CompTia Pen Skills Academy Group

CompTIA PenTest+ (PT0-002)

$549.00 $549.00

This course includes:

  • Free pre-assessment and first 2 lessons
  • 13+ Interactive Lessons | 401+ Exercises
  • Accessible on mobile and tablet too
  • Certificate of completion
Category: Tags: ,

About This Course

Our CompTIA Pentest+ PT0-002 study guide provides the foundational knowledge and practical insights every penetration tester needs to pass the exam, impress employers, and create a personalized portfolio. Learn how to perform vulnerability scans per the legal and regulatory requirements and produce written reports listing remediation strategies against cyber threats.

Skills You’ll Get

  • Define the engagement’s goals and limitations.
  • Understand legal and ethical considerations for penetration testing.
  • Conduct passive and active reconnaissance techniques to gather information about a target system.
  • Utilize tools like dig, nslookup, Maltego, and Recon-ng for information gathering.
  • Perform network enumeration using tools like Nmap and Zenmap.
  • Configure and execute vulnerability scans using tools like Nessus and OpenVAS.
  • Analyze and interpret vulnerability scan results to prioritize targets.
  • Develop a workflow for vulnerability remediation.
  • Conduct network attacks like ARP spoofing, XSS attacks, and DDoS attacks.
  • Exploit vulnerabilities in Windows services like RDP, SMB, and SMTP.
  • Perform social engineering attacks.
  • Exploit vulnerabilities in web applications like SQL injection and Cross-Site Request Forgery (CSRF).
  • Attack cloud technologies, mobile devices, IoT systems, and specialized systems.
  • Understand the role of scripting in penetration testing.
  • Learn basic scripting principles using Python and Bash shells.
  • Automate tasks and enhance penetration testing workflows using scripts.
  • Maintain persistence on compromised systems to conduct further exploration.
  • Communicate technical information to both technical and non-technical audiences.

Lesson Plan

Introduction

  • CompTIA
  • The PenTest+ Exam
  • What Does This Course Cover?
  • CompTIA PenTest+ Certification Exam Objectives
Penetration Testing
  • What Is Penetration Testing?
  • Reasons for Penetration Testing
  • Who Performs Penetration Tests?
  • The CompTIA Penetration Testing Process
  • The Cyber Kill Chain
  • Tools of the Trade
  • Summary
  • Exam Essentials
  • Lab Exercises
Planning and Scoping Penetration Tests
  • Scoping and Planning Engagements
  • Penetration Testing Standards and Methodologies
  • Key Legal Concepts for Penetration Tests
  • Regulatory Compliance Considerations
  • Summary
  • Exam Essentials
  • Lab Exercises
Information Gathering
  • Footprinting and Enumeration
  • Active Reconnaissance and Enumeration
  • Information Gathering and Defenses
  • Summary
  • Exam Essentials
  • Lab Exercises
Vulnerability Scanning
  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Software Security Testing
  • Developing a Remediation Workflow
  • Overcoming Barriers to Vulnerability Scanning
  • Summary
  • Exam Essentials
  • Lab Exercises
Analyzing Vulnerability Scans
  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Summary
  • Exam Essentials
  • Lab Exercises
Exploiting and Pivoting
  • Exploits and Attacks
  • Exploitation Toolkits
  • Exploit Specifics
  • Leveraging Exploits
  • Persistence and Evasion
  • Pivoting
  • Covering Your Tracks
  • Summary
  • Exam Essentials
  • Lab Exercises
Exploiting Network Vulnerabilities
  • Identifying Exploits
  • Conducting Network Exploits
  • Exploiting Windows Services
  • Identifying and Exploiting Common Services
  • Wireless Exploits
  • Summary
  • Exam Essentials
  • Lab Exercises
Exploiting Physical and Social Vulnerabilities
  • Physical Facility Penetration Testing
  • Social Engineering
  • Summary
  • Exam Essentials
  • Lab Exercises
Exploiting Application Vulnerabilities
  • Exploiting Injection Vulnerabilities
  • Exploiting Authentication Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Unsecure Coding Practices
  • Steganography
  • Application Testing Tools
  • Summary
  • Exam Essentials
  • Lab Exercises
Attacking Hosts, Cloud Technologies, and Specialized Systems
  • Attacking Hosts
  • Credential Attacks and Testing Tools
  • Remote Access
  • Attacking Virtual Machines and Containers
  • Attacking Cloud Technologies
  • Attacking Mobile Devices
  • Attacking IoT, ICS, Embedded Systems, and SCADA Devices
  • Attacking Data Storage
  • Summary
  • Exam Essentials
  • Lab Exercises
Reporting and Communication
  • The Importance of Communication
  • Recommending Mitigation Strategies
  • Writing a Penetration Testing Report
  • Wrapping Up the Engagement
  • Summary
  • Exam Essentials
  • Lab Exercises
Scripting for Penetration Testing
  • Scripting and Penetration Testing
  • Variables, Arrays, and Substitutions
  • Comparison Operations
  • String Operations
  • Flow Control
  • Input and Output (I/O)
  • Error Handling
  • Advanced Data Structures
  • Reusing Code
  • The Role of Coding in Penetration Testing
  • Summary
  • Exam Essentials
  • Lab Exercises

