top of page
Game Developers

CompTIA PenTest+ (PT0-002) 

CompTIA (Computing Technology Industry Association) offers a range of certifications that are highly regarded in the IT industry. These certifications cover various technology-related skills and are designed to validate the expertise of IT professionals. As of my last update in January 2022, here are some of the key CompTIA certifications:

  1. CompTIA IT Fundamentals (ITF+): This certification is ideal for individuals who are new to IT. It covers essential IT skills and helps beginners understand the basics of IT, including hardware, software, networking, and security.

  2. CompTIA A+: A+ certification is for entry-level IT technicians. It covers topics related to hardware, operating systems, networking, security, and troubleshooting. A+ is a widely recognized certification for technical support and IT operational roles.

  3. CompTIA Network+: Network+ certification is for professionals who work in IT networking roles. It covers networking concepts, infrastructure, network operations, security, and troubleshooting.

  4. CompTIA Security+: Security+ certification is for IT professionals specializing in cybersecurity. It validates knowledge and skills in areas such as network security, compliance, threats, vulnerabilities, access control, and cryptography.

  5. CompTIA Linux+: Linux+ certification is for IT professionals who work with Linux operating systems. It covers Linux administration, security, and troubleshooting.

  6. CompTIA Cloud+: Cloud+ certification is for IT professionals working in cloud technologies. It covers cloud models, virtualization, infrastructure, security, and resource management.

  7. CompTIA Cybersecurity Analyst (CySA+): CySA+ certification focuses on cybersecurity analytics and helps professionals perform data analysis, threat detection, and respond to cybersecurity threats.

  8. CompTIA Advanced Security Practitioner (CASP+): CASP+ certification is an advanced-level certification that validates expertise in enterprise security, risk management, and advanced security solutions.

It's important to note that CompTIA certifications are typically valid for three years. To maintain certification, individuals can participate in CompTIA's Continuing Education (CE) program, which allows them to earn CEUs (Continuing Education Units) by participating in various activities such as training, attending conferences, and writing articles.

pentestplus-logo.png

Self-Study Course Includes:

Books: a $75 value

Videos: a $250 value

Practice Test by MeasureUp: a $100 value

 

With CertPREP, you get all this and
more for just
$199.00. Get started today!

CompTIA
PenTest+ (PT0-002) — Self-Paced

Lesson 1: Introduction to Ethical Hacking and Penetration Testing (1 hour and 36 minutes)

  • Understanding Ethical Hacking and Penetration Testing (24 minutes)

    • Why Do We Need to Do Penetration Testing?

    • Threat Actors

  •  

  • Exploring Penetration Testing Methodologies (36 minutes)

    • Why Do We Need to Follow a Methodology for Penetration Testing?

    • Environmental Considerations

    • Surveying Different Standards and Methodologies

  •  

  • Building Your Own Lab (36 minutes)

    • Requirements and Guidelines for Penetration Testing Labs

    • What Tools Should You Use in Your Lab?

    • What if You Break Something?

  •  

  • Summary

  • Case Study

  • Quiz


Lesson 2: Planning and Scoping a Penetration Testing Assessment (2 hours)

  • Comparing and Contrasting Governance, Risk, and Compliance Concepts (1 hour)

    • Regulatory Compliance Considerations

    • Local Restrictions

    • Legal Concepts

    • Contracts

    • Disclaimers

  •  

  • Explain the Importance of Scoping and Organizational or Customer Requirements (48 minutes)

    • Rules of Engagement

    • Target List and In - Scope Assets

    • Validating the Scope of Engagement

    • Strategy: Unknown vs. Known Environment Testing

  •  

  • Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity (12 minutes)

  • Summary

  • Case Study

  • Quiz


Lesson 3: Design and implement routing (3 hours and 12 minutes)

  • Performing Passive Reconnaissance (1 hour and 36 minutes)

    • Active Reconnaissance vs. Passive Reconnaissance

    • DNS Lookups

    • Identification of Technical and Administrative Contacts

    • Cloud vs. Self - Hosted Applications and Related Subdomains

    • Social Media Scraping

    • Cryptographic Flaws

    • Company Reputation and Security Posture

    • Open - Source Intelligence (OSINT) Gathering

  •  

  • Performing Active Reconnaissance (36 minutes)

