My Review of the CARTP - Certified Azure Red Team Professional by Altered Security
The Pretext
Before I dive into the certification specifically I would like to give a brief background on me, my experience, my goals, and a TLDR of what came out of the course and exam.
By day, I am a penetration tester for a large tech company where I work as a consultant. By night, I play video games, study various things when the impulse hits, and sometimes even go to bed at a normal time. Since cloud pentesting is becoming a hot topic and a potential future product for my company, I decided to take the CARTP certification. I had prior experience working with Azure before starting offensive cybersecurity, so I felt comfortable using it and its associated technologies. My goal was to come out of the CARTP training and exam feeling proficient in attacking Azure and having a better overall understanding of it. When a client requests a pentest on something, I don't just want to be competent; I want to excel at it. Fortunately, after studying the material extensively and taking the exam, I can confidently say that I achieved that level of proficiency. I'm glad I followed through with it.
The Material
I obtained the bootcamp version of the course, which provided me with several PDFs and videos covering the learning objectives (these videos were incredibly helpful). After each week, Nikhil provided a recording of the bootcamp session for us to download and review at a later time, or for those who were unable to attend. I only managed to attend the first day of the bootcamp as I was at a BSides cybersecurity conference during the second week, and I fell ill during weeks 3 and 4. However, I downloaded the PDFs to my phone, and while at work, I would have the bootcamp videos playing on the side. I must have gone through each of them four times.
During my study time at night, I coordinated the learning objective videos, the lab manual, and my trusty sidekick Obsidian, to absorb as much knowledge as possible. I managed to complete about half of the labs before my lab access expired due to my illness. So, I renewed my lab time (although I found the price a bit steep, I understood that Azure is expensive, so it was justifiable). Unfortunately, when I was just getting back into the lab exercises, something happened in my life that severely limited my study time, and it continued long past the expiration of my lab access. However, during that time, I refined my notes, watched the videos, and tried to build a mental map for myself to establish a methodology without having the lab environment available for trial and error. I studied so much that whenever I thought about Azure, I felt like this cat. PS: What's with the mirror in this image?
The exam
When the week arrived that I planned to take the exam, I had mostly cleared my schedule of work commitments. Initially, I intended to take it on Thursday and spend Friday writing the report. The exam allows 24 hours for the lab and 48 hours for writing the report. However, based on my experience with other pentesting certifications that required report writing, I knew I wouldn't need the full 48 hours. So, I spent Monday through Wednesday intensively cramming. When Thursday came, I thought I was ready, but then a doctor's appointment interrupted that schedule. I decided to postpone the exam to Friday. However, unforeseen circumstances on Friday forced me to reschedule again, and I ended up taking it on Saturday. This gave me a little more time, but it also allowed self-doubt to creep in.
I tried to start the exam at 10 am, but due to Azure technical issues, it didn't start until closer to 11:30. After setting up the lab, I began transferring "important" tools to the VM that is provided through RDP. In hindsight, I regretted this decision. Not because something went wrong, but simply because I could have completed the entire exam from my host machine. My advice to future test-takers is to use a Windows host if possible. Additionally, ensure that your tools are properly configured and easily accessible. It will make the entire experience smoother, and it's not required to use the Azure VM provided. Overall, it would likely provide a better testing experience.
I spent a total of around 11 hours on the exam and report writing. Within the exam lab, approximately 7 hours were all I needed. I quickly found my rhythm in the lab and began problem-solving immediately. With the methodology I had developed, navigating the environment felt incredibly straightforward. I could instantly determine the next steps I needed to take.
The challenges presented in the exam were not as difficult as I had anticipated. During the bootcamp, Nikhil mentioned that the exam was aimed towards beginners, and I can certainly agree with him on that. The challenges made me think but were not overly difficult, and that's not a criticism. The exam lab felt quite realistic, and I could easily envision it as a real-world attack path in a pentest or red team engagement.
The report
To pass the exam, I had to obtain the final flag and write a report. I successfully obtained the final flag and felt like I could have gone even further. I had the sense that I was not done being tested, and honestly, I doubted whether the final flag was truly the end. Not that I expected to be led astray, but I found it hard to believe that it was that straightforward for me (all the studying paid off, it seems).
My report was not overly elaborate. I used a basic Word template and tailored it to fit my specific scenario. I structured each step as a finding, providing a description of the actions and including a screenshot with every command used. While my report did include remediation suggestions, it was not extensive in detail. The pentest reports I generate at work typically offer much more comprehensive outputs. In terms of length, my report consisted of fewer than 20 pages, but I prefer not to disclose the exact number.
The waiting
After submitting the report, I received a message informing me that my report would be reviewed, excluding weekends. Since I submitted it on a Saturday evening, I expected it would take until at least Monday for them to get back to me. As I reside on the East Coast of the US, I was surprised to receive an email alert from them around 1 am on Monday (don't ask why I was still awake) congratulating me on passing the exam.
Now
Now, I eagerly await the opportunity to put this knowledge to use. I'm grateful that I undertook the training, attended the bootcamp, and pushed myself until I achieved success (earning the certification). I had not been prepared to purchase another 30 days of lab access, only to potentially have them go to waste. I am genuinely excited to apply the experience and skills I have gained, and I anticipate that they will prove to be immensely valuable.
For anyone considering an Azure pentesting certification, I highly recommend the CARTP. The lab provides a wide range of practical, hands-on challenges. Personally, I am seriously contemplating signing up for the CRTE next.