CompTIA PenTest+

CompTIA PenTest+

Description

You will learn the details of how to conduct a penetration test so that you can be better prepared to serve on your organization's cyber defense team or as an independent penetration tester.

The CompTIA PenTest+ (PT0-002) certification is an intermediate-level, vendor-neutral certification that validates your knowledge and ability to plan/scope an assessment, understand the legal/compliance requirements, perform vulnerability scanning/penetration tests, and analyze/report on your findings.

The CompTIA PenTest+ certification exam, and this course, is focused on the technical, hands-on details of the cybersecurity field, including how to emulate a cyber threat, infiltrate a secure network architecture, and conduct a penetration test against your organizational networks (with permission, of course). 

This course is designed for penetration testers, IT Security analysts, vulnerability analysts and testers, network security operations personnel, or anyone who is trying to get a better understanding of the concepts involved in conducting a penetration test and its associated toolsets.  

By the end of the course, you will be comfortable with the technical tasks required of a penetration tester and be ready to take on a more advanced role in a cybersecurity team within your organization!

This course is designed to help prepare you for the CompTIA PenTest+ (PT0-002) certification exam and covers all five domains:

  • Planning and Scoping (14%)
  • Information Gathering and Vulnerability Identification (22%)
  • Attacks and Exploits (30%)
  • Reporting and Communication (18%)
  • Tools and Code Analysis (16%)

Who this course is for?

  • Students preparing for the CompTIA PenTest+ (PT0-002) Certification Exam
  • Security Analysts
  • Penetration Testers
  • Vulnerability Testers
  • Network Security Operations
  • Application Security Vulnerability Testers

Course Learning Objectives

  • Take and pass the CompTIA PenTest+ (PT0-002) certification exam
  • Understand the penetration testing methodology
  • Understand how to plan and scope a penetration test
  • Understand how to conduct information gathering and enumeration
  • Understand how to exploit networks and systems during a penetration test
  • Understand how to prepare a report and communicate your findings

Course prerequisites

  • Basic understanding of network and network security
  • Understand the concepts covered by the Network+ and Security+ exams

Course Curriculum

No.

Title

Type

Status

1.

Welcome

VIDEO

2.

Download your free study guide

PDF

3.

Exam Tips

VIDEO

4.

How to Use the Lab Environment

VIDEO

5.

Labs: Exploring the PenTest+ Lab Environment

LAB

6.

100% Pass Guarantee

VIDEO

7.

Checkpoint: Welcome

QUIZ

No.

Title

Type

Status

1.

Planning an Engagement

VIDEO

2.

Risk

VIDEO

3.

Risk Handling

VIDEO

4.

Controls

VIDEO

5.

PenTest Methodologies

VIDEO

6.

PenTest Standards

VIDEO

7.

Planning a Test

VIDEO

8.

Legal Concepts

VIDEO

9.

Regulatory Compliance

VIDEO

10.

Professionalism

VIDEO

11.

Checkpoint: Planning an Engagement

QUIZ

No.

Title

Type

Status

1.

Scoping an Engagement

VIDEO

2.

Defining the Scope

VIDEO

3.

Adversary Emulation

VIDEO

4.

Target List

VIDEO

5.

Identifying Restrictions

VIDEO

6.

Rules of Engagement

VIDEO

7.

Assessment Types

VIDEO

8.

Validating the Scope

VIDEO

9.

Limitations and Permission

VIDEO

10.

Build a Virtual Lab

VIDEO

11.

Checkpoint: Scoping an Engagement

QUIZ

No.

Title

Type

Status

1.

Passive Reconnaissance

VIDEO

2.

Information Gathering

VIDEO

3.

Open-Source Intelligence (OSINT)

VIDEO

4.

Social Media Scraping

VIDEO

5.

OSINT Tools

VIDEO

6.

Using OSINT Tools

VIDEO

7.