    • Nmap Scan Types

    • Types of Enumeration

    • Packet Inspection and Eavesdropping

  •  

  • Understanding the Art of Performing Vulnerability Scans (36 minutes)

    • How a Typical Automated Vulnerability Scanner Works

    • Types of Vulnerability Scans

    • Challenges to Consider When Running a Vulnerability Scan

  •  

  • Understanding How to Analyze Vulnerability Scan Results (24 minutes)

    • Sources for Further Investigation of Vulnerabilities

    • How to Deal with a Vulnerability

  •  

  • Summary

  • Case Study

  • Quiz


Lesson 4: Social Engineering Attacks (2 hours and 36 minutes)

  • Pretexting for an approach and Impersonation (12 minutes)

  • Social Engineering Attacks (48 minutes)

    • Email Phishing

    • Short Message Service (SMS) Phishing

    • Universal Serial Bus (USB) Drop Key

    • Watering Hole Attacks

  •  

  • Physical Attacks (48 minutes)

    • Tailgating

    • Dumpster Diving

    • Shoulder Surfing

    • Badge Cloning

  •  

  • Social Engineering Tools (36 minutes)

    • Social-Engineer Toolkit (SET)

    • Browser Exploitation Framework (BeEF)

    • Call Spoofing Tools

  •  

  • Methods of Influence (12 minutes)

  • Summary

  • Case Study

  • Quiz


Lesson 5: Exploiting Wired and Wireless Networks (6 hours)

  • Exploiting Network-Based Vulnerabilities (3 hours)

    • Windows Name Resolution and SMB Attacks

    • SMB Exploits

    • DNS Cache Poisoning

    • SNMP Exploits

    • SMTP Exploits

    • FTP Exploits

    • Pass-the-Hash Attacks

    • Kerberos and LDAP-Based Attacks

    • Kerberoasting

    • On-Path Attacks

    • Route Manipulation Attacks

    • DoS and DDoS Attacks

    • Network Access Control (NAC) Bypass

    • VLAN Hopping

    • DHCP Starvation Attacks and Rogue DHCP Servers

  •  

  • Exploiting Wireless Vulnerabilities (3 hours)

    • Rogue Access Points

    • Evil Twin Attacks

    • Dissociation (or Deauthentication) Attacks

    • Preferred Network List Attacks

    • Wireless Signal Jamming and Interference

    • War Driving

    • Initialization Vector (IV) Attacks and Unsecured Wireless Protocols

    • Karma Attacks

    • Fragmentation Attacks

    • Credential Harvesting

    • Bluejacking and Bluesnarfing

    • Bluetooth Low Energy (BLE) Attacks

    • Radio-Frequency Identification (RFID) Attacks

    • Password Spraying

    • Exploit Chaining

  •  

  • Summary

  • Case Study

  • Quiz


Lesson 6: Exploiting Application-Based Vulnerabilities (6 hours and 12 minutes)

  • Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10 (36 minutes)

    • The HTTP Protocol

    • Web Sessions

    • OWASP Top 10

  •  

  • How to Build Your Own Web Application Labs (12 minutes)

  • Understanding Business Logic Flaws (12 minutes)

  • Understanding Injectionp0Based Vulnerabilities (36 minutes)

    • SQL Injection Vulnerabilities

    • Command Injection Vulnerabilities

    • Lightweight Director Access Protocols (LDAP) Injection Vulnerabilities

  •  

  • Exploiting Authentication-Based Vulnerabilities (48 minutes)

    • Session Hijacking

    • Redirect Attacks

    • Default Credentials

    • Kerberos Vulnerabilities

  •  

  • Exploiting Authorization-Based Vulnerabilities (24 minutes)

    • Parameter Pollution

    • Insecure Direct Object Reference Vulnerabilities

  •  

  • Understanding Cross-Site Scription (XSS) Vulnerabilities (48 minutes)

    • Reflected XSS Attacks

    • Stored XSS Attacks

    • XSS Evasion Techniques

    • XSS Mitigations

  •  

  • Understanding Cross-Site Request Forgery (CSRF/XSR) and Server-Side Request (12 minutes)

    • Forgery Attacks

  •  

  • Understanding Clickjacking (12 minutes)

