Topics covered in this CompTIA Pentest+ Course

Module 1: Understanding the target audience

• Rules of engagement
• Communication escalation path
• Resources and requirements
• Budget
• Impact analysis and remediation timelines
• Disclaimers
• Technical constraints
• Support resources
• Contracts
• Environmental differences
• Written authorization
• Scoping
• Risk acceptance
• Tolerance to impact
• Scheduling
• Scope creep
• Threat actors
• Compliance-based assessments, limitations and caveats
• Clearly defined objectives based on regulations

Module 2: Information Gathering and Vulnerability Identification

• Scanning
• Enumeration
• Packet crafting
• Packet inspection
• Fingerprinting
• Cryptography
• Eavesdropping
• Decompilation
• Debugging
• Open Source Intelligence Gathering
• Credentialed vs. non-credentialed
• Types of scans
• Container security
• Application scan
• Considerations of vulnerability scanning
• Asset categorization
• Adjudication
• Prioritization of vulnerabilities
• Common themes
• Map vulnerabilities to potential exploits
• Prioritize activities in preparation for penetration test
• Describe common techniques to complete attack
• ICS
• SCADA
• Mobile
• IoT
• Embedded
• Point-of-sale system
• Biometrics
• Application containers
• RTOS

Module 3: Attacks and Exploits

• Phishing: Spear phishing, SMS phishing, Voice phishing, Whaling
• Elicitation
• Interrogation
• Impersonation
• Shoulder surfing
• USB key drop
• Motivation techniques: Authority, Scarcity, Social proof, Urgency, Likeness, Fear
• Name resolution exploits
• SMB exploits
• SNMP exploits
• SMTP exploits
• FTP exploits
• DNS cache poisoning
• Pass the hash
• Man-in-the-middle
• DoS/stress test
• NAC bypass
• VLAN hopping
• Evil twin
• Deauthentication attacks
• Fragmentation attacks
• Credential harvesting
• WPS implementation weakness
• Bluejacking
• Bluesnarfing
• RFID cloning
• Jamming
• Repeating
• Injections
• Authentication: Credential brute forcing, Session hijacking, Redirect, Default credentials, Weak credentials, Kerberos exploits
• Authorization
• Cross-site scripting (XSS)
• Cross-site request forgery (CSRF/XSRF)
• Clickjacking
• Security misconfiguration
• File inclusion
• Unsecure code practices: Comments in source code, Lack of error handling, Overly verbose error handling , Hard-coded credentials, Race conditions, Unauthorized use of functions/unprotected APIs, Hidden elements, Lack of code signing
• OS vulnerabilities
• Unsecure service and protocol configurations
• Privilege escalation
• Default account settings
• Sandbox escape
• Physical device security
• Piggybacking/tailgating
• Fence jumping
• Dumpster diving
• Lock picking
• Lock bypass
• Egress sensor
• Badge cloning
• Lateral movement
• Persistence
• Scheduled jobs
• Scheduled tasks
• Daemons
• Back doors
• Trojan
• New user creation
• Covering your tracks

Module 4: Penetration Testing Tools

• SYN scan (-sS) vs. full connect scan (-sT)
• Port selection (-p)
• Service identification (-sV)
• OS fingerprinting (-O)
• Disabling ping (-Pn)
• Target input file (-iL)
• Timing (-T)
• Output parameters: oA, oN, oG, oX

Module 5: Reporting and Communication

Assessment

• Once you successfully pass the programme(s), you will be able to download a CMIT Digital Certificate of Completion. This can be accessed via the Progress Reports section located on the top right side of your eLearning platform.
• You may optionally take exams to receive certification. Exam fees are not included in the course price. More information on exams can be found on the CMIT exam page.

Technical Requirements

• Broadband internet connection of at least 10Mbps.
• Browser – we recommend Chrome or Safari for Tablet or Apple Mac; and Firefox or Internet Explorer for PC hardware.
• Operating System – PC (Windows 7 or later), Mac or Android.

Accreditation

• You may optionally take exams to receive CompTIA certification.
• More information can be found on the CMIT Accreditation Details page.