CT-PENTEST+ - CompTIA® PenTest+

CompTIA PenTest+ is a penetration testing certification for cybersecurity professionals tasked with penetration testing and vulnerability assessment and management and is an intermediate-skills level cybersecurity certification that focuses on offensive skills through pen testing and vulnerability assessment. Cybersecurity professionals with CompTIA PenTest+ know how plan, scope, and manage weaknesses, not just exploit them.

This CompTIA Penetration testing course focuses on offense through penetration testing and vulnerability assessment. It involves launching attacks on systems, discovering the vulnerabilities and managing them. In this CompTIA PenTest+ (PT0-002) course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.

Duration: 5.0 days

Enquire Now

Schedule

Singapore | 10 Jun 2024 - 14 Jun 2024 Singapore
Virtual ILT | 10 Jun 2024 - 14 Jun 2024 Singapore

Start learning today!

Click Hereto customize your Training

Objectives

CompTIA PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks. The CompTIA PenTest+ certification exam will verify successful candidates have the knowledge and skills required to:

  • Plan and scope penetration tests.
  • Conduct passive reconnaissance.
  • Perform non-technical tests to gather information.
  • Conduct active reconnaissance.
  • Analyze vulnerabilities.
  • Penetrate networks.
  • Exploit host-based vulnerabilities.
  • Test applications.
  • Complete post-exploit tasks.
  • Analyze and report pen test results.

Content

Module 1: Scoping Organizational/Customer Requirements

  • Topic 1A: Define Organizational PenTesting
  • Topic 1B: Acknowledge Compliance Requirements
  • Topic 1C: Compare Standards and Methodologies
  • Topic 1D: Describe Ways to Maintain Professionalism

Module 2: Defining the Rules of Engagement

  • Topic 2A: Assess Environmental Considerations
  • Topic 2B: Outline the Rules of Engagement
  • Topic 2C: Prepare Legal Documents

Module 3: Footprinting and Gathering Intelligence

  • Topic 3A: Discover the Target
  • Topic 3B: Gather Essential Data
  • Topic 3C: Compile Website Information
  • Topic 3D: Discover Open-Source Intelligence Tools

Module 4: Evaluating Human and Physical Vulnerabilities

  • Topic 4A: Exploit the Human Psyche
  • Topic 4B: Summarize Physical Attacks
  • Topic 4C: Use Tools to Launch a Social Engineering Attack

Module 5: Preparing the Vulnerability Scan

  • Topic 5A: Plan the Vulnerability Scan
  • Topic 5B: Detect Defenses
  • Topic 5C: Utilize Scanning Tools

Module 6: Scanning Logical Vulnerabilities

  • Topic 6A: Scan Identified Targets
  • Topic 6B: Evaluate Network Traffic
  • Topic 6C: Uncover Wireless Assets

Module 7: Analyzing Scanning Results

  • Topic 7A: Discover Nmap and NSE
  • Topic 7B: Enumerate Network Hosts
  • Topic 7C: Analyze Output from Scans

Module 8: Avoiding Detection and Covering Tracks

  • Topic 8A: Evade Detection
  • Topic 8B: Use Steganography to Hide and Conceal
  • Topic 8C: Establish a Covert Channel

Module 9: Exploiting the LAN and Cloud

  • Topic 9A: Enumerating Hosts
  • Topic 9B: Attack LAN Protocols
  • Topic 9C: Compare Exploit Tools
  • Topic 9D: Discover Cloud Vulnerabilities
  • Topic 9E: Explore Cloud-Based Attacks

Module 10: Testing Wireless Networks

  • Topic 10A: Discover Wireless Attacks
  • Topic 10B: Explore Wireless Tools

Module 11: Targeting Mobile Devices

  • Topic 11A: Recognize Mobile Device Vulnerabilities
  • Topic 11B: Launch Attacks on Mobile Devices
  • Topic 11C: Outline Assessment Tools for Mobile Devices

Module 12: Attacking Specialized Systems

  • Topic 12A: Identify Attacks on the IoT
  • Topic 12B: Recognize Other Vulnerable Systems
  • Topic 12C: Explain Virtual Machine Vulnerabilities

Module 13: Web Application-Based Attacks

  • Topic 13A: Recognize Web Vulnerabilities
  • Topic 13B: Launch Session Attacks
  • Topic 13C: Plan Injection Attacks
  • Topic 13D: Identify Tools

Module 14: Performing System Hacking

  • Topic 14A: System Hacking
  • Topic 14B: Use Remote Access Tools
  • Topic 14C: Analyze Exploit Code

Module 15: Scripting and Software Development

  • Topic 15A: Analyzing Scripts and Code Samples
  • Topic 15B: Create Logic Constructs
  • Topic 15C: Automate Penetration Testing

Module 16: : Leveraging the Attack: Pivot and Penetrate

  • Topic 16A: Test Credentials
  • Topic 16B: Move Throughout the System
  • Topic 16C: Maintain Persistence

Module 17: Communicating During the PenTesting Process

  • Topic 17A: Define the Communication Path
  • Topic 17B: Communication Triggers
  • Topic 17C: Use Built-In Tools for Reporting

Module 18: Summarizing Report Components

  • Topic 18A: Identify Report Audience
  • Topic 18B: List Report Contents
  • Topic 18C: Define Best Practices for Reports

Module 19: Recommending Remediation

  • Topic 19A: Employ Technical Controls
  • Topic 19B: Administrative and Operational Controls
  • Topic 19C: Physical Controls

Module 20: Performing Post-Report Delivery Activities

  • Topic 20A: Post-Engagement Cleanup
  • Topic 20B: Follow-Up Actions

Audience

This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course.

This official CompTIA certification course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-002, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management.

Prerequisites

To ensure your success in this course, you should have:

  • Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
  • Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.

You can obtain this level of skills and knowledge by taking the CompTIA Security+ (Exam SY0-501) course or by obtaining the appropriate industry certification.

Certification

product-certification

This course can also assist you if you are pursuing the CompTIA PenTest+ certification, as tested in exam PT0-002. The course is designed to provide content and activities that correlate to the exam objectives, and therefore can be a resource as you prepare for the examination. 

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges
Enquire Now
 
 
 
 
EBo1nL
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy