CompTIA Pentest+

About this course

This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information system vulnerabilities and effective remediation techniques for those vulnerabilities. In particular, students who also need practical recommendations for action to properly protect information systems and their contents. This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-001, or who plan to use the PenTest+ as the foundation for more advanced security certifications or career roles.

At course completion

Attendees will learn how to:

  • Plan and scope penetration tests
  • Conduct passive reconnaissance
  • Perform non-technical tests to gather information
  • Conduct active reconnaissance
  • Analyse vulnerabilities
  • Penetrate networks
  • Exploit host-based vulnerabilities
  • Test applications
  • Complete post-exploit tasks

Examination

  • CompTIA PenTest+ Exam
  • Number of Questions: Maximum of 110
  • Type of Questions: Multiple choice and performance based
  • Duration: 165 minutes

Planning and Scoping

  • Explain the importance of planning for an engagement
  • Explain key legal concepts.
  • Explain the importance of scoping an engagement properly.
  • Explain the key aspects of compliance-based assessments.

Information Gathering and Vulnerability Identification

  • Given a scenario, conduct information gathering using appropriate techniques
  • Given a scenario, perform a vulnerability scan.
  • Given a scenario, analyse vulnerability scan results
  • Explain the process of leveraging information to prepare for exploitation.
  • Explain weaknesses related to specialised systems

Attacks and Exploits

  • Compare and contrast social engineering attacks
  • Given a scenario, exploit network-based vulnerabilities
  • Given a scenario, exploit wireless and RF-based vulnerabilities
  • Given a scenario, exploit application-based vulnerabilities
  • Given a scenario, exploit local host vulnerabilities
  • Summarise physical security attacks related to facilities
  • Given a scenario, perform post-exploitation techniques

Penetration Testing Tools

  • Given a scenario, use Nmap to conduct information gathering exercises
  • Compare and contrast various use cases of tools
  • Given a scenario, analyse tool output or data related to a penetration test
  • Given a scenario, analyse a basic script (limited to Bash, Python, Ruby, and PowerShell)

Reporting and Communication

  • Given a scenario, use report writing and handling best practices
  • Explain post-report delivery activities
  • Given a scenario, recommend mitigation strategies for discovered vulnerabilities
  • Explain the importance of communication during the penetration testing process

Exam 

Before attending this course, attendees should have:

  • Network & Security Foundation or equivalent knowledge e.g. QAFCCS, QACYNETSEC
  • A minimum of 2-3 years of hands-on information security or related experience

Auditoriniai mokymai


Pradžios data Trukmė, d. Kurso pavadinimas Kaina, € Statusas
2023-02-13 5 20410: Installing and Configuring Windows Server 2012 1500
2023-02-21 5 20412: Configuring Advanced Windows Server 2012 Services 1500
2023-03-06 5 20411: Administering Windows Server 2012 1500
2023-03-27 5 10969: Active Directory Services with Windows Server 1500
Užklausti 5 Administering the Web Server (IIS) Role of Windows Server (nuotolinė klasė - ENG) 1500 Organizuojamas
Užklausti 5 Installing and Configuring Windows Server 2012 (nuotolinė klasė - ENG) 1500 Organizuojamas
Užklausti 5 Fundamentals of a Windows Server Infrastructure (nuotolinė klasė - ENG) 1500 Organizuojamas
Užklausti 5 Active Directory Services with Windows Server (nuotolinė klasė - ENG) 1500 Organizuojamas

Nuotoliniai mokymai

Invalid data source. Please correct the following errors:

  • The data source tag/idis missing or it is invalid