CompTIA PenTest+ (PT0-002) Course



Course Details:

Length: 5 days

Price: $2,195/person (USD)

Group Price: Request Quote

Training Reviews

Course Features:

Live Instructor Teaching

Certificate of Completion

Courseware: Print

Free 6 Month Online Retake

Hands-On Learning?: Yes

Software Lab Included?: Yes

Delivery Methods:

Live Online

Individuals and Groups
@ Your Location

Onsite for Teams

Group Teams
@ Your Organization

This is an instructor-led course. It is taught by an instructor live online or at organizations for groups.
For team training, we can teach onsite at your office or private live online.

 

Course Overview

Security remains one of the hottest topics in IT and other industries. It seems that each week brings news of some new breach of privacy or security. As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.

This course can also assist you if you are pursuing the CompTIA PenTest+ certification, as tested in exam PT0-002. The course is designed to provide content and activities that correlate to the exam objectives, and therefore can be a resource as you prepare for the examination.


Register Early: Registration Deadline is 2 Weeks Prior to Class Start.

Course Objectives

After you complete this course, you will be able to plan, conduct, analyze, and report on penetration tests. You will:

  • Plan and scope penetration tests.
  • Conduct passive reconnaissance.
  • Perform non-technical tests to gather information.
  • Conduct active reconnaissance.
  • Analyze vulnerabilities.
  • Penetrate networks.
  • Exploit host-based vulnerabilities.
  • Test applications.
  • Complete post-exploit tasks.
  • Analyze and report pen test results.

Course Notes

Target Student

This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course.

This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-002, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management.

Knowledge Prerequisites

Completion of the following training or equivalent knowledge:
CompTIA Network+
CompTIA Security+
CISSP: Certified Information Systems Security Professional

Related Certifications

CompTIA PenTest+ (PT0-002)

Certification Notes: Certification exams are administered by third party testing companies. Our courses prepare you for the certification exam, which is an additional fee paid to the testing provider. You must contact the corresponding testing provider to take a certification exam.


Course Topics

Chapter 1: Penetration Testing - 1
What Is Penetration Testing?
• Cybersecurity Goals
• Adopting the Hacker Mindset
• Ethical Hacking Reasons for Penetration Testing
• Benefits of Penetration Testing
• Regulatory Requirements for Penetration Testing
Who Performs Penetration Tests?
• Internal Penetration Testing Teams
• External Penetration Testing Teams
• Selecting Penetration Testing Teams
The CompTIA Penetration Testing Process
• Planning and Scoping
• Information Gathering and Vulnerability Scanning
• Attacks and Exploits
• Reporting and Communication
• Tools and Code Analysis
The Cyber Kill Chain
• Reconnaissance
• Weaponization
• Delivery
• Exploitation
• Installation
• Command and Control
• Actions on Objectives
Tools of the Trade
• Reconnaissance
• Vulnerability Scanners
• Social Engineering
• Credential Testing Tools
• Debuggers and Software Testing Tools
• Network Testing
• Remote Access
• Exploitation
• Steganography
• Cloud Tools
Summary
Exam Essentials
Lab Exercises
• Activity 1.1: Adopting the Hacker Mindset
• Activity 1.2: Using the Cyber Kill Chain
Review Questions

Chapter 2: Planning and Scoping PenetrationTests - 31
Scoping and Planning Engagements
• Assessment Types
• Known Environments and Unknown Environments
• The Rules of Engagement
• Scoping Considerations—A Deeper Dive
• Support Resources for Penetration Tests
Penetration Testing Standards and Methodologies
Key Legal Concepts for Penetration Tests
• Contracts
• Data Ownership and Retention
• Permission to Attack (Authorization)
• Environmental Differences and Location Restrictions
Regulatory Compliance Considerations
Summary
Exam Essentials
Lab Exercises
Review Questions

Chapter 3: Information Gathering - 59
Footprinting and Enumeration
• OSINT
• Location and Organizational Data
• Infrastructure and Networks
• Security Search Engines
• Google Dorks and Search Engine Techniques
• Password Dumps and Other Breach Data
• Source Code Repositories
• Passive Enumeration and Cloud Services
Active Reconnaissance and Enumeration
• Hosts
• Services
• Networks, Topologies, and Network Traffic
• Packet Crafting and Inspection
• Enumeration
• Information Gathering and Code
• Avoiding Detection
Information Gathering and Defenses
• Defenses Against Active Reconnaissance
• Preventing Passive Information Gathering
Summary
Exam Essentials
Lab Exercises
• Activity 3.1: Manual OSINT Gathering
• Activity 3.2: Exploring Shodan
• Activity 3.3: Running an Nmap Scan
Review Questions

Chapter 4: Vulnerability Scanning - 109
Identifying Vulnerability Management Requirements
• Regulatory Environment
• Corporate Policy
• Support for Penetration Testing
• Identifying Scan Targets
• Determining Scan Frequency
• Active vs. Passive Scanning
Configuring and Executing Vulnerability Scans
• Scoping Vulnerability Scans
• Configuring Vulnerability Scans
• Scanner Maintenance
Software Security Testing
• Analyzing and Testing Code
• Web Application Vulnerability Scanning
Developing a Remediation Workflow
• Prioritizing Remediation
• Testing and Implementing Fixes
Overcoming Barriers to Vulnerability Scanning
Summary
Exam Essentials
Lab Exercises
• Activity 4.1: Installing a Vulnerability Scanner
• Activity 4.2: Running a Vulnerability Scan
• Activity 4.3: Developing a Penetration Test Vulnerability
Scanning Plan
Review Questions

