Noroff - Network and IT Security

Photo by Noroff

Photo by Noroff

How was my experience as a student?
Updated 23. July 2024

In August 2020, I started a four-year journey as a part-time student at Noroff Vocational College. I followed the study program while working full-time as a web developer and having a family with two elementary school-aged kids. In June 2024, I completed this chapter in my life, during which I put anything other than spending time with my kids and wife on hold. 

In this article, I will tell you about my overall experience during the study program and briefly touch upon what knowledge I gained. 

By telling my story, I hope to give friends, family, and colleagues insight into what I was doing in my home office for the last four years and give students considering joining the study program insight into how it was for me.

Previous knowledge

From where did I start?

Looking back, I must admit I barely knew anything about IT when I joined the Network and IT Security study program. I had a couple of years of programming experience as a hobby, under one year of professional experience as a web developer, and some essential Linux experience. Still, compared to what I know now, I barely knew anything about anything related to IT.

The primary motivation for joining the study program came from several sources. First and foremost, I wanted formal education to further my career as an IT professional. Secondly, there were too few with in-depth practical sysadmin and networking skills at my job. These factors, combined with a genuine curiosity and interest in learning more about Linux, networking, and ethical hacking, made this study project the perfect complement for my journey as a full-stack web developer venturing into the world of DevOps.

PBL

Problem Based Learning

The study program started with a short introduction to learning theory and how to write scientific reports effectively and correctly. Although this was a disappointing and non-technical start to the study program, I found value in learning about educational theory and pedagogy and getting an introduction to academic report writing. I loved how the class made me realize how much I like philosophy. Because of this class, I have read/listened to several (audio)books and listened to many podcasts on philosophy during my daily commute to work.

The exam for this class acted like a trial-by-fire on how Noroff runs its exams. It made me appreciate that at Noroff, you had to put in the work for good grades. The myth that private schools (in Norway) allow students to buy their grades was debunked in the same process.

course logo

Problem Based Learning (PBL)

- Tom Drange - 79t, 30m

A brief, but broad course on all aspects surrounding academic learning. The course spanned topics like study techniques, Harvard referencing, speed reading, learning theory, project management, and much more.

"The course really was an eye-opener that gave me tools that I relied heavily upon during the entire study program."

This was a course that, in many ways, prepared me for the coming years as a part-time student at Noroff. I found the topics of learning and reasoning theory fascinating. The course really was an eye-opener that gave me tools that I relied heavily upon during the entire study program.

The course had a nice flow, but at the same time, I think each topic was covered too briefly for my liking. Many of the topics were covered so briefly that I felt we barely touched upon them without giving me the time to dig into them and truly understand them. This class could easily be extended into an excellent one-year philosophy and pedagogy study program.

I probably should have spent more time on extracurricular activities during this class. I did not really take my time, and probably took it to light in the class because I had experience from other studies in many of the topics covered. 

The course lasted for six weeks, plus two weeks of repetition and exam preparation.

- 18. October 2020

OSF

Operating Systems and File Systems

The second class introduced various kinds of operating systems and file systems and what makes them different. By learning about memory and storage devices, I became familiar with basic networking concepts, virtualization technology, and the basics of binary data. We also got an excellent introduction to what file systems actually are.

My takeaway from the course was a much better understanding of digital data and binary information and why binary is an effective means of storing and processing data.

The course inspired me to learn about 6502 assembly programming (of Atari 2600, NES, and Commodore 64) and made me curious about learning more about low level C and C++ programming.

course logo

Operating Systems and Filesystems (OFS)

- Janrik Oberholzer - 157t, 30m

A relatively thorough class in how operating systems, file systems, processors, memory, and mass storage devices work and operate in a computer. 

"...an incredibly interesting and good class, and I "finally" understood how a computer works."

This was an incredibly interesting and good class, and I "finally" understood how a computer works. I think this class was an excellent introduction to computing in general.

However, I don't think the required reading was particularly good for students like me who had little insight into C programming. Most of the examples used in the book that explained communication with the OS kernel were written in C, with functions and concepts the author expected the reader to know about.

I spent quite a lot of time on this class, and I feel that I learned a lot from it. The required reading was Tanenbaum A.S., Modern Operating Systems. In addition to the provided reading material, we watched various videos on YouTube and LinkedIn Learning that helped us understand the material. The lectures were entertaining, but unfortunately, I struggled to understand the teacher's accent, which made me watch all the lectures several times.

In addition to the material provided by Noroff, I read and watched Mike Mayers' Udemy course on the CompTIA A+ certification and a book called "But How Does it Know?" that helped me really understand how CPUs, RAM, and I/O work on a computer system.

