Comptia : CompTIA PenTest+
CompTIA PenTest+ course with 12 months access from IT Certify
IT Certify
Summary
Limited Special offer ends 31st July 2024**
- Exam(s) / assessment(s) not included in price, and must be purchased separately
Add to basket or enquire
Overview
Penetration testing and vulnerability management
For Cyber Security Professionals
You will become armed with a multitude of cyber protection devices
To ensure nothing gets through
CompTIA PenTest+
The CompTIA PenTest + is a highly hands-on course and will give you experience in network and system penetration testing. It covers all of the exam objectives for the PT0-001 exam while taking the learner step-by-step through hacking and exploiting each network and system type.
In this course you will learn hands-on penetration testing and hacking skills including:
- Client engagement and documentation
- Passive and active reconnaissance
- Windows, Linux, and mobile device system hacking
- Physical security testing and social engineering
- Wired and wireless network hacking and exploitation
- Network service hacking and exploitation
- Application and web app hacking and exploitation
- Lateral movement and persistence in a compromised network
- Covering your tracks
- Report writing and post-test cleanup
This course is intended for advanced students and Cyber Security practitioners who will actively test networks and computer systems for vulnerabilities. Successful completion of two pre-requisite courses, Network+ and Security+, is highly recommended (but not a prerequisite)
Certification
CompTIA PenTest+
Course media
Description
Just some of the modules from the course:
Module 1 - The Pen Test Engagement
In this module, you will learn how to work with a client and prepare for a penetration testing engagement. The topics are:
1. Penetration Testing Overview
• In this topic, you will learn what a penetration test is, the steps taken to prepare for a
pentest, tools used, communicating with the client and your team, and pen testing
standards and frameworks.
2. Engagement Planning
• In this topic, you will learn about the logistics of planning for a pentest engagement
including setting scope, determining end goals and deliverables, assessment types, threat
modeling, and scheduling.
3. Engagement Documents
• In this topic, you will learn about documentation required for a professional pentest
engagement including contracts, authorizations, rules of engagement, impact analysis,
disclaimers, and support resources.
4. Prepare to Go Live
• In this topic, you will prepare both the client and your team to start the actual test
Module 2 - Passive Reconnaissance
In this module, you will learn how to gather background information on your target. The topic is:
1. OSINT
• In this topic, you will learn about passive reconnaissance through open source intelligence
gathering, including using websites, social media, Google hacking, DNS querying, and
other tools.
• Activities include using Whois, Google Hacking Database, theHarvester, Recon-ng, FOCA,
dig, nslookup, and Shodan
Active Reconnaissance, Physical Security and Social Engineering
Module 3 – Active Reconnaissance
In this module, you will learn how to actively search for targets. The topics are:
1. Host Discovery and Port Scanning
• In this topic, you will learn about the different tools and methods for discovering target
systems and the services they provide.
• Activities include using the command line, nmap, and Metasploit.
2. Enumeration
• In this topic, you will learn how to obtain additional information from network services,
Windows and Linux systems, as you prepare to exploit those systems.
• Activities include using Windows and Linux command line commands, nmap, netcat,
telnet, rpcclient, dirbuster, and Metasploit.
3. Vulnerability Scanning
• In this topic, you will use different types of scans including packet crafting to discover
exploitable vulnerabilities on hosts, websites, network services, and network devices.
• Activities include using OpenVAS, nmap NSE scripts, Metasploit Pro, sqlmap, Nikto,
MBSA, hping3, airmon-ng, aircrack-ng, Fern Wi-Fi Cracker, mdk3, and Kismet.
Module 4 – Physical Security
In this module, you will learn how to test physical security controls. The topic is:
1. Physical Security Tests
• In this topic, you will learn about ways to circumvent physical security controls to gain
access to restricted areas.
• Activities include RFID badge cloning
Module 5 – Social Engineering
In this topic, you will learn about social engineering. The topic is:
1. Social Engineering Attacks
• In this topic, you will learn how to execute both technical and non-technical social
engineering attacks.
• Activities include using msfvenom and Metasploit for USB stick baiting, and the Kali Social
Engineering Toolkit for website login cloning, phishing, and credential interception.
Vulnerability, Password cracking, Penetrating Wired and Wireless Networks
Module 6 – Vulnerability Scan Analysis
In this module, you will learn how to examine vulnerability scan results to choose the best exploit against
discovered targets. The topic is:
1. Vulnerability Scan Results
• In this topic, you will learn how to assess vulnerability scan results, weed out false
positives, adjudicate and prioritize findings, and map vulnerabilities to exploits. You will
also learn about both the value and limits of using automated vulnerability scans in your
pentest engagement.
• Activities include using Metasploit Pro to validate vulnerability scan findings and
determine the appropriate exploit modules that can be used to penetrate the
vulnerable systems.
Module 7 – Password Cracking
In this module, you will learn the basics of password cracking. The topic is:
1. Password Cracking Types
• In this topic, you will learn about dictionary, rainbow table, and brute force attacks. You
will learn how to brute force network service authentication, intercept a network
authentication, and pass-the-hash.
• Activities include using Medusa, John-the-Ripper, Wireshark, and Metasploit.
NOTE: You will learn additional password cracking techniques in subsequent modules.
Module 8 – Penetrating Wired Networks
In this module, you will learn how to penetrate a wired Ethernet network. The topic is:
1. Common Network Exploits
• In this topic, you will learn how to sniff wired network activity, intercept file transfers,
read transmitted email, conduct Man-in-the-Middle attacks using ARP poisoning, hijack
TCP sessions, execute network-based denial-of-service attacks, and exploit common
network services.
Who is this course for?
Anyone with an interest in a career in IT
Requirements
Just the dedication and passion to start your career path in IT
Computer / laptop / internet connection
Career path
Cyber Security
Questions and answers
Reviews
Currently there are no reviews for this course. Be the first to leave a review.
Add to basket or enquire
Course provided by
Legal information
This course is advertised on reed.co.uk by the Course Provider, whose terms and conditions apply. Purchases are made directly from the Course Provider, and as such, content and materials are supplied by the Course Provider directly. Reed is acting as agent and not reseller in relation to this course. Reed's only responsibility is to facilitate your payment for the course. It is your responsibility to review and agree to the Course Provider's terms and conditions and satisfy yourself as to the suitability of the course you intend to purchase. Reed will not have any responsibility for the content of the course and/or associated materials.
