CompTIA PenTest +

• Penetration Tester
• Security Consultant
• Cloud Penetration Tester
• Web App Penetration Tester
• Cloud Security Specialist
• Network & Security Specialist

After completing this course you should be able to:

• Explain the importance of planning and key aspects of compliance-based assessments.
• Conduct information gathering exercises with various tools and analyse output and basic scripts (limited to: Bash, Python, Ruby, PowerShell).
• Gather information to prepare for exploitation then perform a vulnerability scan and analyse results.
• Utilise report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities.
• Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques.

• Lesson 1: Scoping Organizational/Customer Requirements
• Lesson 2: Defining the Rules of Engagement
• Lesson 3: Footprinting and Gathering Intelligence
• Lesson 4: Evaluating Human and Physical Vulnerabilities
• Lesson 5: Preparing the Vulnerability Scan
• Lesson 6: Scanning Logical Vulnerabilities
• Lesson 7: Analyzing Scanning Results
• Lesson 8: Avoiding Detection and Covering Tracks
• Lesson 9: Exploiting the LAN and Cloud
• Lesson 10: Testing Wireless Networks
• Lesson 11: Targeting Mobile Devices
• Lesson 12: Attacking Specialized Systems
• Lesson 13: Web Application-Based Attacks
• Lesson 14: Performing System Hacking
• Lesson 15: Scripting and Software Development
• Lesson 16: Leveraging the Attack: Pivot and Penetrate
• Lesson 17: Communicating During the PenTesting Process
• Lesson 18: Summarizing Report Components
• Lesson 19: Recommending Remediation
• Lesson 20: Performing Post-Report Delivery Activities

Attendees should meet the following prerequisites:

• Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
• Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.
• CompTIA Network + or CompTIA Security + or equivalent knowledge
• Hands-on information security experience

• G005 - CompTIA Network+
• G013 - CompTIA Security+

Recommended as preparation for the following exams:

• PT0-002 - CompTIA Pentest+ Certification

The following courses are recommended for further study.

• GK5867 - CompTIA CySA+ Cybersecurity Analyst

• GK2951 - CompTIA Advanced Security Practitioner (CASP+)
• GK5867 - CompTIA CySA+ Cybersecurity Analyst

PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.