The class was estimated to take 160 hours divided over six weeks with provided learning material and self-study. This estimate aligned well with the amount of time I spent studying for this class.

- 13. December 2020

MSF

Microsoft Based Technology

This class was all about on-prem servers running Windows Server 2019. We got a solid introduction to Active Directory and using AD to manage resources on a network. As a semi-experienced Linux admin, I learned a lot about Windows and got my first introduction to AD. I was also introduced to proper file and system backups and how to run Microsoft Hyper-V as a hypervisor for virtual machines. In addition, replication, SMB, iSCSI drives, and NFS were introduced through practical labs and hands-on exercises.

This massive course taught me a lot about how corporate networks are run. It was also the basis of the study project I did at the end of the first half of the study program, where I decided it would be fun to learn more about Windows before learning about hacking Windows domain controllers and AD networks.

course logo

Microsoft Based Technologies (MST)

- Tom Drange - 229t, 0m

An extensive introduction to Windows Server 2019 and Windows 10 professional covering Active Directory and other on-prem technologies offered by Microsoft.

"...thorough introduction to on-prem Windows servers and the management of network devices using Active Directory"

This was an extensive introduction to on-prem Windows servers and the management of network devices using Active Directory. The focus of the class was practical work on Windows Server 2019. Since my main fascination and daily need for system administration was on Linux servers, it took a lot of willpower to power through all the GUI-based programs we learned to use on the Windows servers. But thanks to well-organized labs, I learned a lot. I even got my first introduction to PowerShell during this class.

The course covered the installation, configuration, and management of Active Directory and the use of Group Policy Objects. We used VMware workstation to virtualize multiple clients and servers in a complete but small corporate network. We learned to configure software RAID, manage file permissions on directories and AD-level, firewall rules, RDP, and backup. We also configured SMB file shares, DNS, DHCP, printer services, and a HyperV server for virtualizing. Finally, we touched briefly upon Azure and what was then known as Azure Active Directory.

The teacher did a great job of keeping the course to the point, but the video lectures often became dry and uninteresting, even though he did his best to keep them entertaining. I spent a lot of time on related LinkedIn learning courses on Server management. I also read a book covering the curriculum for CompTIA Server+ to make the class more interesting, and to fill knowledge gaps I discovered.

The course spanned eight weeks of classes, and two weeks of repetition and exam preparation. I got an A in this class, but I must admit that I think we barely scratched the surface of what Windows Server offers.

- 7. March 2021

NIX

Unix based systems (Linux)

This massive Linux course gave a deep and good introduction to Linux and Linux system administration. We got an excellent introduction to Red-Hat-based distros and Debian-based distros. The course followed roughly the CompTIA Linux+ curriculum, giving me broad exposure to many concepts and methods of running and managing Linux hosts.

The final parts of the course allowed us to combine everything we had learned to install and configure Arch Linux, which we configured to suit our own needs.

This fantastic course taught me much about Linux and how computers operate in general. I liked the practical labs and how everything I learned could be applied to my job. Because of this, the course helped me become a much better sysadmin at work.

course logo

Unix Based Technologies (NIX)

- Renè Østensen - 292t, 0m

This large and broad course that focused only on using terminal emulators for system administration. It started with the basics of users and permissions and ended with us installing Arch Linux based on our own preferences.

"...after this class, I can confidently say that I feel more at home in the Linux terminal than I feel using Windows - which I have used all my life."

This was an incredibly fun and engaging class that I really loved studying for. The first two weeks focused on getting a deeper understanding of topics I had surface-level knowledge about before the class. Then, we spent the following weeks digging really deep into how Linux works and how to configure Debian and Redhat-based distros. Before this class, I felt that I knew my way around Linux, but after this class, I can confidently say that I feel more at home in the Linux terminal than I feel using Windows - which I have used all my life.

The course covered broad use of Linux, and the feeling of installing Ach Linux at the end of the course, where I actually understood the entire process, and realized that I could build my own OS, covering my specific needs, felt amazing.

The teacher in the video lectures was entertaining and had a very good pedagogy, but most of the topics were covered by reading the provided material and doing self-studies.

The CompTIA Linux+ Portable Command Guide was the required reading for this class. In addition to this book, I read several other books covering the same certification and took several Udemy and LinkedIn Learning courses covering topics I struggled to understand fully. The course estimated 200 hours of study time, spanning eight weeks of tutoring and (most) self-study, and two weeks of repetition and exam preparations. I went beyond and above and spent almost 300 hours studying.

- 22. May 2021

NET

Networking

This was a deep and good networking course based on Cisco's retired CCENT certification. The teacher was brilliant and made the material exciting and engaging. 

