PenTest+ (PT0-002)

Course Summary

CompTIA PenTest+ course prepares you for the PT0-002 exam by preparing you to complete a penetration testing engagement. This course demonstrates how to plan and a scope a testing engagements. Mitigating security weaknesses and vulnerabilities as well as how to exploit them will also be discussed. The goal of this course is to provide you with all the tools you need to prepare for the CompTIA PenTest+ PT0-002 exam — including text explanations, video demos, lab activities, self-assessment questions, and a practice exam— to increase your chances of passing the exam on your first try.

Methodology:

180-day access to:

  • Lessons
  • Video learning
  • MeasureUp Practice Test for CompTIA PenTest+ (PT0-002). Practice Mode with remediation and Certification mode to simulate the test day experience.

Duration:

3 days of training

Audience:

Designed for those who have a beginner cybersecurity certification and want to specialize in security penetration testing (ethical hacking).

Prerequisites:

  • CompTIA Security + certification (recommended).
  • CompTIA Network+ (recommended).
  • 3-4 years in information security or related experience.

Course Outcome:

Upon successful completion of this course, students should be able to:

  • Plan and scope based on customer requirements.
  • Gather information and complete vulnerability scanning.
  • Understand attacks and exploits on the system.
  • Describe how to report and communicate exploitations.
  • Explain use cases for different tools and how to complete a code analysis.

Course Outline:

Lesson 1: Introduction to Ethical Hacking and Penetration Testing

  • Understanding Ethical Hacking and Penetration Testing
  • Exploring Penetration Testing Methodologies
  • Building Your Own Lab 
  • Summary
  • Case Study
  • Quiz

Lesson 2: Planning and Scoping a Penetration Testing Assessment

  • Comparing and Contrasting Governance, Risk, and Compliance Concepts
  • Explain the Importance of Scoping and Organizational or Customer Requirements 
  • Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity
  • Summary
  • Case Study
  • Quiz

Lesson 3: Design and implement routing

  • Performing Passive Reconnaissance
  • Performing Active Reconnaissance
  • Understanding the Art of Performing Vulnerability Scans
  • Understanding How to Analyze Vulnerability Scan Results
  • Summary
  • Case Study
  • Quiz

Lesson 4: Social Engineering Attacks

  • Pretexting for an approach and Impersonation
  • Social Engineering Attacks
  • Physical Attacks
  • Social Engineering Tools
  • Methods of Influence
  • Summary
  • Case Study
  • Quiz

Lesson 5: Exploiting Wired and Wireless Networks

  • Exploiting Network-Based Vulnerabilities
  • Exploiting Wireless Vulnerabilities
  • Summary
  • Case Study
  • Quiz

Lesson 6: Exploiting Application-Based Vulnerabilities

  • Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10
  • How to Build Your Own Web Application Labs 
  • Understanding Business Logic Flaws 
  • Understanding Injectionp0Based Vulnerabilities
  • Exploiting Authentication-Based Vulnerabilities
  • Exploiting Authorization-Based Vulnerabilities
  • Understanding Cross-Site Scription (XSS) Vulnerabilities
  • Understanding Cross-Site Request Forgery (CSRF/XSR) and Server-Side Request
  • Understanding Clickjacking
  • Exploiting Security Misconfigurations
  • Exploiting File Inclusion Vulnerabilities
  • Exploiting Insecure Code Practices

Lesson 7: Cloud, Mobile, and IoT Security

  • Researching Attack Vectors and Performing Attacks on Cloud Technologies
  • Explaining Common Attacks and Vulnerabilities Against Specialized Systems

Lesson 8: Performing Post-Exploitation Techniques

  • Creating a Foothold and Maintaining Persistence After Compromising a System 
  • Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration

Lesson 9: Reporting and Communication 

  • Comparing and Contrasting Important Components of Written Reports
  • Analyzing the Findings and Recommending the Appropriate Remediation Within a Report
  • Explaining the Importance of Communication During the Penetration Testing Process 
  • Explaining Post – Report Delivery Activities 

Lesson 10 Tools and Code Analysis 

  • Understanding the Basic Concepts of Scripting and Software Development
  • Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code