CompTIA PenTest+ is a certification for intermediate skills level cybersecurity professionals who are tasked with hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is unique because our certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers.
What Will I Learn?
- Explain the importance of planning for an engagement
- Explain key legal concepts.
- Explain the importance of scoping an engagement properly.
- Explain the key aspects of compliance-based assessments.
- Conduct information gathering using appropriate techniques
- Perform a vulnerability scan.
- Analyse vulnerability scan results
- Explain the process of leveraging information to prepare for exploitation.
- Explain weaknesses related to specialised systems
- Compare and contrast social engineering attacks
- Exploit network-based vulnerabilities
- Exploit wireless and RF-based vulnerabilities
- Exploit application-based vulnerabilities
- Exploit local host vulnerabilities
- Summarise physical security attacks related to facilities
- Perform post-exploitation techniques
- Use Nmap to conduct information gathering exercises
- Compare and contrast various use cases of tools
- Analyse tool output or data related to a penetration test
- Analyse a basic script (limited to Bash, Python, Ruby, and PowerShell) Reporting and Communication
- Use report writing and handling best practices
- Explain post-report delivery activities
- Recommend mitigation strategies for discovered vulnerabilities
- Explain the importance of communication during the penetration testing process