CompTIA PenTest+

Course Fee:

Related Course
Durations: 5 Days

CompTIA PenTest+

Course Overview:

Security remains one of the hottest topics in IT and other industries. It seems that each week brings news of some new breach of privacy or security. As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.

This course will also prepare you for the CompTIA PenTest+ certification exam PT0-002.

Course Objectives:

  • Plan and scope penetration tests.
  • Conduct passive reconnaissance.
  • Perform non-technical tests to gather information.
  • Conductive active reconnaissance.
  • Analyze vulnerabilities.
  • Penetrate networks.
  • Exploit host-based vulnerabilities.
  • Test applications.
  • Complete post-exploit tasks.
  • Analyze and report pen test results.

Who Should Attend?

This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course. This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-002, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management.

Course Prerequisites

There are no prerequisites for this course.

Course Content:

Module 1 – Scoping Organizational/Customer Requirements
Define Organizational PenTesting
Acknowledge Compliance Requirements
Compare Standards and Methodologies
Describe Ways to Maintain Professionalism

Module 2 – Defining the Rules of Engagement
Assess Environmental Considerations
Outline the Rules of Engagement
Prepare Legal Documents

Module 3 – Footprinting and Gathering Intelligence
Discover the Target
Gather Essential Data
Compile Website Information
Discover Open-Source Intelligence Tool

Module 4 – Evaluating Human and Physical Vulnerabilities
Exploit the Human Psyche
Summarize Physical Attacks
Use Tools to Launch a Social Engineering Attack

Module 5 – Preparing the Vulnerability Scan
Plan the Vulnerability Scan
Detect Defenses
Utilize Scanning Tools

Module 6 – Scanning Logical Vulnerabilities
Scan Identified Targets
Evaluate Network Traffic
Uncover Wireless Assets

Module 7 – Analyzing Scanning Results
Discover Nmap and NSE
Enumerate Network Hosts
Analyze Output from Scans

Module 8 – Avoiding Detection and Covering Tracks
Evade Detection
Use Steganography to Hide and Conceal
Establish a Covert Channel

Module 9 – Exploiting the LAN and Cloud
Enumerating Hosts
Attack LAN Protocols
Compare Exploit Tools
Discover Cloud Vulnerabilities
Explore Cloud-Based Attack

Module 10 – Testing Wireless Networks
Discover Wireless Attacks
Explore Wireless Tools

Module 11 – Targeting Mobile Devices
Recognize Mobile Device Vulnerabilities
Launch Attacks on Mobile Devices
Outline Assessment Tools for Mobile Devices

Module 12 – Attacking Specialized Systems
Identify Attacks on the IoT
Recognize Other Vulnerable Systems
Explain Virtual Machine Vulnerabilities

Module 13 – Web Application-Based Attacks
Recognize Web Vulnerabilities
Launch Session Attacks
Plan Injection Attacks
Identify Tools

Module 14 – Performing System Hacking
System Hacking
Use Remote Access Tools
Analyze Exploit Code

Module 15 – Scripting and Software Development
Analyzing Scripts and Code Samples
Create Logic Constructs
Automate Penetration Testing

Module 16 – Leveraging the Attack: Pivot and Penetrate
Test Credentials
Move Throughout the System
Maintain Persistence

Module 17 – Communicating During the PenTesting Process
Define the Communication Path
Communication Triggers
Use Built-In Tools for Reporting

Module 18 – Summarizing Report Components
Identify Report Audience
List Report Contents
Define Best Practices for Reports

Module 19 – Recommending Remediationc
Employ Technical Controls
Administrative and Operational Controls
Physical Controls

Module 20 – Performing Post-Report Delivery Activities
Post-Engagement Cleanup
Follow-Up Actions

Related Course

What Hands-On learning experience can we assist you today?

Please tick here if you agree to receive updates about the latest news & offers which we feel may be of interest to you. We will process your data in accordance with our Privacy Policy. You may withdraw this consent at any time. We never sell or distribute your data.