During this class, I studied and passed the CCNA certification. This class and the CCNA taught me about networking topics I was unaware existed. Even though I'm a web developer, this insight equipped me to make better decisions and application architectures. It enabled me to really understand the basics of networking concepts like switching and routing and how the OSI model can be used to illustrate and debug networking problems both as a sysadmin and as a developer.

course logo

Network Infrastructure (NET)

- Bertram Haskins - 499t, 0m

Good introduction course to computer networking that was obviously heavily based on the retired CCENT certification from Cisco.

"This class was a perfect introduction to computer networking!"

This was one of the classes I was actually not looking forward to. This was mostly because the class lasted almost six months, and students who had taken it warned me about how tough the material was to understand and master. Thankfully, I was pleasantly surprised and discovered a topic I would never have imagined as fun, and this was just that. This class was a perfect introduction to computer networking!

I especially liked how the class was divided into theoretical concepts and then dived into the practical hands-on configuration of Cisco routers and switches. In addition to learning a lot, I gained respect for the profession of those working in data centers as network engineers.

The class was divided into six modules split across 12 weeks as a part-time student. Parallel to this class, I studied for and passed the CCNA (Cisco Certified Network Associate) certification. The overlap between the class and the certification was great, and in many ways, they both provided equally great repetition for the class exam, and certification exam. However, it has to be said that the CCNA covers much more than this class does. It seemed to me like the class overlapped almost perfectly with the old (pre-2020) Cisco CCENT certification, which covered about half of the CCNA certification. 

Because the class started before the summer of 2021, and ended after the supper vacation, I got the chance to spend the summer drilling networking concepts and absorbing the material. 

This was a great course that really enabled me to understand the networking portion of system administration and application design. If I someday don't want to do programming anymore, this class made med realize that networking might be a fun option.

- 31. October 2021

Read description

Cisco CCNA 200-301 (Cisco Certified Network Associate)

Basic, but broad certification in network fundamentals, design, and configuration using Cisco networking equipment.

Though the certification is vendor-specific it uses Cisco equipment to teach practical implementation and theory on general networking concepts.

"This certification made me realize how big and deep networking really is."

Huge, and broad certification that forced me to learn a lot about networking theory, design, and hands-on configuration of Cisco equipment.

I went old-school and built a physical lab, using old Cisco equipment, and gradually moved into virtual appliances using "Cisco Packet Tracer" and other labs and study tools like "Boson NetSim".

This certification made me realize how big and deep networking really is. I also learned a lot about how to perform basic layer 2 and 3 hardening to defend against network attacks. As a side-effect of studying for this certification, a lot of the mysterious parts of web development, and the sysadmin world became clear to me. Even though I don't plan on working as a network engineer fulltime, this certification made me a much better IT professional and programmer.

This was a beast of a certification exam that I'm very proud to have passed. The CCNA was the very first IT certification I passed. During my studies, I learned a lot about how and what makes me learn IT-related material. This insight has helped me a lot during further studies and defined how I tackled future education and certifications.

29. October 2021 - 499t

IIS

Introduction to information security

I looked forward to this class, but unfortunately, it disappointed me. I was expecting a lot more on offensive security, but for obvious reasons, this was not the aim of the study program or this course.

course logo

Introduction to Information Security

- Tom Drange - 203t, 0m

Basic information security class that covered professional jargon and gave a broad overview of cyber attacks and defences.

"The video lectures were at a level that I don't think any professional tutor could be proud of delivering."

This was the class I had been looking forward to throughout the entire Network and System Administrations program at Noroff. Unfortunately, the class did not live up to my expectations in any way. As the name suggested, this was an introduction to IT security, but a large portion of the class was a repetition of what we should have learned in previous classes. The few new topics that were introduced had poor explanations.

The video lectures were at a level that I don't think any professional tutor could be proud of delivering, and the written online learning material was written in an uninspiring and boring way. I managed to read through the content with the sheer power of will. On a positive note, the accompanying book to this class: "Introduction to Information Security" by Michael Goodrich and Roberto Tamassia, was well-written, entertaining, and easy to read.

After completing every class in the Network and System Administration program at Noroff, this was clearly the weakest class of them all when it comes to pedagogical approach and learning content. I think I managed to get an A in this class despite the learning material provided.

The class was estimated to require the students to use 200 hours, spread across 8 weeks of classes and self-study, and 2 weeks of repetition and exam preparation. I ended up spending 203 hours on this class plus a lot of time spent on TryHackMe.com to gain practical experience with the subject matter.

