweet 45

  • Free Cybersecurity Roadmap for Ethical Hacking Career in 2025

    73 shares
    Share 29 Tweet 18

  • 100 Most Asked SOC Analyst Interview Questions For Freshers

    60 shares
    Share 24 Tweet 15

  • Top 20 Open-Source Tool: Every Cybersecurity Professional must know

    28 shares
    Share 11 Tweet 7

  • What is Password Spraying Attack? Complete Practical Guide 2024.

    19 shares
    Share 8 Tweet 5
ADVERTISEMENT
OneWriteup

Discover expert cybersecurity articles, tutorials, and the latest trends to protect your digital world.

  • OneWriteup Labs
  • About Us
  • Feedback
  • Contact Us
  • Report
  • Privacy Policy
  • Community Guidelines
  • Terms Of Service

© 2024 OneWriteup

No Result
View All Result
  • Trending
  • Articles
  • News
  • Blog
  • Tutorials
  • Research
  • Top 10 Lists
  • Case Studies
  • Interviews
  • Login
  • Sign Up

© 2024 OneWriteup

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In