CompTIA PenTest+ Cert Guide (PT0-002)
CompTIA PT0-002.AB1
CompTIA PenTest+ Cert Guide (PT0-002)
ISBN: 978-1-64459-340-0CompTIA PT0-002.AB1
CompTIA PenTest+ (PT0-002)
Buy our CompTIA Pentest+ training course to develop strong penetration testing skills and pass the PT0-002 exam to become a certified ethical hacker.
(PT0-002.AE1) / ISBN : 978-1-64459-375-2This course includes
Lessons
TestPrep
Hands-On Labs
Instructor Led (Add-on)
AI Tutor (Add-on)
About This Course
Our CompTIA Pentest+ PT0-002 study guide provides the foundational knowledge and practical insights every penetration tester needs to pass the exam, impress employers, and create a personalized portfolio. Learn how to perform vulnerability scans per the legal and regulatory requirements and produce written reports listing remediation strategies against cyber threats.
Skills You’ll Get
- Define the engagement's goals and limitations.
- Understand legal and ethical considerations for penetration testing.
- Conduct passive and active reconnaissance techniques to gather information about a target system.
- Utilize tools like dig, nslookup, Maltego, and Recon-ng for information gathering.
- Perform network enumeration using tools like Nmap and Zenmap.
- Configure and execute vulnerability scans using tools like Nessus and OpenVAS.
- Analyze and interpret vulnerability scan results to prioritize targets.
- Develop a workflow for vulnerability remediation.
- Conduct network attacks like ARP spoofing, XSS attacks, and DDoS attacks.
- Exploit vulnerabilities in Windows services like RDP, SMB, and SMTP.
- Perform social engineering attacks.
- Exploit vulnerabilities in web applications like SQL injection and Cross-Site Request Forgery (CSRF).
- Attack cloud technologies, mobile devices, IoT systems, and specialized systems.
- Understand the role of scripting in penetration testing.
- Learn basic scripting principles using Python and Bash shells.
- Automate tasks and enhance penetration testing workflows using scripts.
- Maintain persistence on compromised systems to conduct further exploration.
- Communicate technical information to both technical and non-technical audiences.
Get the support you need. Enroll in our Instructor-Led Course.
Lessons
13+ Lessons | 401+ Exercises | 232+ Quizzes | 571+ Flashcards | 457+ Glossary of terms
TestPrep
80+ Pre Assessment Questions | 2+ Full Length Tests | 80+ Post Assessment Questions | 160+ Practice Test Questions
Hands-On Labs
42+ LiveLab | 40+ Video tutorials | 01:48+ Hours
1
Introduction
- CompTIA
- The PenTest+ Exam
- What Does This Course Cover?
- CompTIA PenTest+ Certification Exam Objectives
2
Penetration Testing
- What Is Penetration Testing?
- Reasons for Penetration Testing
- Who Performs Penetration Tests?
- The CompTIA Penetration Testing Process
- The Cyber Kill Chain
- Tools of the Trade
- Summary
- Exam Essentials
- Lab Exercises
3
Planning and Scoping Penetration Tests
- Scoping and Planning Engagements
- Penetration Testing Standards and Methodologies
- Key Legal Concepts for Penetration Tests
- Regulatory Compliance Considerations
- Summary
- Exam Essentials
- Lab Exercises
4
Information Gathering
- Footprinting and Enumeration
- Active Reconnaissance and Enumeration
- Information Gathering and Defenses
- Summary
- Exam Essentials
- Lab Exercises
5
Vulnerability Scanning
- Identifying Vulnerability Management Requirements
- Configuring and Executing Vulnerability Scans
- Software Security Testing
- Developing a Remediation Workflow
- Overcoming Barriers to Vulnerability Scanning
- Summary
- Exam Essentials
- Lab Exercises
6
Analyzing Vulnerability Scans
- Reviewing and Interpreting Scan Reports
- Validating Scan Results
- Common Vulnerabilities
- Summary
- Exam Essentials
- Lab Exercises
7
Exploiting and Pivoting
- Exploits and Attacks
- Exploitation Toolkits
- Exploit Specifics
- Leveraging Exploits
- Persistence and Evasion
- Pivoting
- Covering Your Tracks
- Summary
- Exam Essentials
- Lab Exercises
8
Exploiting Network Vulnerabilities
- Identifying Exploits
- Conducting Network Exploits
- Exploiting Windows Services
- Identifying and Exploiting Common Services
- Wireless Exploits
- Summary
- Exam Essentials
- Lab Exercises
9
Exploiting Physical and Social Vulnerabilities
- Physical Facility Penetration Testing
