CompTIA PenTest+: PT0-002: CompTIA PenTest+

https://www.skillsoft.com/channel/comptia-pentest-0ac89cc6-cb13-4ba1-906d-d436ea165078?certificationexam=130826 https://www.skillsoft.com/channel/comptia-pentest-0ac89cc6-cb13-4ba1-906d-d436ea165078?certificationexam=130827
  • 16 Courses | 22h 31m 23s
  • 12 Courses | 11h 40m 54s
  • 5 Books | 40h 35m
  • Includes Lab
Likes 120 Likes 120
 
Prepare to become PenTest+ certified by acquiring knowledge in penetration testing and vulnerability management.

GETTING STARTED

CompTIA PenTest+: Scoping & Engagement

  • Playable
    1. 
    Course Overview
    1m 24s
    NOW PLAYING
  • Playable
    2. 
    Regulatory Compliance Considerations
    8m 32s
    UP NEXT

GETTING STARTED

CompTIA PenTest+: Planning for an Engagement

  • Playable
    1. 
    Why We Need Penetration Testers
    5m 55s
    NOW PLAYING
  • Playable
    2. 
    The CompTIA PenTest+ Exam
    3m 43s
    UP NEXT

COURSES INCLUDED

CompTIA PenTest+: Scoping & Engagement
Penetration testing is a coordinated and simulated cyberattack used to evaluate the security of a computer system or computer network. The initial and critical planning phase of penetration testing is key to a successful engagement process. In this course, you'll explore the fundamentals of penetration testing, including a comparison of governance, risk, and compliance concepts. You'll examine legal concepts such as service level agreements, statements of work, non-disclosure agreements, and master service agreements. You'll learn the importance of scoping and organizational and customer requirements, including common standards and methodologies, rules of engagement, environmental considerations, target list definition, and scope of the engagement validation. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
15 videos | 1h 30m has Assessment available Badge
CompTIA PenTest+: Professionalism & Integrity
Penetration testers must be ethical in order to avoid any illegal activities and to best serve clients. In this course, you'll learn how to develop and demonstrate an ethical hacking mindset by maintaining integrity and professionalism during penetration testing exercises. You'll explore the importance of performing background checks on penetration testing team members and adhering to the scope of engagement. You'll then examine how to identify, handle, and report on security breaches and potential findings of a criminal nature. You'll learn how to limit the use of tools for a particular engagement and invasiveness based on scope. Lastly, you'll learn the importance of maintaining data and information confidentiality of data and information and explore risks to penetration testing team members. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
10 videos | 1h 12m has Assessment available Badge
CompTIA PenTest+: Passive Reconnaissance
One of the main responsibilities of a penetration tester is to gather information by way of reconnaissance. Simply put, reconnaissance is the process of collecting as much information as possible about a target. In this course, you'll learn how to gather information using various passive reconnaissance techniques such as DNS lookups, cryptographic flaws, and social media scraping. You'll learn how to differentiate between cloud and self-hosted reconnaissance and examine valuable data found in password dumps, metadata, and public source-code repositories. You'll also explore how to use open source intelligence techniques, tools, and sources to exploit weaknesses and gather intelligence. This course will help prepare learners for the CompTIA PenTest+ PT0-002 certification exam.
11 videos | 1h 18m has Assessment available Badge
CompTIA PenTest+: Active Reconnaissance
Active reconnaissance requires a penetration tester to engage and interact with the targeted system to gather information and identify vulnerabilities. To do this, penetration testers can use several different methods including automated scanning and manual testing techniques. In this course, you'll learn how to use active reconnaissance techniques such as enumeration and web site reconnaissance, which are commonly used to gather intelligence about hosts, services, and web sites. You'll also learn about packet crafting, tokens, wardriving, network traffic, active fingerprinting, and defense detection and avoidance techniques. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
13 videos | 1h 19m has Assessment available Badge
CompTIA PenTest+: Vulnerability Scanning
Vulnerability scanning is a process used to assess systems for known weaknesses. In this course, you'll learn how to configure vulnerability scanner settings and scan targets for vulnerabilities. You'll explore the different types of scanning methods, as well as vulnerability testing tools and common scanning themes. Next, you'll learn how to perform a scan analysis. You'll also examine the Nmap utility, which is designed to discover hosts and services on a computer network. You'll move on to explore Nmap Scripting Engine scripts and the numerous switches included in the Nmap utility that can helpful in penetration testing. Lastly, you'll learn about vulnerability testing tools that can help facilitate automation. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
14 videos | 1h 30m has Assessment available Badge
CompTIA PenTest+: Network Attacks & Exploits
Network attacks are commonly performed to gain unauthorized access to an organization's network, with a goal of performing malicious activity or stealing data. In this course, you'll learn how to research attack vectors and perform network attacks. You'll learn about password attacks such as password spraying, hash cracking, brute force, and dictionary. You'll explore how to perform common network attacks such as ARP poisoning, on-path, kerberoasting, virtual local area network hopping, as well as Link-Local Multicast Name Resolution and NetBIOS Name Service poisoning. Finally, you'll explore common network attack tools such as Metasploit, Netcat, and Nmap. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
19 videos | 2h 15m has Assessment available Badge
CompTIA PenTest+: Wireless Attacks
The goal of a wireless network attack is generally to capture information sent across the network. In this course, you'll learn how to research attack vectors and perform wireless attacks. You'll explore common wireless network attack methods including eavesdropping, data modification, data corruption, relay attacks, spoofing, jamming, on-path, and capture handshakes. You'll then learn about common network attacks such as evil twin, bluejacking, bluesnarfing, radio-frequency identification cloning, amplification attacks, and Wi-Fi protected setup PIN attacks. Lastly, you'll discover how to use aircrack-ng suite and amplified antenna wireless network attack tools. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
13 videos | 1h 9m has Assessment available Badge
CompTIA PenTest+: Application-based Attacks
