Back

CompTIA PenTest+ (G015)


CompTIA PenTest+ is the most comprehensive cybersecurity exam covering all red team activities and is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.
PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks. The CompTIA PenTest+ certification exam will verify successful candidates have the knowledge and skills required to:

• Plan and scope a penetration testing engagement
• Understand legal and compliance requirements
• Perform vulnerability scanning and penetration testing using appropriate tools and
• techniques, and then analyze the results
• Produce a written report containing proposed remediation techniques, effectively
• communicate results to the management team, and provide practical recommendations

TARGET AUDIENCE:
• Penetration Tester
• Security Consultant
• Cloud Penetration Tester
• Web App Penetration Tester
• Cloud Security Specialist
• Network & Security Specialist

COURSE PREREQUISITES:
Attendees should meet the following prerequisites:

• Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
• Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.
• CompTIA Network + or CompTIA Security + or equivalent knowledge
• Hands-on information security experience

COURSE CONTENT:

Lesson 1: Scoping Organizational/Customer Requirements

Lesson 2: Defining the Rules of Engagement

Lesson 3: Footprinting and Gathering Intelligence

Lesson 4: Evaluating Human and Physical Vulnerabilities

Lesson 5: Preparing the Vulnerability Scan

Lesson 6: Scanning Logical Vulnerabilities

Lesson 7: Analyzing Scanning Results

Lesson 8: Avoiding Detection and Covering Tracks

Lesson 9: Exploiting the LAN and Cloud

Lesson 10: Testing Wireless Networks

Lesson 11: Targeting Mobile Devices

Lesson 12: Attacking Specialized Systems

Lesson 13: Web Application-Based Attacks

Lesson 14: Performing System Hacking

Lesson 15: Scripting and Software Development

Lesson 16: Leveraging the Attack: Pivot and Penetrate

Lesson 17: Communicating During the PenTesting Process

Lesson 18: Summarizing Report Components

Lesson 19: Recommending Remediation

Lesson 20: Performing Post-Report Delivery Activities

COURSE OBJECTIVE:
After completing this course you should be able to:

• Explain the importance of planning and key aspects of compliance-based assessments.
• Conduct information gathering exercises with various tools and analyse output and basic scripts (limited to: Bash, Python, Ruby, PowerShell).
• Gather information to prepare for exploitation then perform a vulnerability scan and analyse results.
• Utilise report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities.
• Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques.

FOLLOW ON COURSES:
The following courses are recommended for further study.

GK5867 – CompTIA CySA+ Cybersecurity Analyst

kr 38.000

-
+