Chapter 5: Analyzing Vulnerability Scans - 151
Reviewing and Interpreting Scan Reportsr
• Understanding CVSS
Validating Scan Resultsr
• False Positivesr
• Documented Exceptionsr
• Understanding Informational Resultsr
• Reconciling Scan Results with Other Data Sourcesr
• Trend Analysis
Common Vulnerabilitiesr
• Server and Endpoint Vulnerabilitiesr
• Network Vulnerabilitiesr
• Virtualization Vulnerabilitiesr
• Internet of Things (IoT)r
• Web Application Vulnerabilities
Summary
Exam Essentials
Lab Exercisesr
• Activity 5.1: Interpreting a Vulnerability Scanr
• Activity 5.2: Analyzing a CVSS Vectorr
• Activity 5.3: Developing a Penetration Testing Plan
Review Questions

Chapter 6: Exploiting and Pivoting - 195
Exploits and Attacks
• Choosing Targets
• Enumeration
• Identifying the Right Exploit
• Exploit Resources
Exploitation Toolkits
• Metasploit
• PowerSploit
• BloodHound
Exploit Specifics
• RPC/DCOM
• PsExec
• PS Remoting/WinRM
• WMI
• Fileless Malware and Living Off the Land
• Scheduled Tasks and cron Jobs
• SMB
• DNS
• RDP
• Apple Remote Desktop
• VNC
• SSH
• Network Segmentation Testing and Exploits
• Leaked Keys
Leveraging Exploits
• Common Post-Exploit Attacks
• Cross Compiling
• Privilege Escalation
• Social Engineering
• Escaping and Upgrading Limited Shells
Persistence and Evasion
• Scheduled Jobs and Scheduled Tasks
• Inetd Modification
• Daemons and Services
• Backdoors and Trojans
• Data Exfiltration and Covert Channels
• New Users
Pivoting
Covering Your Tracks
Summary
Exam Essentials
Lab Exercises
• Activity 6.1: Exploit
• Activity 6.2: Discovery
• Activity 6.3: Pivot
Review Questions

Chapter 7: Exploiting Network Vulnerabilities - 243
Identifying Exploits
Conducting Network Exploits
• VLAN Hopping
• DNS Cache Poisoning
• On-Path Attacks
• NAC Bypass
• DoS Attacks and Stress Testing
• Exploit Chaining Exploiting Windows Services
• NetBIOS Name Resolution Exploits
• SMB Exploits
Identifying and Exploiting Common Services
• Identifying and Attacking Service Targets
• SNMP Exploits 263 SMTP Exploits
• FTP Exploits 265 Kerberoasting
• Samba Exploits
• Password Attacks
• Stress Testing for Availability
Wireless Exploits
• Attack Methods
• Finding Targets
• Attacking Captive Portals
• Eavesdropping, Evil Twins, and Wireless On-Path Attacks
• Other Wireless Protocols and Systems
• RFID Cloning
• Jamming
• Repeating
Summary
Exam Essentials
Lab Exercises
• Activity 7.1: Capturing Hashes
• Activity 7.2: Brute-Forcing Services
• Activity 7.3: Wireless Testing
Questions

Chapter 8: Exploiting Physical and Social Vulnerabilities - 287
Physical Facility Penetration Testing
• Entering Facilities
• Information Gathering
Social Engineering
• In-Person Social Engineering
• Phishing Attacks
• Website-Based Attacks
• Using Social Engineering Tools Summary
Exam Essentials Lab Exercises
• Activity 8.1: Designing a Physical Penetration Test
• Activity 8.2: Brute-Forcing Services
• Activity 8.3: Using BeE
Review Questions

Chapter 9: Exploiting Application Vulnerabilities - 311
Exploiting Injection Vulnerabilities
• Input Validation
• Web Application Firewalls
• SQL Injection Attacks
• Code Injection Attacks
• Command Injection Attacks
• LDAP Injection Attacks
Exploiting Authentication Vulnerabilities
• Password Authentication
• Session Attacks
• Kerberos Exploits
Exploiting Authorization Vulnerabilities
• Insecure Direct Object References
• Directory Traversal
• File Inclusion
• Privilege Escalation
Exploiting Web Application Vulnerabilities
• Cross-Site Scripting (XSS)
• Request Forgery
• Clickjacking
Unsecure Coding Practices
• Source Code Comments
• Error Handling
• Hard-Coded Credentials
• Race Conditions
• Unprotected APIs
• Unsigned Code
Steganography
Application Testing Tools
• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Mobile Tools
Summary
Exam Essentials
Lab Exercises
• Activity 9.1: Application Security Testing Techniques
• Activity 9.2: Using the ZAP Proxy
• Activity 9.3: Creating a Cross-Site Scripting Vulnerability
Review Questions

Start your training today!