Application-based attacks are designed to deliberately cause a fault in a computer's operating system or applications. In this course, you'll learn how to research attack vectors and perform application-based attacks. You'll explore the benefits of the OWASP Top 10 standard awareness document, which is used to present the most critical security risks to web applications. You'll examine application-based attacks such as server-side request forgery, business logic flaws, and injection attacks. You'll move on to learn about application vulnerabilities such as race conditions, lack of code signing, and session attacks, as well as the characteristics of API attacks such as Restful, Soap, and Extensible Markup Language-Remote Procedure Call. Lastly, you'll learn about application-based attack tools and resources. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
15 videos | 1h 31m has Assessment available Badge
CompTIA PenTest+: Attacks on Cloud Technologies
Penetration testers need to account for all types of systems available in an environment. In addition to servers and network appliances, this can also include cloud-based systems. In this course, you'll learn how to research attack vectors and perform attacks on cloud technologies. You'll explore common cloud-based attacks, such as credential harvesting, privilege escalation, and account takeovers. You'll learn how to identify misconfigured cloud assets, including identity and access management and containerization technologies. You'll move on to explore how cloud malware injection, denial of service, and side-channel attacks can exploit a system. Lastly, you'll learn about common cloud tools such as the software development kit. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
13 videos | 1h 13m has Assessment available Badge
CompTIA PenTest+: Attacks on Specialized Systems
Specialized systems by nature can be very challenging for penetration testers. They can use proprietary operating systems and file systems, and may require advanced reverse engineering and sandbox analysis. However, specialized systems are also very susceptible when it comes to weaknesses and vulnerabilities. In this course, you'll learn how to identify common attacks and vulnerabilities against specialized systems, including mobile systems and Internet of Things devices. You'll also explore common vulnerabilities, including data storage system vulnerabilities, management interface vulnerabilities, vulnerabilities related to virtual environments, and vulnerabilities related to containerized workloads. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
11 videos | 1h 14m has Assessment available Badge
CompTIA PenTest+: Social Engineering Attacks
Social engineering involves the psychological manipulation of people and it's used to trick them into divulging information or performing certain actions. In this course, you'll learn how social engineering attacks are performed and how they can be used by attackers. You'll explore the pretext for a social engineering approach, as well as various social engineering attacks such as e-mail phishing, vishing, short message service, phishing, universal serial bus drop key, and watering hole. You'll then learn about tailgating, dumpster diving, shoulder surfing, and badge cloning physical attack methods. Lastly, you'll examine social engineering impersonation techniques, methods of influence, and tools. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
15 videos | 1h 57m has Assessment available Badge
CompTIA PenTest+: Post-Exploitation Techniques
Cybercriminals use post-exploitation techniques to maintain a level of access while they attempt to perform other actions during an open session. In this course, you'll learn about post-exploitation techniques and tools. You'll explore common post-exploitation tools such as Empire, Mimikatz, and BloodHound. Next, you'll examine post-exploitation techniques such as lateral movement, privilege escalation, and upgrading a restrictive shell. You'll learn techniques used to maintain foothold and persistence using trojans, backdoors, and daemons. Finally, you'll learn detection avoidance techniques, as well as enumeration techniques used to extract users, groups, forests, sensitive data, and unencrypted files. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
12 videos | 1h 5m has Assessment available Badge
CompTIA PenTest+: Written Reports
A final written report is prepared by a penetration tester or testing team to document all findings and recommendations for the client once the engagement has completed. In this course, you'll learn the critical components of a written report, as well as the importance of communication during the penetration testing process. You'll explore how to analyze and report on findings, and how to securely distribute of the final product. Next, you'll examine common content to include in a written report such as an executive summary, scope details, methodology, findings, and conclusion. Lastly, you'll learn the steps required to properly analyze the findings and recommend the appropriate remediation within a report. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
10 videos | 1h 25m has Assessment available Badge
CompTIA PenTest+: Communication & Post-Report Activities
During penetration testing, tester activities can leave behind remnants that may alter a system. Any action performed during testing should be clearly documented. Upon completion of testing, penetration testers should perform a series of post-report delivery activities that include removing shells, removing tester created credentials, and removing any penetration testing tools. In this course, you'll explore post-report delivery activities such as post-engagement cleanup, client acceptance, lessons learned, attestation of findings, as well as data destruction processes and best practices. You'll also learn the importance of communication during the penetration testing process. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
11 videos | 50m has Assessment available Badge
CompTIA PenTest+: Analyzing Tool & Script Output
Scripting languages can be used by penetration testers to help automate the execution of common tasks and increase the depth and scope of testing coverage. In this course, you'll learn the basic concepts of scripting and software development. Explore logic constructs concepts such as loops and conditionals, as well as the following operators; Boolean, string, and arithmetic. Discover other basic concepts of scripting including data structures, libraries, classes, procedures, and functions. You then explore how to analyze a script or code sample for use in a penetration test. Discover shells, programming languages, and exploit codes, and learn how to identify opportunities for automation. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
12 videos | 1h 14m has Assessment available Badge
CompTIA PenTest+: Penetration Testing Tools
A penetration tester's toolkit should include a wide range of tools and may vary based on the penetration testing engagement requirements. In this course, you'll explore use cases of tools required during the different phases of a penetration test. You'll examine scanner tools such as Nikto, SQLmap, and WPScan, as well as credential testing tools and debuggers. You'll learn about open-source intelligence tools, as well as wireless and networking tools such as Wireshark. Next, you'll explore web application, social engineering, remote access tools, and other miscellaneous tools. Lastly, you'll learn about common steganography tools and cloud tools. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.
16 videos | 1h 43m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

