Exam Day Procedures and Policies

Exam Day Procedures and Policies

Exam day begins with proctoring setup and identity verification, typically requiring 30 minutes before the official start time. Proctors verify identification, check testing environments, and ensure compliance with exam policies. Once verified, candidates receive VPN credentials and connection instructions for the exam network. The 24-hour timer begins upon successful VPN connection, not at the scheduled start time, accommodating any technical delays.

Strict policies govern exam conduct to maintain certification integrity. External assistance remains prohibited, including consulting documentation beyond approved resources. Metasploit usage restrictions limit automated exploitation, typically allowing single use against one target. Commercial vulnerability scanners face similar restrictions, forcing manual enumeration and exploitation. These limitations ensure candidates demonstrate core skills rather than tool proficiency.

Documentation requirements begin during the exam itself. Successful candidates maintain detailed notes throughout exploitation, including all commands, outputs, and reasoning. Screenshot evidence of compromised systems must clearly show IP addresses and privilege levels. Many candidates fail not through inability to exploit systems but through inadequate documentation preventing report completion. Developing documentation discipline during practice proves essential for exam success.

Technical difficulties occasionally occur despite careful preparation. Offensive Security provides support channels for VPN connectivity issues or exam infrastructure problems. However, local technical problems remain candidate responsibilities. Power outages, internet failures, or computer crashes typically don't warrant exam extensions unless widespread infrastructure issues affect multiple candidates. This policy reinforces the importance of reliable equipment and backup plans.