CompTIA PenTest+ (PT0-001)

Introduction

• CompTIA
• The PenTest+ Exam
• What Does This Course Cover?
• CompTIA PenTest+ Certification Exam Objectives

Penetration Testing

• What Is Penetration Testing?
• Reasons for Penetration Testing
• Who Performs Penetration Tests?
• The CompTIA Penetration Testing Process
• The Cyber Kill Chain
• Tools of the Trade
• Summary
• Exam Essentials
• Lab Exercises

Planning and Scoping Penetration Tests

• Scoping and Planning Engagements
• Key Legal Concepts for Penetration Tests
• Understanding Compliance-Based Assessments
• Summary
• Exam Essentials
• Lab Exercises

Information Gathering

• Footprinting and Enumeration
• Active Reconnaissance and Enumeration
• Information Gathering and Defenses
• Summary
• Exam Essentials
• Lab Exercises

Vulnerability Scanning

• Identifying Vulnerability Management Requirements
• Configuring and Executing Vulnerability Scans
• Software Security Testing
• Developing a Remediation Workflow
• Overcoming Barriers to Vulnerability Scanning
• Summary
• Exam Essentials
• Lab Exercises

Analyzing Vulnerability Scans

• Reviewing and Interpreting Scan Reports
• Validating Scan Results
• Common Vulnerabilities
• Summary
• Exam Essentials
• Lab Exercises

Exploit and Pivot

• Exploits and Attacks
• Exploitation Toolkits
• Exploit Specifics
• Leveraging Exploits
• Persistence and Evasion
• Pivoting
• Covering Your Tracks
• Summary
• Exam Essentials
• Lab Exercises

Exploiting Network Vulnerabilities

• Conducting Network Exploits
• Exploiting Windows Services
• Exploiting Common Services
• Wireless Exploits
• Summary
• Exam Essentials
• Lab Exercises

Exploiting Physical and Social Vulnerabilities

• Physical Facility Penetration Testing
• Social Engineering
• Summary
• Exam Essentials
• Lab Exercises

Exploiting Application Vulnerabilities

• Exploiting Injection Vulnerabilities
• Exploiting Authentication Vulnerabilities
• Exploiting Authorization Vulnerabilities
• Exploiting Web Application Vulnerabilities
• Unsecure Coding Practices
• Application Testing Tools
• Summary
• Exam Essentials
• Lab Exercises

Exploiting Host Vulnerabilities

• Attacking Hosts
• Remote Access
• Attacking Virtual Machines and Containers
• Physical Device Security
• Attacking Mobile Devices
• Credential Attacks
• Summary
• Exam Essentials
• Lab Exercises

Scripting for Penetration Testing

• Scripting and Penetration Testing
• Variables, Arrays, and Substitutions
• Comparison Operations
• String Operations
• Flow Control
• Input and Output (I/O)
• Error Handling
• Summary
• Exam Essentials
• Lab Exercises

Reporting and Communication

• The Importance of Communication
• Recommending Mitigation Strategies
• Writing a Penetration Testing Report
• Wrapping Up the Engagement
• Summary
• Exam Essentials
• Lab Exercises

Appendix: Video Tutorials