- 23. January 2022

SP1

Study Project 1

To mark the end of my second year as a part-time student, I wrote a study project on managing Linux and Windows hosts on a network using Active Directory. This was a fun study project, and I learned a lot about Kerberos and LDAP in general. I also learned how Linux host and user permissions on the hosts could be managed using an on-prem Windows Server acting as a Domain Controller.

I got an A for my effort and learned a lot in the process.

LAW

Security and Law

This was the first class of the second part of the study program. In it, we learned about legal aspects of information security, such as GDPR and other relevant Norwegian, European, and American laws, regulations, and standards. The class also made us aware of what cyberwarfare actually is and what makes it so different from traditional kinetic warfare.

I loved this class since it made me appreciate the legal aspects of cybersecurity and set the tone for the rest of the study program. I don't think I was alone when I expected a lot of hacking and offensive security during this study program, and this class helped me appreciate why the rest of the classes had the focus they had. Ethical hacking can be fun, but it has to serve a purpose.

course logo

Security and law

- Tom Drange - 138t, 0m

An introduction to national and international laws, rules, regulations, standards, and frameworks used in the IT and InfoSec industry.

"...a good course that made me learn a lot of stuff I did not know I needed to learn"

Generally, a good course that made me learn a lot of stuff I did not know I needed to learn.

Although I wish there were a bit more hands-on work, not only learning by reading and watching. Because of the passive nature of the course, I struggled to keep momentum and learn all the things I need to learn.

I liked the way we got introduced to security policies like ISO 27001/27002. I do think this was a very relevant class for my career as a cybersecurity expert. I also finally got a pretty good understanding and insight into GDPR, which is helpful in my job as a web developer.

The class dedicated quite a bit of space to discussing how cyber warfare compares to traditional kinetic warfare, and the problem of non-repudiation. Based on the current invasion and war in Ukraine this felt extremely relevant.

The class was estimated to require the students to use 168 hours, spread across 6 weeks of classes and self-study, and 2 weeks of repetition and exam preparation. I ended up spending 138 hours on this class. No book was defined as required reading, but I did spend a lot of time reading through laws, rules, regulations, standards, and frameworks.

- 23. October 2022

COP

CyberOps

This class marked what I would consider the "real" beginning of the second part of the study program, which focused on information security. Like with the IIS class, I had high hopes for learning about offensive security, but this was not the case. Instead, we learned how to secure organizations by having procedures and processes to mitigate and handle security incidents.

This class closely followed the Cisco CyberOps Associate certification, so I pursued that certification in parallel with the class. I also spent many hours on TryHackMe, learning as much hands-on cyber security as I could afford without affecting by Noroff studies. The combination of TryHackMe and the CyberOps certification enabled me to understand the topics covered by the class on a level that allowed me to discuss the practical implementation of cybersecurity confidently.

course logo

CyberOps

- Farai Nyandoro-Kunzvi - 213t, 0m

A class covering intermediate Information Security concepts, methodology, and theory. It felt like a natural next step after covering the material in the CompTIA Securiy+ certification.

"This class helped me pass the CyberOps certification, and the certification helped me get a good grade in this class."

I really struggled with motivation in this course. The first half of the course was pure repetition from previous classes, and the second half was unfortunately boring. The instructor-led videos went from being engaging, and enthusiastic in the beginning, to monotone, and to a point where the instructor himself seemed bored at the end. This was unfortunate because the lack of engagement in the video and written material came at a time when I struggled with motivation myself due to study fatigue.

This class provided a very solid foundational level of knowledge about a vast array of cyberdefense topics. It was purely theory-based, but I appreciate this class because I don't think I would be able to force myself to really understand these basics without the desire for a good grade. Fundamentals like the ones covered by this class feels very important.

Since the class covered material very close to the old old Cisco CCNA security class, I decided to spend time studying for the new Cisco CyberoOps Associate certification. This helped me focus less time on the material from Noroff and more time on material from other channels, such as CBT Nuggets, Linked-in learning, and the book. The same week as I took the Noroff Exams, I took and passed the Cisco CyberOps Associate certification exam. This class helped me pass the CyberOps certification, and the certification helped me get a good grade in this class.

The class was estimated to require the students to use 210 hours, spread across 8 weeks of classes and self-study, and 2 weeks of repetition and exam preparation. I ended up spending 213 hours on this class. For reading material, I read through the Cisco CyberOps Associate cert guide by Omar Santos. This was a long, and great book that I really enjoyed reading.

- 15. January 2023

Read description

Cisco CyberOps Accossiate 200-201

Theoretical basic principles of network and information security. A nice big step beyond CompTIA Security+

"This certification really boosted my confidence in security-related topics."

