I'm starting my RHCA journey, and I have a list of topics in mind that I'd like to learn about. I also have a couple of exams that I plan on taking, which are in line with my job.
I wonder how people choose the RHCA exams they're going to take? Is it based on work experience and technologies that you use daily, or is it things that you'd like to get on in the future?
The fact that I've attained RHCA doesn't really change much. I'll take a deep dive into Kubernetes and OKD for the project that I'm working on at the moment.
There are other Red Hat courses that I want to take while my RHLS is still active to get familiar with technology (OpenStack, Gluster, identity management, possibly Ansible best practices). You never stop learning really.
I have a passion for security things and system hardening, OffSec released a new training course for Advanced Web Attacks and Exploitation that I'm really interested in. So I might do that at some point. There is also a ton of CloudFormation stuff that I want to migrate to Terraform to make my life a bit easier.
I have. We hire/contract OSCP professionals to perform external pentests.
I started using BackTrack many years ago, I think that the original OSCP course was called PWB. They later dropped the BackTrack name and rebranded it to Kali Linux.
Absolutely! So, aren't you tempted to become an OSCP yourself, since you're passionate about IT security? I have been told that it's a very hard exam, but it would be an amazing challenge too ! ;)
Otherwise, there has now been a "Red Hat Security" family of exams with at least ex415, ex425 and ex362 as far as I'm aware of. I'm curious to see if there's going to be a "RHCA in security" title in the upcoming years :)
Am I tempted? Of course! Can I make enough time to prepare for the exam? Not really, at least not in the near future. Taking an OffSec training course (or any course for that matter) is one thing, but studying to pass the exam is completelly different. That's why I said that I'm interested in the new Web Exploitation course.
Security is not my main job, and while I try to do my best to keep up with emerging technologies and exploits that inevitably follow (the Exploit Database project is amazing), the amount of time that I can spend on it is limited.
The Kubernetes space will keep you busy, there is a lot learn and it is constantly changing.
You are exactly right, you never stop learning in our field, that's what makes it so enjoyable. Well, enjoyable when things work they way there are supposed to =)
Agreed with Jason, EX288 is a good one too. If you have enough takes left, you should probably take both EX280 and EX288.
My advice would be to study both DO280 and DO288 before taking any exam. I usually don't start several trainings in parallel when I plan on taking the corresponding certification exams, because the content to learn to prepare for just one is already huge :D
But based on my personal experience, this would really help for those specific exams.
In the end, I found EX288 much easier, but maybe because I took it second, after having been practicing longer with OpenShift. What did you think @jthiatt ?
I took EX228 after EX280 too and I thought it was easier as well.
The EX288 objectives were things I do on a somwhat reqular basis at work so I had good muscle memory. The EX280 objectives were things I did when building a cluster so they weren't as familiar to me. We only spin up new cluster once or twice a year.
A collaborative learning environment, enabling open source skill development.