CompTIA PenTest+

• Course Fee: £355 or Any 2 CompTIA courses Special Offer £455
• Exam fees are not included in the course price. Click here for exam information.
• Approved CompTIA eLearning Course
  
• eLearning course leading to certification from CompTIA
• Students have 12 months to work at their own pace and can start at any time of year
• Click here to Enrol for this course online now
• Click here to Request a Prospectus

Course Details

This comprehensive CompTIA PenTest+ elearning course prepares you for the PenTest+ exam. PenTest+ is unique because the certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers.The CompTIA PenTest+ course will ensure the successful candidate has the knowledge and skills required to:

• Plan and scope an assessment.
• Understand legal and compliance requirements.
• Perform vulnerability scanning and penetration testing using appropriate tools and techniques
• Analyze the results.

This CompTIA PenTest+ course includes the following features:

• Instructor-led demonstrations and visual presentations to develop your skills based on real-world scenarios.
• Unlike a live class, you can fast-forward, repeat or rewind all your lectures. This gives you all the benefit of hands-on training with the flexibility of doing it around your schedule 24/7.
• Flashcards and Education Games are also provided throughout the course.
• Practice exams prepare you for your exams. These exams are on average 100 questions to ensure you are 100% prepared if you are taking a certification exam.
• You can also interact and collaborate with other students through our forums, student contributions and announcement features.

Who should complete this course?

• IT Managers, IT Security personnel, Programmers and Developers, IT Security Managers.
• People considering a career in IT Security Management.

Entry Requirements / Prerequisites

• None. It is however recommended that students have Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
• For technical requirements required to access CMIT eLearning click here>
• For more details on the suitability of this course click here>

How CMIT eLearning Works…

Topics covered in this CompTIA Pentest+ Course

Module 1: Understanding the target audience

• Rules of engagement
• Communication escalation path
• Resources and requirements
• Budget
• Impact analysis and remediation timelines
• Disclaimers
• Technical constraints
• Support resources
• Contracts
• Environmental differences
• Written authorization
• Scoping
• Risk acceptance
• Tolerance to impact
• Scheduling
• Scope creep
• Threat actors
• Compliance-based assessments, limitations and caveats
• Clearly defined objectives based on regulations

Module 2: Information Gathering and Vulnerability Identification

• Scanning
• Enumeration
• Packet crafting
• Packet inspection
• Fingerprinting
• Cryptography
• Eavesdropping
• Decompilation
• Debugging
• Open Source Intelligence Gathering
• Credentialed vs. non-credentialed
• Types of scans
• Container security
• Application scan
• Considerations of vulnerability scanning
• Asset categorization
• Adjudication
• Prioritization of vulnerabilities
• Common themes
• Map vulnerabilities to potential exploits
• Prioritize activities in preparation for penetration test
• Describe common techniques to complete attack
• ICS
• SCADA
• Mobile
• IoT
• Embedded
• Point-of-sale system
• Biometrics
• Application containers
• RTOS

Module 3: Attacks and Exploits

• Phishing: Spear phishing, SMS phishing, Voice phishing, Whaling
• Elicitation
• Interrogation
• Impersonation
• Shoulder surfing
• USB key drop
• Motivation techniques: Authority, Scarcity, Social proof, Urgency, Likeness, Fear
• Name resolution exploits
• SMB exploits
• SNMP exploits
• SMTP exploits
• FTP exploits
• DNS cache poisoning
• Pass the hash
• Man-in-the-middle
• DoS/stress test
• NAC bypass
• VLAN hopping
• Evil twin
• Deauthentication attacks
• Fragmentation attacks
• Credential harvesting
• WPS implementation weakness
• Bluejacking
• Bluesnarfing
• RFID cloning
• Jamming
• Repeating
• Injections
• Authentication: Credential brute forcing, Session hijacking, Redirect, Default credentials, Weak credentials, Kerberos exploits
• Authorization
• Cross-site scripting (XSS)
• Cross-site request forgery (CSRF/XSRF)
• Clickjacking
• Security misconfiguration
• File inclusion
• Unsecure code practices: Comments in source code, Lack of error handling, Overly verbose error handling , Hard-coded credentials, Race conditions, Unauthorized use of functions/unprotected APIs, Hidden elements, Lack of code signing
• OS vulnerabilities
• Unsecure service and protocol configurations
• Privilege escalation
• Default account settings
• Sandbox escape
• Physical device security
• Piggybacking/tailgating
• Fence jumping
• Dumpster diving
• Lock picking
• Lock bypass
• Egress sensor
• Badge cloning
• Lateral movement
• Persistence
• Scheduled jobs
• Scheduled tasks
• Daemons
• Back doors
• Trojan
• New user creation
• Covering your tracks

Module 4: Penetration Testing Tools

• SYN scan (-sS) vs. full connect scan (-sT)
• Port selection (-p)
• Service identification (-sV)
• OS fingerprinting (-O)
• Disabling ping (-Pn)
• Target input file (-iL)
• Timing (-T)
• Output parameters: oA, oN, oG, oX

Module 5: Reporting and Communication

Assessment

• Once you successfully pass the programme(s), you will be able to download a CMIT Digital Certificate of Completion. This can be accessed via the Progress Reports section located on the top right side of your eLearning platform.
• You may optionally take exams to receive certification. Exam fees are not included in the course price. Click here for exam information.

Technical Requirements

• Broadband internet connection of at least 10Mbps.
• Browser – we recommend Chrome or Safari for Tablet or Apple Mac; and Firefox or Internet Explorer for PC hardware.
• Operating System – PC (Windows 7 or later), Mac or Android.

Accreditation

• You may optionally take exams to receive CompTIA certification.
• Click here for Accreditation Details

Student Reviews of this Course