CPPENT CompTIA Pentest +

Course Code: CPPENT  Duration: 5 Days    Price: £2,345+VAT
Overview

As organisations scramble to protect themselves and their customers against privacy or security breaches, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organisations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.

The CompTIA PenTest+ certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers. 

CompTIA PenTest+ joins CompTIA Cybersecurity Analyst (CySA+) at the intermediate-skills level of the cybersecurity career pathway as shown below. Depending on your course of study, PenTest+ and CySA+ can be taken in any order but typically follows the skills learned in Security+. While CySA+ focuses on defense through incident detection and response, PenTest+ focuses on offense through penetration testing and vulnerability assessment.

Although the two exams teach opposing skills, they are dependent on one another. The most qualified cybersecurity professionals have both offensive and defensive skills. Earn the PenTest+ certification to grow your career within the CompTIA recommended cybersecurity career pathway.

Audience

Cybersecurity professionals involved in hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network.

Learning Objectives

After completing this course you should be able to:

  • Explain the importance of planning and key aspects of compliance-based assessments.
  • Conduct information gathering exercises with various tools and analyse output and basic scripts (limited to: Bash, Python, Ruby, PowerShell).
  • Gather information to prepare for exploitation then perform a vulnerability scan and analyse results.
  • Utilise report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities.
  • Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques.
Pre-Requisites

Attendees should meet the following prerequisites:

  • Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
  • Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.
  • CompTIA Network + or CompTIA Security + or equivalent knowledge
  • Hands-on information security experience

Recommended prerequisites:

Course Contents

Planning and Scoping Penetration Tests

  • Introduction to Penetration Testing Concepts
  • Plan a Pen Test Engagement
  • Scope and Negotiate a Pen Test Engagement
  • Prepare for a Pen Test Engagement

 

Conducting Passive Reconnaissance

  • Gather Background Information
  • Prepare Background Findings for Next Steps

 

Performing Non-Technical Tests

  • Perform Social Engineering Tests
  • Perform Physical Security Tests on Facilities

 

Conducting Active Reconnaissance

  • Scan Networks
  • Enumerate Targets
  • Scan for Vulnerabilities
  • Analyse Basic Scripts

 

Analysing Vulnerabilities

  • Analyse Vulnerability Scan Results
  • Leverage Information to Prepare for Exploitation

Penetrating Networks

  • Exploit Network-Based Vulnerabilities
  • Exploit Wireless and RF-Based Vulnerabilities
  • Exploit Specialized Systems

 

Exploiting Host-Based Vulnerabilities

  • Exploit Windows-Based Vulnerabilities
  • Exploit *Nix-Based Vulnerabilities

 

Testing Applications

  • Exploit Web Application Vulnerabilities
  • Test Source Code and Compiled Apps

 

Completing Post-Exploit Tasks

  • Use Lateral Movement Techniques
  • Use Persistence Techniques
  • Use Anti-Forensics Techniques

 

Analysing and Reporting Pen Test Results

  • Analyse Pen Test Data
  • Develop Recommendations for Mitigation Strategies
  • Write and Handle Reports
  • Conduct Post-Report-Delivery Activities

 

Appendix A: Mapping Course Content to CompTIA PenTest+ (Exam PT0-001) Solutions Glossary Index

 

 

Exam Information

This course is recommended as preparation for the following exams:

  • PT0-001 - CompTIA Pentest+ Certification

 

This training course provided by Skilltec is accredited through Global Knowledge Training Ltd. Global Knowledge Training Ltd are the authorised learning partner; all trademarks and partner statuses are provided through them.