CompTIA Penetration Testing (PenTest+) Course

Course Duration: 5 days

Duration (Hrs) 40 Hours/Hours

Category: IT

Course Mentor: Engineering Science Institute for Training

Overview

  • In this course, you will learn the latest pen testing techniques, attack surfaces, vulnerability management, post-delivery, and compliance tasks. The CompTIA PenTest+ certification is a vendor-neutral, internationally targeted validation of intermediate-level penetration testing (or pen testing) knowledge and skills.
  • The skills covered by CompTIA PenTest+ help companies comply with regulations, such as PCI-DSS and NIST 800-53 Risk Management Framework (RMF), which require pen tests, vulnerability assessments, and reports. CompTIA PenTest+ is approved under the Department of Defense (DoD) Directive 8140/8570.01-M and under ANSI/ISO standard 17024.

Benefits

  • Planning and scoping a penetration testing engagement
  • Understanding legal and compliance requirements
  • Performing vulnerability scanning and penetration testing using appropriate tools and techniques, and then analyzing the results
  • Producing a written report containing proposed remediation techniques, effectively communicating results to the management team, and providing practical recommendations

The Main Topic of the Course

  • Module 1: Planning and Scoping
  • Module 2: Information Gathering and Vulnerability Scanning
  • Module 3: Attacks and Exploits
  • Module 4: Reporting and Communication
  • Module 5: Tools and Code Analysis

Course Requirements

  • 3-4 years of hands-on information security or related experience
  • Network+, Security+, or equivalent knowledge

LAB Requirement

  • It is recommended to have LAB in this course

Exam requirements

  • There are no specific prerequisites required to attend the Exam

Course Outlines and Training Plan

Module 1: Planning and Scoping

  • Compare and contrast governance, risk, and compliance concepts.
  • Explain the importance of scoping and organizational/customer requirements.
  • Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity

Module 2: Information Gathering and Vulnerability Scanning

  • Given a scenario, perform passive reconnaissance
  • Given a scenario, perform active reconnaissance
  • Given a scenario, analyze the results of a reconnaissance exercise
  • Given a scenario, perform vulnerability scanning

Module 3: Attacks and Exploits

  • Given a scenario, research attack vectors and perform network attacks.
  • Given a scenario, research attack vectors and perform wireless attacks.
  • Given a scenario, research attack vectors and perform application-based attacks
  • Given a scenario, research attack vectors and perform attacks on cloud technologies.
  • Explain common attacks and vulnerabilities against specialized systems
  • Given a scenario, perform a social engineering or physical attack.
  • Given a scenario, perform post-exploitation techniques.

Module 4: Reporting and Communication

  • Compare and contrast important components of written reports.
  • Given a scenario, analyze the findings and recommend the appropriate remediation within a report.
  • Explain the importance of communication during the penetration testing process.
  • Explain post-report delivery activities.

Module 5: Tools and Code Analysis

  • Explain the basic concepts of scripting and software development
  • Given a scenario, analyze a script or code sample for use in a penetration test.
  • Explain the use cases of the following tools during the phases of a penetration test.

The number must start with 966 without the (+) sign.

You cannot copy content of this page