CompTIA Pentest +

About this course

The Official CompTIA PenTest+ Instructor and Student Guides (PT0-002) have been developed by CompTIA for the CompTIA PenTest+ candidate.Rigorously evaluated to validate coverage of the CompTIA PenTest+ (PT0-002) exam objectives, The Official CompTIA PenTest+ Instructor and Student Guides teach the knowledge and skills to understand how to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques and prepare candidates to take the CompTIA PenTest+ certification exam.

New Features

• Content Updates for the CompTIA PenTest+ (PT0-002) ExamThe courseware has expanded the number of lessons and topics than the previous version of the course with the aim of restricting the size of each topic to no more than ten subject headings. By creating smaller chunks of reading, learners have an easier time reading and recalling the material. Learners are also presented with more opportunities to interact with the content and answer questions based on the reading.
• Easily Implemented in Classroom Environments The content and resources have been reworked to make them more flexible to suit a variety of classroom formats, whether there are 5 days or 16 weeks to teach the material, or something in between:
• Lengthy on-premises Lab Activities that require organizations to setup and maintain equipment have been removed from the eBook. Instead, graded labs (CertMaster Labs) are available hosted on the Learn on Demand Systems platform. These modular labs require only a modern browser and internet connection, saving organizations hours of setup time. Their short durations of 10-30 minutes allow for labs to be more easily integrated in coursework. As a result, instructors will no longer see the setup guide in the Instructor Resources.
• Reworked Presentation Tools: The PowerPoint lecture slides have been enhanced with support notes. In addition, the presentations planner has been created as a separate document and includes information on labs, topics and PBQs to make it easier for instructors to plan lectures and use classroom time effectively.
• Alignment and Consistency Across Book, Labs and Assessment The book, labs and assessment all work together with a similar approach and voice ensuring that instructors and students have a cohesive “single-sourced” solution for their PenTest+ courses. The presentation of course topics is supplemented with regular opportunities for hands-on labs, which are delivered via CertMaster Labs. Each lesson has exam-style multiple choice assessments, available via the CompTIA Learning Center. There is also a final assessment synthesizing concepts from all lessons.
• Engaging Video Program Videos embedded within the lessons complement the instructional content by presenting real-world cybersecurity scenarios from experts experience. The videos help provide context of how the concepts learned in the course will be applied on-the-job.
• Robust Assessment Practice questions for each lesson and a final assessment covering all Lessons, more than 300 questions in total,are available in the CompTIA Learning Center to help students practice and demonstrate what they have learned.

COURSE OVERVIEW

PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and
management skills necessary to determine the resiliency of the network against attacks.

No prerequisites

Lesson 1: Scoping Organizational/Customer Requirements

• Define Organizational PenTesting
• Acknowledge Compliance Requirements
• Compare Standards and Methodologies
• Describe Ways to Maintain Professionalism

Lesson 2: Defining the Rules of Engagement

• Assess Environmental Considerations
• Outline the Rules of Engagement
• Prepare Legal Documents

Lesson 3: Footprinting and Gathering Intelligence

• Discover the Target
• Gather Essential Data
• Compile Website Information
• Discover Open-Source Intelligence Tools

Lesson 4: Evaluating Human and Physical Vulnerabilities

• Exploit the Human Psyche
• Summarize Physical Attacks
• Use Tools to Launch a Social Engineering Attack

Lesson 5: Preparing the Vulnerability Scan

• Plan the Vulnerability Scan
• Detect Defenses
• Utilize Scanning Tools

Lesson 6: Scanning Logical Vulnerabilities

• Scan Identified Targets
• Evaluate Network Traffic
• Uncover Wireless Assets

Lesson 7: Analyzing Scanning Results

• Discover Nmap and NSE
• Enumerate Network Hosts
• Analyze Output from Scans

Lesson 8: Avoiding Detection and Covering Tracks

• Evade Detection
• Use Steganography to Hide and Conceal
• Establish a Covert Channel

Lesson 9: Exploiting the LAN and Cloud

• Enumerating Hosts
• Attack LAN Protocols
• Compare Exploit Tools
• Discover Cloud Vulnerabilities
• Explore Cloud-Based Attacks

Lesson 10: Testing Wireless Networks

• Discover Wireless Attacks
• Explore Wireless Tools

Lesson 11: Targeting Mobile Devices

• Recognize Mobile Device Vulnerabilities
• Launch Attacks on Mobile Devices
• Outline Assessment Tools for Mobile Devices

Lesson 12: Attacking Specialized Systems

• Identify Attacks on the IoT
• Recognize Other Vulnerable Systems
• Explain Virtual Machine Vulnerabilities

Lesson 13: Web Application-Based Attacks

• Recognize Web Vulnerabilities
• Launch Session Attacks
• Plan Injection Attacks
• Identify Tools

Lesson 14: Performing System Hacking

• System Hacking
• Use Remote Access Tools
• Analyze Exploit Code

Lesson 15: Scripting and Software Development

• Analyzing Scripts and Code Samples
• Create Logic Constructs
• Automate Penetration Testing

Lesson 16: Leveraging the Attack: Pivot and Penetrate

• Test Credentials
• Move Throughout the System
• Maintain Persistence

Lesson 17: Communicating During the PenTesting Process

• Define the Communication Path
• Communication Triggers
• Use Built-In Tools for Reporting

Lesson 18: Summarizing Report Components

• Identify Report Audience
• List Report Contents
• Define Best Practices for Reports

Lesson 19: Recommending Remediation

• Employ Technical Controls
• Administrative and Operational Controls
• Physical Controls

Lesson 20: Performing Post-Report Delivery Activities

• Post-Engagement Cleanup