Lab: Discovering IoT devices with Shodan

VIDEO

8.

DNS Information

VIDEO

9.

Lab: Exploring the Domain Tools: Nslookup, Dig, and Whois

LAB

10.

Reconnaissance with CentralOps

VIDEO

11.

Public Repositories

VIDEO

12.

Search Engine Analysis

VIDEO

13.

URL Analysis

VIDEO

14.

Lab: Navigating Open-Source Intelligence Tools

VIDEO

15.

Cryptographic Flaws

VIDEO

16.

CWE & CVE

VIDEO

17.

Checkpoint: Passive Reconnaissance

QUIZ

No.

Title

Type

Status

1.

Active Reconnaissance

VIDEO

2.

Scanning and Enumeration

VIDEO

3.

Conducting Enumeration

VIDEO

4.

Other Enumeration

VIDEO

5.

Lab: Demonstrating Enumeration Techniques

VIDEO

6.

Website Reconnaissance

VIDEO

7.

Detecting and Evading Defenses

VIDEO

8.

Packet Crafting

VIDEO

9.

Eavesdropping

VIDEO

10.

Wardriving

VIDEO

11.

DNS and ARP Analysis

VIDEO

12.

Network Traffic Analysis

VIDEO

13.

Checkpoint: Active Reconnaissance

QUIZ

No.

Title

Type

Status

1.

Vulnerability Scanning

VIDEO

2.

Vulnerability Lifecycle

VIDEO

3.

Vulnerability Scans

VIDEO

4.

Scanning Considerations

VIDEO

5.

Nessus Scanning

VIDEO

6.

OpenVas Scanning

VIDEO

7.

Lab: Exploring OpenVAS

LAB

8.

Nikto Scanning

VIDEO

9.

Lab: Using Web Scanners

LAB

10.

Checkpoint: Vulnerability Scanning

QUIZ

No.

Title

Type

Status

1.

Nmap

VIDEO

2.

Nmap Discovery Scans

VIDEO

3.

Nmap Port Scans

VIDEO

4.

Nmap Fingerprinting

VIDEO

5.

Using Nmap

VIDEO

6.

Lab: Understanding Nmap Common Usage

LAB

7.

Nmap Scripting Engine

VIDEO

8.

Lab: Scanning a Vulnerable System

LAB

9.

Lab: Understanding Scan Output

LAB

10.

Checkpoint: Nmap

QUIZ

No.

Title

Type

Status

1.

Social Engineering and Physical Attacks

VIDEO

2.

Methods of Influence

VIDEO

3.

Social Engineering

VIDEO

4.

Phishing Campaigns

VIDEO

5.

Social Engineering Toolkit

VIDEO

6.

Lab: Understanding Social Engineering Toolkit (SET)

LAB

7.

Pretexting

VIDEO

8.

Baiting Victims

VIDEO

9.

Impersonation

VIDEO

10.

Lab: Understanding Spearphishing and Credentials Attack

LAB

11.

Physical Security

VIDEO

12.

Lock Picking

VIDEO

13.

Physical Attacks

VIDEO

14.

Social Engineering Tools

VIDEO

15.

Checkpoint: Social Engineering and Physical Attacks

QUIZ

No.

Title

Type

Status

1.

Wireless Attacks

VIDEO

2.

Wireless Security

VIDEO

3.

Bypassing MAC Filtering

VIDEO

4.

Signal Exploitation

VIDEO

5.

WEP Hacking

VIDEO

6.

WPA/WPA2 Hacking

VIDEO

7.

WPS PIN Attacks

VIDEO

8.

Lab: Monitoring with Aircrack-ng

LAB

9.

Evil Twins

VIDEO

10.

On-path and Relay Attacks

VIDEO

11.

Bluetooth Attacks

VIDEO

12.

RFID and NFC Attacks

VIDEO

13.

Checkpoint: Wireless Attacks

QUIZ

No.

