As organizations scramble to protect themselves and their customers against privacy or security breaches, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.
CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management. PenTest+ is unique because our certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers. CompTIA PenTest+ meets the ISO 17024 standard. Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program.
- CompTIA PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks.
- Successful candidates will have the intermediate skills required to customize assessment frameworks to effectively collaborate on and report findings.
- Candidates will also have the best practices to communicate recommended strategies to improve the overall state of IT security.
- Planning And Scoping - Explain the importance of planning and key aspects of compliance-based assessments
- Information Gathering And Vulnerability Identification - Gather information to prepare for exploitation then perform a vulnerability scan and analyze results
- Attacks And Exploits - Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques
- Penetration Testing Tools - Conduct information gathering exercises with various tools and analyze output and basic scripts (limited to: Bash, Python, Ruby, PowerShell)
- Reporting And Communication - Utilize report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities