n this 5 Day training provides the knowledge needed to plan and perform penetration tests and other security engagements| using a vendor-neutral format. This includes planning engagements| performing reconnaissance to find vulnerabilities in a target organization| exploiting vulnerable targets| and creating follow-up reports. This course maps to the CompTIA PenTest+ certification exam (PT0-001). Objective coverage is marked throughout the course.
You will benefit most from this course if you intend to become a certified penetration tester| or if you are a security professional who wishes to understand cybersecurity from an offensive perspective.
This course assumes that you have some applied knowledge of computers| networks| and cybersecurity principles. Knowledge equivalent to the CompTIA Security+ certification is helpful but not necessary.
While there is no required prerequisite| PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical| hands-on focus. Recommended experience in Network+| Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience.
67 Gorham Rd
Scarborough, ME 04074
What You'll Learn
The CompTIA PenTest+ Certification Study Guide will prepare you to take the CompTIA PenTest+ exam by providing 100% coverage of the objectives and content examples listed on the syllabus including how to:
Plan and scope penetration tests
Conduct passive reconnaissance
Perform non-technical tests to gather information
Conduct active reconnaissance
Analyze vulnerabilities
Penetrate networks
Exploit host-based vulnerabilities
Test applications
Complete post-exploit tasks
Analyze and report penetration test results Course Details
1: Engagement planning
Module A: Assessment types and goals
Module B: The penetration testing process
Module C: Documentation and planning
Module D: Engagement scope
Module E: Scripting
2: Reconnaissance
Module A: Reconnaissance techniques
Module B: OSINT gathering
3: Active Reconnaissance
Module A: Network scanning
Module B: Vulnerability scanning
Module C: Application testing
4: Leveraging target information
Module A: Vulnerability analysis
Module B: Exploitation techniques
5: Exploiting organizational vulnerabilities
Module A: Social engineering
Module B: Physical security attacks
6: Exploiting network vulnerabilities
Module A: Network attacks
Module B: Wireless attacks
7: Exploiting applications
Module A: Attacking insecure code
Module B: Attacking web applications
8: Host exploitation
Module A: Finding host vulnerabilities
Module B: Operating system exploits
Module C: Post-exploitation techniques
9: Engagement follow-up
Module A: Report preparation
Module B: Remediation and follow-up
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.