Title

Type

Status

1.

Network Attacks

VIDEO

2.

Stress Testing

VIDEO

3.

Exploit Resources

VIDEO

4.

ARP Poisoning

VIDEO

5.

DNS Cache Poisoning

VIDEO

6.

LLMNR/NBT-NS Poisoning

VIDEO

7.

MAC Spoofing

VIDEO

8.

VLAN Hopping

VIDEO

9.

NAC Bypass

VIDEO

10.

On-path Attack

VIDEO

11.

Password Attacks

VIDEO

12.

Lab: Exploring Password Attacks with John the Ripper and Hydra

LAB

13.

Pass the Hash

VIDEO

14.

Lab: Exploring the Basics of Metasploit

LAB

15.

Intro to Metasploit

VIDEO

16.

Netcat

VIDEO

17.

Using Netcat

VIDEO

18.

Checkpoint: Network Attacks

QUIZ

No.

Title

Type

Status

1.

Application Vulnerabilities

VIDEO

2.

Race Conditions

VIDEO

3.

Buffer Overflows

VIDEO

4.

Buffer Overflow Attacks

VIDEO

5.

Authentication and References

VIDEO

6.

Improper Error Handling

VIDEO

7.

Improper Headers

VIDEO

8.

Code Signing

VIDEO

9.

Vulnerable Components

VIDEO

10.

Software Composition

VIDEO

11.

Privilege Escalation

VIDEO

12.

Conducting Privilege Escalation

VIDEO

13.

Checkpoint: Application Vulnerabilities

QUIZ

No.

Title

Type

Status

1.

Application Attacks

VIDEO

2.

Directory Traversals

VIDEO

3.

Dirbuster

VIDEO

4.

Cross-Site Scripting (XSS)

VIDEO

5.

Cross-Site Request Forgery (CSRF)

VIDEO

6.

SQL Injections

VIDEO

7.

Conducting SQL Injections

VIDEO

8.

Burp Suite and SQLmap

VIDEO

9.

Lab: Using SQL Injection

LAB

10.

OWASP ZAP

VIDEO

11.

XML Injections

VIDEO

12.

Other Injection Attacks

VIDEO

13.

Attacking Web Applications

VIDEO

14.

Checkpoint: Application Attacks

QUIZ

No.

Title

Type

Status

1.

Cloud Attacks

VIDEO

2.

Attacking the Cloud

VIDEO

3.

Credential Harvesting

VIDEO

4.

Misconfigured Assets

VIDEO

5.

Metadata Service Attack

VIDEO

6.

Software Development Kit (SDK)

VIDEO

7.

Auditing the Cloud

VIDEO

8.

Conducting Cloud Audits

VIDEO

9.

Lab: Using VSFTP Manual and Metasploit

LAB

10.

Checkpoint: Cloud Attacks

QUIZ

No.

Title

Type

Status

1.

Attacks on Mobile Devices

VIDEO

2.

Enterprise Mobility Management

VIDEO

3.

Deployment Options

VIDEO

4.

Mobile Reconnaissance Concerns

VIDEO

5.

Mobile Device Insecurity

VIDEO

6.

Multifactor Authentication

VIDEO

7.

Mobile Device Attacks

VIDEO

8.

Malware Analysis

VIDEO

9.

Conducting Malware Analysis

VIDEO

10.

Mobile Device Tools

VIDEO

11.

Checkpoint: Attacks on Mobile Devices

QUIZ

No.

Title

Type

Status

1.

Attacks on Specialized Systems

VIDEO

2.

Internet of Things (IoT) Devices

VIDEO

3.

Internet of Things (IoT) Vulnerabilities

VIDEO

4.

Embedded Systems

VIDEO

5.

ICS and SCADA Devices

VIDEO

6.

ICS Protocols and Vulnerabilities

VIDEO

7.

Data Storage Vulnerabilities

VIDEO

8.

