Five Days • Instructor-led
CompTIA PenTest+ is a vendor-neutral cybersecurity certification that verifies competency in the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results. Key job roles include Penetration and/or Vulnerability Tester, Security Analyst (II), Vulnerability Assessment Analyst, Network Security Operations and Application Security Vulnerability.
About the exam
This exam is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course.
Course Outline
Lesson 1: Planning and Scoping Penetration Tests
- Introduction to Penetration Testing Concepts
- Plan a Pen Test Engagement
- Scope and Negotiate a Pen Test Engagement
- Prepare for a Pen Test Engagement
Lesson 2: Conducting Passive Reconnaissance
- Gather Background Information
- Prepare Background Findings for Next Steps
Lesson 3: Performing Non-Technical Tests
- Perform Social Engineering Tests
- Perform Physical Security Tests on Facilities
Lesson 4: Conducting Active Reconnaissance
- Scan Networks
- Enumerate Targets
- Scan for Vulnerabilities
- Analyze Basic Scripts
Lesson 5: Analyzing Vulnerabilities
- Analyze Vulnerability Scan Results
- Leverage Information to Prepare for Exploitation
Lesson 6: Penetrating Networks
- Exploit Network-Based Vulnerabilities
- Exploit Wireless and RF-Based Vulnerabilities
- Exploit Specialized Systems
Lesson 7: Exploiting Host-Based Vulnerabilities
- Exploit Windows-Based Vulnerabilities
- Exploit *Nix-Based Vulnerabilities
Lesson 8: Testing Applications
- Exploit Web Application Vulnerabilities
- Test Source Code and Compiled Apps
Lesson 9: Completing Post-Exploit Tasks
- Use Lateral Movement Techniques
- Use Persistence Techniques
- Use Anti-Forensics Techniques
Lesson 10: Analyzing and Reporting Pen Test Results
- Analyze Pen Test Data
- Develop Recommendations for Mitigation Strategies
- Write and Handle Reports
- Conduct Post-Report-Delivery Activities