The CompTIA PenTest+ certification verifies that successful candidates have the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results.
Curriculum
DOMAIN 1—PLANNING AND SCOPING - (14%)
A. Compare and contrast governance, risk, and compliance concept.
- Regulatory compliance considerations
- Location restrictions
- Legal concepts
- Permission to attack
B. Explain the importance of scoping and organizational/customer requirements.
- Standards and methodologies
- Rules of engagement
- Environmental considerations
- Target list/in-scope assets
- Validate the scope of engagement
C. Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity
- Background check of the penetration testing team
- Adhere to specific scope of engagement
- Identify criminal activity
- Immediately report breaches/criminal activity
- Limit the use of tools to a particular engagement
- Limit invasiveness based on the scope
- Maintain confidentiality of data/information
- Risk to the professional
DOMAIN 2—INFORMATION GATHERING AND VULNERABILITY SCANNING - (22%)
A. Given a scenario, Perform passive reconnaissance.
- DNS Lookups
- Identify technical contacts.
- Administration contacts
- Cloud vs Self-hosted
- Social media scraping
- Cryptographic flaws
- Company reputation/security posture
- Data
- Open-source intelligence (OSINT)
B. Given a scenario, perform active reconnaissance.
- Enumeration
- Packet crafting
- Defense detection
- Tokens
- Wardriving
- Network traffic
- Cloud asset discovery
- Third-party hosted services
- Detection avoidance
C. Given a scenario, analyze the result of a reconnaissance.
- Fingerprinting
- Analyze output.
D. Given a scenario, perform vulnerability scanning.
- Considerations of vulnerability scanning
- Scan identified targets for vulnerabilities.
- Set scan settings to avoid detection.
- Scanning methods
- Nmap
- Vulnerability testing tools that facilitate automation
DOMAIN 3—ATTACKS AND EXPLOITS - (23%)
A. Given a scenario, research attack vectors and perform network attacks.
- Stress testing for availability
- Exploit resources.
- Attacks
- Tools
B. Given a scenario, research attack vectors and perform wireless attacks.
- Attack methods
- Attacks
- Tools
C. Given a scenario, research attack vectors and perform application-based attacks.
- OWASP
- Server-side request forgery
- Business logic flaws
- Injection attacks
- Application vulnerabilities
- API attacks
- Directory traversal
- Tools
- Resources
D. Given a scenario, research attack vectors and perform attacks on cloud technologies.
E. Explain common attacks and vulnerabilities against specialized systems.
- Mobile
- Internet of things (IOTs) devices
- Data storage system vulnerabilities
- Management interface vulnerabilities
- Vulnerabilities related to supervisory control and data acquisition (SCADA)/Industrial internet of things (IoT)/Industrial control system (ICS)
- Vulnerabilities are related to virtual environments.
- Vulnerabilities related to containerized workloads.
F. Given a scenario, perform a social engineering or physical attack.
- The pretext for an approach
- Social engineering attacks
- Physical attacks
- Impersonation
- Tools
- Methods of influence
B. Given a scenario, perform post-exploitation techniques.
- Post-exploitation tools
- Lateral movement
- Network segmentation testing
- Privilege escalation
- Upgrading a restrictive shell
- Creating a foothold/persistence
- Detection avoidance
- Enumeration
DOMAIN 4—REPORTING AND COMMUNICATION - (18%)
A. Compare and contrast important components of written reports.
- Report audience
- Report contents
- Storage time for report
- Secure distribution
- Note taking.
- Common themes/root causes
B. Given a scenario, analyze the findings and recommend the appropriate remediation within a report.
- Technical controls
- Administrative controls
- Operational controls
- Physical controls
C. Explain the importance of communication during the penetration testing process.
- Communication path
- Communication triggers
- Reasons for communication
- Goal reprioritization
- Presentation of findings
D. Explain post-report delivery activities.
- Post-engagement cleanup
- Client acceptance
- Lessons learn.
- Follow-up action/retest
- Attestation of findings
- Data destruction process
DOMAIN 5—TOOLS AND ANALYSIS - (16%)
A. Explain the basic concept of scripting and software development.
- Logic constructs
- Data structure
- Dictionaries
- Libraries
- Classes
- Procedures
- Functions
B. Given a scenario, analyze a script or code sample for use in a penetration test.
- Shell
- Programming languages
- Analyze exploit code used to download files, launch remote access, enumerate users, and enumerate assets.
- Opportunities for automation
C. Explain the use cases of tools during the phases of a penetration test.
- Scanners
- Credential testing tools
- Debuggers
- OSINT
- Wireless
- Web application tools
- Social engineering tools
- Remote access tools
- Network tools
- Cloud tools
- Steganography tools
Who should learn PenTest +?
- IT Audit Managers
- IT Project Manager
- Network Architects
- Security Consultants
- Auditing Professionals
- Security Architects
- IT Security officer
- Security Auditors
- Security Managers
- IT Consultant
- Cybersecurity Analysts
- IT risk and assurance Manager
- Security Systems Engineers
- Privacy Officer
- Anybody who is looking to create a career in information systems auditing.
What will I be able to do at the end of the training?
- Plan and scope a penetration testing engagement
- Understand legal and compliance requirements
- Perform vulnerability scanning and penetration testing using appropriate tools and
- techniques, and then analyze the results
- Produce a written report containing proposed remediation techniques, effectively
- communicate results to the management team, and provide practical recommendations