I learned a lot and could make solid connections between the security theory I learned in school, the networking I learned during CCNA, and my experience as a sysadmin and web developer. As my first cybersecurity-focused certification, I learned many concepts that other learning paths assume previous knowledge and insight about.

This certification really boosted my confidence in security-related topics.

15. January 2023 - 213t

CLS

Cloud security in Azure

This class covered the material in the Microsoft Azure AZ-500 certification.

Based on my previous experiences with the teacher who created these classes, I was not looking forward to this class. Unfortunately, my fears were not misplaced, and this class was the worst of all courses in the study program.

To make things even worse, the material in this class expected previous experience with Microsoft Azure. Nobody in our class had this experience, and Noroff did not warn us about this prerequisite. I speculate that this class was designed for students coming after us, with a class that introduced them to Azure. 

Because I like to be prepared before classes start, I noticed this prerequisite and pursued the AZ-900 certification from Microsoft during the summer break of 2022. This provided me with some fundamental Azure insight and experience. Microsoft provided excellent free learning material for this certification, and I got a good introduction to Azure.

Despite this prerequisite, the class was poorly structured and failed to make any content engaging or make me appreciate why it mattered and when configurations should be applied. I hope Noroff completely rewrites this entire course, so no other students have to suffer through this class like we did.

course logo

Cloud Security

- Tom Drange - 155t, 0m

A course based on the Microsoft AZ-500 Cloud Security certification. The written material provided by learn.microsoft.com was yanked straight from Microsoft and formatted to fit the Noroff LMS layout and structure.

"I'm sad to say that this course felt like a minimum-effort project by Noroff..."

This course was definitely a low point in my learning experience at Noroff. The video lectures had several audio issues, the teacher seemed uninspired, and the written material was hard to retain.

I'm sad to say that this course felt like a minimum-effort project by Noroff, and the way the class was structured made it hard to retain the knowledge. A lot of the topics covered by the written material that was copy-pasted from Microsoft's own website expected previous experience and insight gained from certifications like the AZ-104. My class had not even had a basic introduction to Azure before this class, so we had no foundational knowledge to build upon.

The hard-to-grasp material came at a time when I struggled with study fatigue after more than 2.5 years of hard studying after a full day's work and family life. So the low quality of the learning material only increased the level of fatigue.

The good part of this course that really helped me learn was a collection of labs from Skillable. These labs really helped me get hands-on experience and helped me understand the concepts and methodology in Azure. Unfortunately, these labs were just tacked on as bonus material I started to work my way through during the last week of the course, as an exam cram.

Even though the labs from Skillable were excellent, they were a huge missed opportunity by Noroff that could have been used to really help us retain the material in a much better way by simply using them as bonus assignments mentioned across the material. The course had practical assignments, but they were too few and too short. After all, the AZ-500 is a practical certification and not a theoretical one.

This course, like all other Noroff courses, had two online open-book exams: an essay exam, and a multiple-choice exam. The essay exam had theoretical and practical tasks that challenged our understanding and hands-on skills. But my exam featured a problem that I had to solve that was not covered by the course material, this made me do research during the exam. The exam tasks were also written in a way that felt designed to make me misunderstand them. Both of these issues added unwarranted stress to the exam. The multiple-choice exam featured many questions about tiny details like default encryption algorithms that made me relive trauma from a previous CompTIA certification experience.

All in all, I'm glad this class is in my past... The only thing saving this course from a score of 1/6 was the Skillable labs.

- 12. March 2023

Read description

Microsoft AZ-900 (Azure Fundamentals)

A basic introduction to the services offered by Azure, and how to connect on-prem services to azure.

"It was an eye-opener to get first-hand experience on how easy it was to navigate and do stuff in Azure compared to other cloud providers..."

This was a very light and easy-to-follow certification and learning material provided by Microsoft on their own learning platform.

The learning material did an excellent job of covering all the fundamental cloud concepts and terms that are both vendor-neutral, and Azure-specific. It also forced me to get my hands dirty with the basics of the configuration and setup of containers and VMs.

It was an eye-opener to get first-hand experience on how easy it was to navigate and do stuff in Azure compared to other cloud providers like AWS.

14. August 2022 - 42t

PRG

Python programming bootcamp

After the terrible cloud security class, it was great to get an excellent class that introduced us to Python programming. I used this class as an excuse to dig into and understand basic programming concepts better. I dug into concepts such as object-oriented programming using advanced concepts like abstract base classes, interfaces, and how to properly do inheritance and polymorphism. I also learned about GUI development using TKinter, and development standards I had skipped as a self-thought developer.

course logo

Programming

- FJ Botha, Bertram Haskins, Philip Blunt - 496t, 0m

An introduction course to programming with Python. It took us from complete beginners to building fully functional tools that run in the terminal.

"This period in my studies was a blast, and really helped me grow as both a programmer and an IT professional in general."

This very good course offered a very gentle and nice introduction to programming for students without any previous experience. The course was well-structured and is by far the best course offered by Noroff I have participated in. It's obvious that the teachers did their best to provide explanations for every part of the course material. Noroff even had two teachers provide the same lectures but with different teaching styles. To top it up, every task in the course had a complete video walkthrough that demonstrated and explained how to solve each task.

For advanced students, Noroff provided an entire module with an advanced deep dive into how Python can be used to craft custom IP packets using the "scapy" package, and as a tool to perform network management on the SNMT protocol.

I personally used this course as the backbone for a very deep dive into the fine details of Python by pursuing the certifications provided by the Python institute (PCEP, PCAP, PCPP1), working on HackerRank challenges, reading books on algorithms and data structures, and taking Udemy courses that made me understand at a much deeper level the details of programming and computer science in general.

This period in my studies was a blast, and really helped me grow as a programmer.

- 27. August 2023

Because I was having a good time studying and learning Python, I pursued all currently available certifications from The Python Institute. The learning material for these certifications was free and of excellent quality. I especially loved the way I got a solid understanding of advanced object-oriented programming using abstract base classes to help with polymorphism, and the practical use of class inheritance.

Read description

PCEP - Certified Entry-Level Python Programmer

Foundational and thorough certification on foundational Python lexis, syntax, and semantics.

"...great certification exam that tested me on the understanding of foundational Python lexis, syntax, and semantics"

A great certification based on the fantastic PCEP course from the OpenEDG Python Institute. The course, and certification helped me stay motivated to learn and really understand what makes Python special compared to other programming languages.

This was a great certification exam that tested me on the understanding of foundational Python lexis, syntax, and semantics. The exam did not quiz me on pure memorization, but a combination of remembering and understanding how a Python program is written and executed.

5. May 2023 - 188t

Read description

PCAP - Certified Associate in Python Programming

A certification that in combination with PCEP verifies that the student has learned and mastered all the basic building blocks in the Python3 programming language.

"By achieving the PCAP certification in combination with the PCEP certification I can confidently say that I do know the basics of Python."

The PCAP certification covers Object Oriented Programming, exceptions, and exception handling, string manipulation, building and using packages (PIP) and modules, interacting with files both text-based and binary, and interacting with the operating system.

The certification exam was a major step up in difficulty compared to the PCEP certification exam and required me to really rely on a deep understanding of and practical know-how of Python3. Even though this was a multiple choice exam it really made me stop and really analyze and evaluate each option.

The exam questions on object-oriented programming concepts encapsulation, inheritance, and polymorphism were formed in a shockingly good way to measure real-world insight. I especially struggled with the exam questions on exceptions and exception handling. While preparing for the cert exam I became a lot more skilled in using and analyzing code snippets with exceptions and exception handling.

I'm amazed at how humbling and good this certification exam was. By achieving the PCAP certification in combination with the PCEP certification I can confidently say that I do know the basics of Python3.

The only issue I have with this certification is that the learning material provided by the Python Institute was in no way shape or form enough to learn enough to pass this certification exam. I was fortunate enough to stumble upon videos on YouTube that warned me about this issue. The questions on the exam did go way above and beyond the learning material.

23. June 2023 - 122t

Read description

PCPP1 - Certified Professional in Python Programming 1

The perfect follow-up from PCEP and PCAP certification. This massive certification made me dig deep into advanced topics in Python and helped me discover the deeper details of how Python works under the hood.

The details covered by the certification are something I think every professional programmer needs to be familiar with and be able to implement.

"The exam forced me to become really familiar with advanced OOP concepts and implementations."

A massive certification that made me dig deep into advanced topics in Python such as magic methods, decorators, encapsulations, abstract classes, and metaclasses, It also covered file processing using SQLite, JSON, XML, configparser, and using the logging module. This certificate perfectly complimented the PCEP and PCAP certifications and builds upon the foundation established by those certifications.

I especially loved the part on GUI programming using TKinter. Even though I had some experience with Tkinter, the course gave me a much deeper insight into the fundamentals and details of how to build maintainable GUI applications with Python. The networking part of the course covered generally everything a programmer needs to know when starting to build web services from the ground up and made me realize the power of the requests package.

The certification helped me structure my learning in a great way and made me learn a lot of concepts I probably never would have learned on my own. The exam forced me to become really familiar with advanced OOP concepts and implementations.