CompTIA PenTest+: Planning for an Engagement
Discover how penetration testing exposes weaknesses in security. During this course, you will learn all about the CompTIA PenTest+ exam. Begin by getting to know your audience and the rules of engagement for penetration tests. Next, compare resources, requirements, and budgets. Observe how to conduct an impact analysis and trace remediation timelines. Learn how to review disclaimers and confirm engagement support resources; consider technical constraints, and examine contracts and agreements, such as statements of work. Evaluate environmental differences between clients. Finally, learn why it is important to get written authorization instead of an oral agreement, before the execution of a penetration test.
11 videos | 1h has Assessment available Badge
CompTIA PenTest+: Scoping an Engagement
How far does a security test need to go? This course shows you how to set the scope of a security penetration test. Begin by identifying security assessment types, how to select security targets, and how to determine the testing scope strategy. Next, you will determine who tests the security and learn how to confirm their test methods. Discover how to review the test outcome to determine the level of acceptable risks, risk impacts, and risk treatments. Learn how to avoid scope creep with clients, and identify threat actors and agents. Conclude by aligning tests to regulations and standards, such as PCI DSS, FISMA, MARS-E, HIPAA, SOX, and ISO.
10 videos | 59m has Assessment available Badge
CompTIA PenTest+: Information Gathering
Discover how to gather information and perform white hat reconnaissance through scanning, enumeration, fingerprinting, and eavesdropping. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. Among the topics covered you will explore how to leverage data to prepare for exploitation. