Self-Study | In-Person
CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management.
$795.00 – $1,995.00
Why is it different?
- CompTIA PenTest+ is the most comprehensive exam covering all penetration testing stages. Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.
- PenTest+ is the only exam on the market to include all aspects of vulnerability management. It not only covers hands-on vulnerability assessment, scanning, and analysis, but also includes planning, scoping, and managing weaknesses, not just exploiting them.
- PenTest+ is the most current penetration testing exam covering the latest techniques against expanded attack surfaces. It is a unique exam that requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT), and traditional on-premises.
Self-Study or In-Person
The CompTIA Network+, Security+ Certification (or equivalent knowledge).
Minimum of 3 years of hands-on information security or related experience. While it is not a required prerequisite, PenTest+ is intended to follow CompTIA Security+.
About the exam
PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks. The CompTIA PenTest+ certification exam will verify successful candidates have the knowledge and skills required to:
- Plan and scope a penetration testing engagement
- Understand legal and compliance requirements
- Perform vulnerability scanning and penetration testing using appropriate tools and techniques, and then analyze the results
- Produce a written report containing proposed remediation techniques, effectively communicate results to the management team, and provide practical recommendations
PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
Planning and Scoping
- Includes updated techniques emphasizing governance, risk, and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset.
Information Gathering and Vulnerability Scanning
- Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise.
Attacks and Exploits
- Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques.
Reporting and Communication
- Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report.
Tools and Code Analysis
- Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test. It is important to note that no scripting and coding is required.
- Module 1 Scoping Organizational/Customer Requirements
- Module 2 Defining the Rules of Engagement
- Module 3 Footprinting and Gathering Intelligence
- Module 4 Evaluating Human and Physical Vulnerabilities
- Module 5 Preparing the Vulnerability Scan
- Module 6 Scanning Logical Vulnerabilities
- Module 7 Analyzing Scanning Results
- Module 8 Avoiding Detection and Covering Tracks
- Module 9 Exploiting the LAN and Cloud
- Module 10 Testing Wireless Networks
- Module 11 Targeting Mobile Devices
- Module 12 Attacking Specialized Systems
- Module 13 Web Application-Based Attacks
- Module 14 Performing System Hacking
- Module 15 Scripting and Software Development
- Module 16 Leveraging the Attack: Pivot and Penetrate
- Module 17 Communicating During the PenTesting Process
- Module 18 Summarizing Report Components
- Module 19 Recommending Remediation
- Module 20 Performing Post-Report Delivery Activities
9831 Greenbelt Road, Suite 311
Lanham, MD 20706