The only issue I have with the certification is that the learning material was not nearly enough to pass the certification. Thanks to practice exams on Udemy I was able to spot where the certification expected me to dig deeper than the free official learning material provided by the Python Institute on edube.org.

16. October 2023 - 139t

SQL

Database design, management and queries

This class introduced us to designing relational databases and management of MySQL. We also learned to write basic SQL queries. This class helped me learn a lot about how to design databases properly, which really improved my performance as a web developer. 

Although the class was a bit too short for my liking, I managed to squeeze in a lot of extracurricular activities that helped me make better design decisions. 

course logo

Databases

- FJ Botha, Philip Blunt - 155t, 0m

A short introduction to basic database design and SQL queries using MySQL.

"This course could at least have been twice as large, and still felt too short."

The course was estimated to take 160 hours of study time and had no required reading outside the material provided by Noroff.

The course provided a high-level overview of database design concepts such as data normalization and relationships. It did cover "everything" regarding relational databases, but I think the material was too shallow and the explanations felt too rushed.

I had to look outside the provided material by Noroff to truly get a feel for the theory and practice of SQL queries and database design theory. This course could at least have been twice as large, and still felt too short.

My biggest disappointment was with the lack of a proper introduction to SQL injection attacks and mitigations. The course had some material on the topic, but only enough to get our feet wet.

During the class, I spent time doing HackerRank SQL and database challenges. These challenges in combination with a fantastic Udemy course taught me a lot about the topics Noroff failed to teach me. I also went above and beyond trilling database design and SQL queries on my own.

I'm very happy with the learning outcome of participating in this class, but unfortunately, I don't think the knowledge can be attributed to the learning material provided by Noroff.

The exam was probably the best at this point during my Noroff studies. I felt it really tested my understanding of database design and SQL queries.

- 22. October 2023

ETH

Ethical Hacking

Ever since I applied for the network and information security program, I had been looking forward to this class. I was hoping we would learn about practical ethical hacking and penetration testing. Instead, the course was mostly theoretical and focused on frameworks and legalities related to ethical hacking and penetration testing. 

The focus on theory bothered me a bit, but I found the material clear, concise, and easy to grasp. This allowed me to spend much time on TryHackMe, ranking me in the top 900 of over 3 million users. 

Unfortunately, I could not demonstrate my hands-on practical skills during the exam, which mainly focused on frameworks and legalities surrounding ethical hacking and penetration testing. To make matters worse, this was the only class during my Noroff studies that I felt unfairly graded.

course logo

Ethical Hacking

- Francine Solheim, Ali Elimam - 146t, 0m

An introduction course to ethical hacking and penetration testing focuses on how ethical hacking brings value and helps an organization's security posture.

"Although it was nothing like what I hoped for and expected it was a great put-together course..."

This course was the one that made me apply for the Network and Information Security program at Noroff back in 2020. I had very high expectations for the course. Unfortunately, it was nothing like what I had hoped for. I already knew the tiny bit of hands-on hacking we were taught from my time spent on TryHackMe. The course and exam mainly focused on the theory and concepts surrounding ethical hacking and penetration testing.

Although it was nothing like what I hoped for and expected it was a great put-together course heavily inspired by the learning objectives of the CompTIA Pentest+ certification. The course made me appreciate the business part and the impact of ethical hacking in a much deeper way.

The exam was theory-only but asked questions that I think tried to validate the learning objectives pretty well. Unfortunately, I think the grading focused on listing concepts instead of validating real-world insights and understanding of the topics.

Of all the exams on Noroff, this was the most unfairly graded of them all. It was obvious to me that the grading teacher was looking for keywords on his evaluation sheet, and not evaluating the general competency shown by the student.

- 13. January 2024

COF

Computer Forensics

The final class of my studies was one of the best in terms of content, structure, and examination. During this class, I spent a lot of time fiddling with Autopsy and learning about log aggregation tools like Splunk and ELK-stack on TryHackMe. It was fun to learn how law enforcement can get data on user activity and how that information would be used as evidence in a court of law, as well as some key aspects of how the data had to be gathered to make it usable as evidence.

I don't think I'll ever want to become a digital forensics expert due to the gruesome content they will have to encounter. Still, the class gave me insight into assisting law enforcement during an investigation.

course logo

Computer Forensics

- Craig van Niekerk - 157t, 0m

A digital forensics and incident response introduction course covering the main topics and some of the more crucial tools used in the profession.

"...as a result of my studies, I do feel I have a much better insight into how the Windows registry works and is structured."

This course was led by an engaged instructor passionate about Digital Forensics and Incident Response. Although short, it had quality content that helped me familiarize myself with the most common and essential artifacts that could be used to collect evidence on Windows hosts.