- Social Engineering
- Summary
- Exam Essentials
- Lab Exercises
10
Exploiting Application Vulnerabilities
- Exploiting Injection Vulnerabilities
- Exploiting Authentication Vulnerabilities
- Exploiting Authorization Vulnerabilities
- Exploiting Web Application Vulnerabilities
- Unsecure Coding Practices
- Steganography
- Application Testing Tools
- Summary
- Exam Essentials
- Lab Exercises
11
Attacking Hosts, Cloud Technologies, and Specialized Systems
- Attacking Hosts
- Credential Attacks and Testing Tools
- Remote Access
- Attacking Virtual Machines and Containers
- Attacking Cloud Technologies
- Attacking Mobile Devices
- Attacking IoT, ICS, Embedded Systems, and SCADA Devices
- Attacking Data Storage
- Summary
- Exam Essentials
- Lab Exercises
12
Reporting and Communication
- The Importance of Communication
- Recommending Mitigation Strategies
- Writing a Penetration Testing Report
- Wrapping Up the Engagement
- Summary
- Exam Essentials
- Lab Exercises
13
Scripting for Penetration Testing
- Scripting and Penetration Testing
- Variables, Arrays, and Substitutions
- Comparison Operations
- String Operations
- Flow Control
- Input and Output (I/O)
- Error Handling
- Advanced Data Structures
- Reusing Code
- The Role of Coding in Penetration Testing
- Summary
- Exam Essentials
- Lab Exercises
3
Information Gathering
- Using dig and nslookup Commands
- Performing Zone Transfer Using dig
- Using Maltego to Gather Information
- Using Recon-ng to Gather Information
- Using Nmap for Network Enumeration
- Performing Reconnaissance on a Network
- Performing an Intense Scan in Zenmap
- Using Nmap for User Enumeration
- Performing a UDP Scan Using Nmap
- Performing Nmap SYN Scan
4
Vulnerability Scanning
- Conducting Vulnerability Scanning Using Nessus
5
Analyzing Vulnerability Scans
- Understanding Local Privilege Escalation
6
Exploiting and Pivoting
- Performing Vulnerability Scanning Using OpenVAS
- Searching Exploits Using searchsploit
- Using Meterpreter to Display the System Information
- Using the Task Scheduler
- Understanding the Pass-the-hash Attack
- Using the Metasploit RDP Post-Exploitation Module
7
Exploiting Network Vulnerabilities
- Performing ARP Spoofing
- Conducting a Cross Site Scripting (XXS) attack
- Capturing Network Packets Using tcpdump
- Simulating the DDoS Attack
- Using the EternalBlue Exploit in Metasploit
- Exploiting SMB
- Exploiting SMTP
- Exploiting SNMP
8
Exploiting Physical and Social Vulnerabilities
- Using SET Tool to Plan an Attack
- Using BeEF
9
Exploiting Application Vulnerabilities
- Exploiting Command Injection Vulnerabilities
- Exploiting a Website Using SQL Injection
- Conducting a Cross-Site Request Forgery Attack
- Hiding Text Using Steganography
- Using OWASP ZAP
- Performing Session Hijacking Using Burp Suite
10
Attacking Hosts, Cloud Technologies, and Specialized Systems
- Cracking Passwords
- Cracking a Linux Password Using John the Ripper
- Creating Reverse and Bind Shells Using Netcat
12
Scripting for Penetration Testing
- Whitelisting an IP Address in the Windows Firewall
- Viewing Exploits Written in Perl
- Viewing the Effects of Hostile JavaScript in the Browser
- Finding Live Hosts by Using the Ping Sweep in Python
- Writing Bash Shell Script
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us NowPenTest+ refers to the certification itself, offered by CompTIA, a trusted provider of IT certifications. Earning this certification demonstrates your competence in the ethical hacking methodology and the skills to effectively pen-test an environment.
PT0-002 is the current version of the PenTest+ exam. Exam versions are identified by codes, and PT0-002 signifies the latest iteration of the PenTest+ certification program. It focuses on the most up-to-date practices and tools used in penetration testing.
The CompTIA PenTest+ PT0-002 exam is the successor to the PT0-001 exam. While both assess an individual's skills in penetration testing, the PT0-002 focuses on the most up-to-date methodologies and techniques. PT0-002 is considered to be more challenging than PT0-001 due to the inclusion of more advanced topics and performance-based questions.
The cost of CompTIA Pentest+ varies, depending on the country & region. In the US, you can register for USD 404.
