CompTIA PenTest+

22 JUL 2019-26 JUL 2019 9:00 AM - 5:00 PM (5 Days)

Network Training Center


CompTIA PenTest+ is a certification for intermediate skills level cybersecurity professionals who are tasked with hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is unique because the certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers.


After completing this course, you will accomplish following:

▪ Explain the importance of planning for an engagement.

▪ Explain key legal concepts.

▪ Explain the importance of scoping an engagement properly.

▪ Explain the key aspects of compliance-based assessments.

▪ Conduct information gathering using appropriate techniques.

▪ Perform a vulnerability scan.

▪ Analyze vulnerability scan results.

▪ Explain the process of leveraging information to prepare for exploitation.

▪ Explain weaknesses related to specialized systems.

▪ Compare and contrast social engineering attacks.

▪ Exploit network-based vulnerabilities.

▪ Exploit wireless and RF-based vulnerabilities.

▪ Exploit application-based vulnerabilities.

▪ Exploit local host vulnerabilities.

▪ Summarize physical security attacks related to facilities.

▪ Perform post-exploitation techniques.

▪ Use Nmap to conduct information gathering exercises.

▪ Compare and contrast various use cases of tools.

▪ Analyze tool output or data related to a penetration test.

▪ Analyze a basic script (limited to Bash, Python, Ruby, and PowerShell) Reporting and Communication.

▪ Use report writing and handling best practices.

▪ Explain post-report delivery activities.

▪ Recommend mitigation strategies for discovered vulnerabilities.

▪ Explain the importance of communication during the penetration testing process.


Lesson 1: Planning and Scoping Penetration Tests

▪ Introduction to Penetration Testing Concepts

▪ Plan a Pen Test Engagement

▪ Scope and Negotiate a Pen Test Engagement

▪ Prepare for a Pen Test Engagement

Lesson 2: Conducting Passive Reconnaissance

▪ Gather Background Information

▪ Prepare Background Findings for Next Steps

Lesson 3: Performing Non-Technical Tests

▪ Perform Social Engineering Tests

▪ Perform Physical Security Tests on Facilities

Lesson 4: Conducting Active Reconnaissance

▪ Scan Networks

▪ Enumerate Targets

▪ Scan for Vulnerabilities

▪ Analyze Basic Scripts

Lesson 5: Analyzing Vulnerabilities

▪ Analyze Vulnerability Scan Results

▪ Leverage Information to Prepare for Exploitation

Lesson 6: Penetrating Networks

▪ Exploit Network-Based Vulnerabilities

▪ Exploit Wireless and RF-Based Vulnerabilities

▪ Exploit Specialized Systems

Lesson 7: Exploiting Host-Based Vulnerabilities

▪ Exploit Windows-Based Vulnerabilities

▪ Exploit *Nix-Based Vulnerabilities

Lesson 8: Testing Applications

▪ Exploit Web Application Vulnerabilities

▪ Test Source Code and Compiled Apps

Lesson 9: Completing Post-Exploit Tasks

▪ Use Lateral Movement Techniques

▪ Use Persistence Techniques

▪ Use Anti-Forensics Techniques

Lesson 10: Analyzing and Reporting Pen Test Results

▪ Analyze Pen Test Data

▪ Develop Recommendations for Mitigation Strategies

▪ Write and Handle Reports

▪ Conduct Post-Report-Delivery Activities


▪ 3-4 years of hands-on information security or related experience

▪ Network+, Security+, or equivalent knowledge


For more information, please call +66 (0) 2634-7993-4