I think the course gave us good enough insight into the profession to make us respect it and help us decide whether this could be a profession suitable for us or not. I found it equally fascinating and frustrating. However, as a result of my studies, I do feel I have a much better insight into how the Windows registry works and is structured. This cleared a lot of the mystery on Windows for me.

The exam had questions that were easy to answer but hard to answer well. It tested me well and allowed me to show what I had learned during the class.

- 23. March 2024

SP2

Study Project 2

To end my studies, I wrote my last Study Project. I built a personal Password manager for this project using Django, vue.js, and TypeScript.

This was a fun project that enabled me to learn an entirely new web framework and a set of exciting new hosting principles and techniques. I also spent a lot of time learning how to build Chrome extensions, but unfortunately, there was not enough time to complete a Chrome extension that could be used to access the password vault during the time allocated for the study project.

The project is live and available on https://vault.haxor.no for anyone interested, and the source code is available, and open-source on my GitHub.

Extracorricular activity

While studying at Noroff, I did a lot of extracurricular studies by reading books, watching video lectures, and doing labs by following certification programs. I consumed content that aligned with these certifications:

  • CompTIA A+
  • CompTIA Network+
  • CompTIA Security+
  • CompTIA Server+
  • CompTIA Linux+
  • CompTIA PenTest+
  • AZ-900 - Azure Fundamentals
  • AZ-104 - Azure Administrator Associate
  • AZ-500 - Azure Security
  • Cisco Certified Networking Associate
  • Cisco CyberOps Associate
  • Cisco DevNet Associate
  • Python Certified Entry Level Programmer
  • Python Certified Associate Programmer
  • Python Certified Professional Programmer

I tried to pass the certification exam in just a few of the certification paths. Still, the learning material that covered the certifications provided me with the knowledge I would not have gained otherwise. I especially loved the material for the CompTIA certifications. They are perfect for students like me, who need to learn the fundamentals. 

The Cisco certifications had fantastic books provided by Cisco Press with industry-leading pedagogy and ease of reading. I also found fantastic video courses on CBT Nuggets and Udemy.

The Python Institute certifications and the free lectures hosted on edube.org set a new benchmark for programming certifications. They were hard and tested me on the understanding and application of Python programming.

Epilogue

These were four tough years for me and perhaps even harder years for my family. I'm very happy with a mean grade of A for the study program that proved to myself and the my loved ones that the effort was worth it. 

I learned a lot during my studies, but in many cases, the quote "Great students get great results despite bad teachers, not because of good teachers" rings true. Many of the classes felt fantastically designed but, unfortunately, poorly executed. However, the overall study program, the order of the classes, and the overall learning outcomes were fantastic. 

About halfway through the program, Noroff killed their entire online student community by moving from the informal chat on Discord to the more formalized and, in my opinion, horrible collaboration platform, Microsoft Teams. Even though this move happened halfway through my studies, the community never recovered during the last two years. I appreciate the decision, because it was based on GDPR considerations. However, this affected me tremendously as an online student and made me feel alone on my cybersecurity journey without an active student community.

After spending so much time learning about cyber security and system administration, I realized that programming is my professional "calling.

Would I recommend that others join the study program? Yes and no. I expect the study program might be much better on campus than online. After the move to Microsoft Teams, I never felt part of a student community, and I lost contact with many of the students I had chatted with on Discord. 

Much of the recordings and written material in the classes felt rushed, and in many cases, it felt like a beta test or early access to something that could be great in the future. The required readings were mostly poorly integrated into the courses. Because of this, too many courses seemed like a minimum-effort product, especially during the last year (two years as a part-time student). 

Despite my complaints, I think the study program made me skilled in the basics of cybersecurity. Can Noroff take the honor for my learning outcome? No, I don't think so. However, it set an excellent premise for my studies and helped me stay on track and learn the essential parts that I would probably never have bothered to learn outside the study program.

After spending so much time learning about cybersecurity and system administration, I realized that programming is my professional "calling." I love being able to do "everything," but I find the most enjoyment out of building software, not running or using it. While learning about ethical hacking was fun and gave me much-needed and desired insight into how hackers actually operate, I did not find it as fun as I had hoped it would be.

I have a solid foundation, but I have just started my journey towards becoming a true master.

I'm proud of my accomplishments during these four years and do not regret participating in the study program. It made me a better IT professional and perfectly supplemented my programming journey. 

After completing this study program and working as a web developer for over four years, I can work as a "one-man army" doing "everything" required to build and run web applications and services in the cloud. I have a solid foundation, but I have just started my journey towards becoming a true master.