Please note:
This course is a work in progress and is still evolving. Content may not be complete in certain areas and new topics may be added as needed
About this course
- PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks.
- CompTIA PenTest+ is the most comprehensive exam covering all penetration testing stages. Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.
- PenTest+ is the only exam on the market to include all aspects of vulnerability management. It not only covers hands-on vulnerability assessment, scanning, and analysis, but also includes planning, scoping, and managing weaknesses, not just exploiting them.
- PenTest+ is the most current penetration testing exam covering the latest techniques against expanded attack surfaces. It is a unique exam that requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT), and traditional on-premises.
Duration
This course is 40 class hours, typically consisting of (10) 4-hour sessions with additional hours for Lab and practice assessments
Benefits
- Plan and scope a penetration testing engagement
- Understand legal and compliance requirements
- Perform vulnerability scanning and penetration testing using appropriate tools and techniques, and then analyze the results
- Produce a written report containing proposed remediation techniques, effectively communicate results to the management team, and provide practical recommendations
Who should take this course?
CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understanding legal and compliance requirements, analyzing results, and producing a written report with remediation techniques.
Class Details
Exam Objectives:
- Planning and Scoping (14%)
- Compare and contrast governance, risk, and compliance concepts
- Explain the importance of scoping and organizational/customer requirements
- Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity
- Information Gathering and Vulnerability Scanning (22%)
- Given a scenario, be able to perform passive and active reconnaissance and analyze the results of the reconnaissance exercise
- Ability to perform vulnerability scanning
- Attacks and Exploits (30%)
- Given a scenario, research attack vectors and have the ability to perform network attacks, wireless attacks, application-based attacks, and attacks on cloud technologies
- Explain common attacks and vulnerabilities against specialized systems
- Given a scenario, perform a social engineering or physical attack
- Ability to perform post-exploitation technique
- Reporting and Communication (18%)
- Compare and contrast important components of written reports
- Given a scenario, analyze the findings and recommend the appropriate remediation within a report
- Explain the importance of communication during the penetration testing process and potential post-report delivery activities
- Tools and Code Analysis (16%)
- Explain the basic concepts of scripting and software development
- Given a scenario, analyze a script or code sample for use in a penetration test
- Explain use cases of various tools used during the phases of a penetration test
Pre-requisites:
Network+, Security+, or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
Labs:
- Lab information is unavailable at this time.
Additional Resources:
- No additional resources are currently available for this course.