CompTIA

CompTIA PenTest+ Cert Guide (PT0-002)

Enroll for our CompTIA Pentest+ training course which is perfectly aligned with the PT0-002 exam objective to help you pass the certification.

(PT0-002.AB1) / ISBN : 978-1-64459-340-0
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
196 Reviews
Get A Free Trial

About This Course

Our CompTIA Pentest+ PT0-002 Cert Guide has been especially aligned with the exam objectives of the prestigious cybersecurity certification to help you pass the exam in a single attempt. It is a comprehensive course designed for those who have a solid understanding of networking and security fundamentals and want to make a career in cybersecurity. Learn how to do security scans, vulnerability assessments, and penetration testing as per the legal and regulatory requirements and produce written reports listing remediation strategies against cyber threats. The CompTIA PenTest+ (PT0-002) study guide will enhance your skills and knowledge in ethical hacking and penetration testing.

Skills You’ll Get

  • Understand ethical hacking and penetration testing 
  • Considering legal and ethical ways for penetration testing.
  • Performing passive and active reconnaissance techniques to gather information about a target system.
  • Using tools like Nmap and Zenmap for network enumeration
  • Conduct network attacks like XSS attacks, ARP spoofing, and DDoS attacks.
  • Execute vulnerability scans with Nessus and OpenVAS.
  • Exploit vulnerabilities in web applications with SQL injection & command injection.
  • Perform vulnerability scan results to prioritize targets.
  • Workflow for vulnerability remediation.

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Introduction

  • The Goals of the CompTIA PenTest+ Certification
  • The Exam Objectives (Domains)
  • Steps to Earning the PenTest+ Certification
  • Facts About the PenTest+ Exam
  • About the CompTIA PenTest+ PT0-002 Cert Guide
2

Introduction to Ethical Hacking and Penetration Testing

  • Understanding Ethical Hacking and Penetration Testing
  • Exploring Penetration Testing Methodologies
  • Building Your Own Lab
  • Review All Key Topics
3

Planning and Scoping a Penetration Testing Assessment

  • Comparing and Contrasting Governance, Risk, and Compliance Concepts
  • Explaining the Importance of Scoping and Organizational or Customer Requirements
  • Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity
  • Review All Key Topics
4

Information Gathering and Vulnerability Scanning

  • Performing Passive Reconnaissance
  • Performing Active Reconnaissance
  • Understanding the Art of Performing Vulnerability Scans
  • Understanding How to Analyze Vulnerability Scan Results
  • Review All Key Topics
5

Social Engineering Attacks

  • Pretexting for an Approach and Impersonation
  • Social Engineering Attacks
  • Physical Attacks
  • Social Engineering Tools
  • Methods of Influence
  • Review All Key Topics
6

Exploiting Wired and Wireless Networks

  • Exploiting Network-Based Vulnerabilities
  • Exploiting Wireless Vulnerabilities
  • Review All Key Topics
7

Exploiting Application-Based Vulnerabilities

  • Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10
  • How to Build Your Own Web Application Lab
  • Understanding Business Logic Flaws
  • Understanding Injection-Based Vulnerabilities
  • Exploiting Authentication-Based Vulnerabilities
  • Exploiting Authorization-Based Vulnerabilities
  • Understanding Cross-Site Scripting (XSS) Vulnerabilities
  • Understanding Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery Attacks
  • Understanding Clickjacking
  • Exploiting Security Misconfigurations
  • Exploiting File Inclusion Vulnerabilities
  • Exploiting Insecure Code Practices
  • Review All Key Topics
8

Cloud, Mobile, and IoT Security

  • Researching Attack Vectors and Performing Attacks on Cloud Technologies
  • Explaining Common Attacks and Vulnerabilities Against Specialized Systems
  • Review All Key Topics
9

Performing Post-Exploitation Techniques

  • Creating a Foothold and Maintaining Persistence After Compromising a System
  • Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration
  • Review All Key Topics
10

Reporting and Communication

  • Comparing and Contrasting Important Components of Written Reports
  • Analyzing the Findings and Recommending the Appropriate Remediation Within a Report
  • Explaining the Importance of Communication During the Penetration Testing Process
  • Explaining Post-Report Delivery Activities
  • Review All Key Topics
11

Tools and Code Analysis

  • Understanding the Basic Concepts of Scripting and Software Development
  • Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code
  • Review All Key Topics

1

Information Gathering and Vulnerability Scanning

  • Performing Zone Transfer Using dig
  • Using dnsrecon
  • Using Recon-ng to Gather Information
  • Performing Reconnaissance on a Network
  • Performing a UDP Scan Using Nmap
  • Using Nmap for User Enumeration
  • Using Nmap for Network Enumeration
  • Performing Nmap SYN Scan
  • Conducting Vulnerability Scanning Using Nessus
2

Social Engineering Attacks

  • Using BeEF
  • Using SET Tool to Plan an Attack
3

Exploiting Wired and Wireless Networks

  • Using the EternalBlue Exploit in Metasploit
  • Simulating the DDoS Attack
  • Performing a DHCP Starvation Attack
  • Understanding the Pass-the-hash Attack
  • Performing ARP Spoofing
  • Exploiting SMTP
  • Exploiting SNMP
  • Searching Exploits Using searchsploit
  • Exploiting SMB
4

Exploiting Application-Based Vulnerabilities

  • Conducting a Cross Site Scripting (XXS) attack
  • Using curl to Make the HTTP GET Request
  • Capturing Network Packets Using tcpdump
  • Exploiting Command Injection Vulnerabilities
  • Exploiting a Website Using SQL Injection
  • Performing Session Hijacking Using Burp Suite
  • Cracking Passwords
  • Conducting a Cross-Site Request Forgery Attack
5

Cloud, Mobile, and IoT Security

  • Understanding Local Privilege Escalation
6

Performing Post-Exploitation Techniques

  • Using OWASP ZAP
  • Using the Task Scheduler
  • Writing Bash Shell Script
  • Performing a Scan in Zenmap
  • Using dig and nslookup Commands
  • Creating Reverse and Bind Shells Using Netcat
  • Hiding Text Using Steganography
  • Using the Metasploit RDP Post-Exploitation Module
7

Tools and Code Analysis

  • Finding Live Hosts by Using the Ping Sweep in Python
  • Whitelisting an IP Address in the Windows Firewall
  • Viewing Exploits Written in Perl
  • Viewing the Effects of Hostile JavaScript in the Browser
  • Using Meterpreter to Display the System Information
  • Performing Vulnerability Scanning Using OpenVAS
  • Enumerating Data Using enum4linux
  • Using Maltego to Gather Information
  • Cracking a Linux Password Using John the Ripper

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

It is a prestigious certification offered by CompTIA that demonstrates your competence in the ethical hacking methodology and the skills to effectively pen-test an environment.

It is the current version of compTIA PenTest+ exam. It focuses on the best practices and latest tools used in penetration testing.

The average annual income of a CompTIA PenTest+ certified professional is USD 104, 000.

The exam cost for this certification is USD 404.

Related Courses

All Course