Hands-on LAB Activities

Information Gathering
  • Using dig and nslookup Commands
  • Performing Zone Transfer Using dig
  • Using Maltego to Gather Information
  • Using Recon-ng to Gather Information
  • Using Nmap for Network Enumeration
  • Performing Reconnaissance on a Network
  • Performing a Scan in Zenmap
  • Using Nmap for User Enumeration
  • Performing a UDP Scan Using Nmap
  • Performing Nmap SYN Scan
Vulnerability Scanning
  • Conducting Vulnerability Scanning Using Nessus
Analyzing Vulnerability Scans
  • Understanding Local Privilege Escalation
Exploiting and Pivoting
  • Performing Vulnerability Scanning Using OpenVAS
  • Searching Exploits Using searchsploit
  • Using Meterpreter to Display the System Information
  • Using the Task Scheduler
  • Understanding the Pass-the-hash Attack
  • Using the Metasploit RDP Post-Exploitation Module
Exploiting Network Vulnerabilities
  • Performing ARP Spoofing
  • Conducting a Cross Site Scripting (XXS) attack
  • Capturing Network Packets Using tcpdump
  • Simulating the DDoS Attack
  • Using the EternalBlue Exploit in Metasploit
  • Exploiting SMB
  • Exploiting SMTP
  • Exploiting SNMP
Exploiting Physical and Social Vulnerabilities
  • Using SET Tool to Plan an Attack
  • Using BeEF
Exploiting Application Vulnerabilities
  • Exploiting Command Injection Vulnerabilities
  • Exploiting a Website Using SQL Injection
  • Conducting a Cross-Site Request Forgery Attack
  • Hiding Text Using Steganography
  • Using OWASP ZAP
  • Performing Session Hijacking Using Burp Suite
Attacking Hosts, Cloud Technologies, and Specialized Systems
  • Cracking Passwords
  • Cracking a Linux Password Using John the Ripper
  • Creating Reverse and Bind Shells Using Netcat
Scripting for Penetration Testing
  • Whitelisting an IP Address in the Windows Firewall
  • Viewing Exploits Written in Perl
  • Viewing the Effects of Hostile JavaScript in the Browser
  • Finding Live Hosts by Using the Ping Sweep in Python
  • Writing Bash Shell Script

Related products

Get In Touch

Looking For More Information

Contact us today to discuss which professional development solution meets your needs.

Contact Us
CompTia Pen Skills Academy Group
CompTIA PenTest+ (PT0-002)
$549.00 $549.00
-
+
Add to Cart