  • Exploiting Security Misconfigurations (24 minutes)

    • Exploiting Directory Traversal Vulnerabilities

    • Cookie Manipulation Attacks

  •  

  • Exploiting File Inclusion Vulnerabilities (24 minutes)

    • Local File Inclusion Vulnerabilities

    • Remote Insecure Vulnerabilities

  •  

  • Exploiting Insecure Code Practices (1 hour and 24 minutes)

    • Comments in Source Code

    • Lack of Error Handling and Overly Verbose Error Handling

    • Hard-Coded Credentials

    • Race Conditions

    • Unprotected APIs

    • Hidden Elements

    • Additional Web Application Hacking Tools


Lesson 7: Cloud, Mobile, and IoT Security (3 hours and 36 minutes)

  • Researching Attack Vectors and Performing Attacks on Cloud Technologies (1 hour and 48 minutes)

    • Credential Harvesting

    • Privilege Escalation

    • Account Takeover

    • Metadata Service Attacks

    • Attacks Against Misconfigured Cloud Assets

    • Resource Exhaustion and DoS Attacks

    • Cloud Malware Injection Attacks

    • Side - Channel Attacks

    • Tools and Software Development Kits (SDKs)

  •  

  • Explaining Common Attacks and Vulnerabilities Against Specialized Systems (1 hour and 48 minutes)

    • Attacking Mobile Devices

    • Attacking Internet of Things (IoT) Devices

    • Analyzing IoT Protocols

    • IoT Security Special Considerations

    • Common IoT Vulnerabilities

    • Data Storage System Vulnerabilities

    • Management Interface Vulnerabilities

    • Exploiting Virtual Machines

    • Vulnerabilities Related to Containerized Workloads


Lesson 8: Performing Post-Exploitation Techniques (1 hour and 36 minutes)

  • Creating a Foothold and Maintaining Persistence After Compromising a System (48 minutes)

    • Reverse and Bind Shells

    • Command and Control (C2) Utilities

    • Scheduled Jobs and Tasks

    • Custom Daemons, Processes, and Additional Backdoors

    • New Users

  •  

  • Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration (48 minutes)

    • Post-Exploitation Scanning

    • Legitimate Utilities and Living Off the Land

    • Post-Exploitation Privilege Escalation

    • How to Cover Your Tracks


Lesson 9: Reporting and Communication (2 hours and 36 minutes)

  • Comparing and Contrasting Important Components of Written Reports (48 minutes)

    • Report Contents

    • Storage Time for Report and Secure Distribution

    • Note Taking

    • Common Themes/Root Causes

  •  

  • Analyzing the Findings and Recommending the Appropriate Remediation Within a Report (48 minutes)

    • Technical Controls

    • Administrative Controls

    • Operational Controls

    • Physical Controls

  •  

  • Explaining the Importance of Communication During the Penetration Testing Process (36 minutes)

    • Communication Triggers

    • Reasons for Communication

    • Goal Reprioritization and Presentation of Findings

  •  

  • Explaining Post - Report Delivery Activities (24 minutes)

    • Post-Engagement Cleanup

    • Additional Post-Report Delivery Activities


Lesson 10 Tools and Code Analysis (5 hours)

  • Understanding the Basic Concepts of Scripting and Software Development (2 hours and 36 minutes)

    • Logic Constructs

    • Data Structures

    • Libraries

    • Procedures

    • Functions

    • Classes

    • Analysis of Scripts and Code Samples for Use in Penetration Testing

    • The Bash Shell

    • Resources to Learn Python

    • Resources to Learn Ruby

    • Resources to Learn PowerShell

    • Resources to Learn Perl

    • Resources to Learn JavaScript

  •  

  • Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code (2 hours and 24 minutes)

    • Penetration Testing-Focused Linux Distributions

    • Common Tools for Reconnaissance and Enumerations

    • Common Tools for Vulnerability Scanning

    • Common Tools for Credential TTACKS

    • Common Tools for Persistence

    • Common Tools for Evasion

    • Exploitation Frameworks

    • Common Decompilation, Disassembly, and Debugging Tools

    • Common Tools for Forensics

    • Common Tools for Software Assurance

    • Steganography Tools

    • Cloud Tools

bottom of page