Virtual Environments

VIDEO

9.

Virtual Machine Attacks

VIDEO

10.

Containerization

VIDEO

11.

Checkpoint: Attacks on Specialized Systems

QUIZ

No.

Title

Type

Status

1.

Post-exploitation

VIDEO

2.

Enumerating the Network

VIDEO

3.

Network Segmentation Testing

VIDEO

4.

Lateral Movement and Pivoting

VIDEO

5.

Pass the Hash

VIDEO

6.

Golden Ticket

VIDEO

7.

Lateral Movement

VIDEO

8.

Pivoting

VIDEO

9.

Escalating Privileges

VIDEO

10.

Upgrading Restrictive Shells

VIDEO

11.

Checkpoint: Post-exploitation

QUIZ

No.

Title

Type

Status

1.

Detection Avoidance

VIDEO

2.

Trojans and Backdoors

VIDEO

3.

Creating Persistence

VIDEO

4.

Lab: Using Reverse and Bind Shells

LAB

5.

Living Off the Land

VIDEO

6.

Data Exfiltration

VIDEO

7.

Covert Channels

VIDEO

8.

Steganography

VIDEO

9.

Lab: Navigating Steganography Tools

LAB

10.

Covering Your Tracks

VIDEO

11.

Persistence and Covering Your Tracks

VIDEO

12.

Post-Exploitation Tools

VIDEO

13.

Checkpoint: Post-exploitation

QUIZ

No.

Title

Type

Status

1.

Communication and Reports

VIDEO

2.

Communication Paths

VIDEO

3.

Communication Triggers

VIDEO

4.

Reasons for Communication

VIDEO

5.

Presentation of Findings

VIDEO

6.

Report Data Gathering

VIDEO

7.

Written Reports

VIDEO

8.

Common Themes

VIDEO

9.

Securing and Storing Reports

VIDEO

10.

Checkpoint: Communication and Reports

QUIZ

No.

Title

Type

Status

1.

Findings and Remediations

VIDEO

2.

Security Control Categories

VIDEO

3.

Selecting Security Controls

VIDEO

4.

Physical Controls

VIDEO

5.

Operational Controls

VIDEO

6.

Admnistrative Controls

VIDEO

7.

System Hardening

VIDEO

8.

Secure Coding

VIDEO

9.

Implementing MFA

VIDEO

10.

Digital Certificates

VIDEO

11.

Other Technical Controls

VIDEO

12.

Mitigation Strategies

VIDEO

13.

Checkpoint: Findings and Remediations

QUIZ

No.

Title

Type

Status

1.

Post-report Activities

VIDEO

2.

Remove Shells and Tools

VIDEO

3.

Delete Test Credentials

VIDEO

4.

Destroy Test Data

VIDEO

5.

Client Acceptance

VIDEO

6.

Attestation of Findings

VIDEO

7.

Lessons Learned

VIDEO

8.

Retesting

VIDEO

9.

Checkpoint: Post-report Activities

QUIZ

No.

Title

Type

Status

1.

Scripting Basics

VIDEO

2.

Shells and Programming Languages

VIDEO

3.

Variables

VIDEO

4.

Loops

VIDEO

5.

Logic Control

VIDEO

6.

Data Structures

VIDEO

7.

Object Oriented Programming

VIDEO

8.

Checkpoint: Scripting Basics

QUIZ

No.

Title

Type

Status

1.

Analyzing Scripts

VIDEO

2.

Coding in Bash

VIDEO

3.

Bash Example

VIDEO

4.

Coding in PowerShell

VIDEO

5.

PowerShell Example

VIDEO

6.

Coding in Python

VIDEO

7.

Python Example

VIDEO

8.

Coding in Perl

VIDEO

9.

Perl Example

VIDEO

10.

Coding in JavaScript

VIDEO

11.

JavaScript Example

VIDEO

12.

Coding in Ruby

VIDEO

13.

Ruby Example

VIDEO

14.

Lab: Exploring Programming Shells

LAB

15.

Checkpoint: Analyzing Scripts

QUIZ

No.

Title

Type

Status

1.

Exploits and Automation

VIDEO

2.

Exploits to Download Files

VIDEO

3.

Exploits for Remote Access

VIDEO

4.

Exploits for Enumerating Users

VIDEO

5.

Exploits for Enumerating Assets

VIDEO

6.

Lab: Analyzing Exploit Code

LAB

7.

Automation in Engagements

VIDEO

8.

Automation with Nmap Scripts

VIDEO

9.

Lab: Applying PenTest Automation

LAB

10.

Checkpoint: Exploits and Automation

QUIZ

No.

Title

Type

Status

1.

Tool Round-up

VIDEO

2.

OSINT Tools

VIDEO

3.

Scanning Tools

VIDEO

4.

Networking Tools

VIDEO

5.

Wireless Tools

VIDEO

6.

Social Engineering Tools

VIDEO

7.

Remote Access Tools

VIDEO

8.

Credential Testing Tools

VIDEO

9.

Web Application Tools

VIDEO

10.

Cloud Tools

VIDEO

11.

Steganography Tools

VIDEO

12.

Debuggers

VIDEO

13.

Miscellaneous Tools

VIDEO

14.

Lab: Understanding Spear Phishing and Credentials Attack

LAB

15.

Checkpoint: Tool Round-up

QUIZ

No.

Title

Type

Status

1.

Conclusion Lesson

VIDEO

2.

BONUS: Where to go from here?

VIDEO

3.

Practice Exam (PT0-002)

EXAM

Meet Your Instructor

Jason Dion

Jason Dion

Lead Instructor

Jason Dion, CISSP No. 349867, is a former college professor and the lead instructor at Dion Training Solutions.

He has multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), CySA+, Security+, Network+, A+, PRINCE2 Practitioner, and ITIL.

With networking experience dating back to 1992, Jason has been a network engineer, Deputy Director of a Network Operations Center, and an Information Systems Officer for large organizations around the globe.

He holds a Master’s of Science degree in Information Technology with a specialization in Information Assurance and a Bachelor’s of Science in Human Resources Management. He lives in Puerto Rico with his wife and two children.

Course Rating

( 5 average based on 4 reviews)
5 star
4
4 star
0
3 star
0
2 star
0
1 star
0

4 Reviews

Pascal Poux
Pascal Poux
Position: confidential

I just passed the PenTest+ exam with this course. I followed your course and you gave me all the keys to success. Many thanks!

Henock Daniel
Henock Daniel
Position: confidential

The course touches key topics from each of the domains that make-up the PenTest + exam. Opens gateway to vulnerability/penetration testing tools and awareness that the job of building that familiarity falls unto you, the student. Jason does a great job with the subdivision topics within each domain and it's straightforward, no fluff.

CompTIA PenTest+
Course Preview
  • Price$349
  • InstructorJason Dion
  • Duration31+ hours
  • Lessons237
  • Quizzes12
  • Enrolled134 students
  • Access12 Months
  • Full Practice Exams
    Included
  • Official Textbook
    Included
  • 100% Pass Guarantee
    Included

100% Pass Guarantee


All the risk is on us, as it should be. You literally have nothing to lose.


We are so confident that you are going to learn everything you need to know to pass your CompTIA®, ITIL®, PRINCE2®, PRINCE2 Agile®, or Linux certification if you pass our courses at diontraining.com. So, if you do not pass your certification within 60 days of registering for and passing your course, simply send us your test score and your course completion letter, and we will pay for your exam retake.

guarantee
image

Authorized Training Organization


CompTIA Authorized Training Organization


All of our courses undergo a stringent review by the accreditation body prior to being published. When you take a course through us, you can be assured you are getting the highest quality training and an affordable price.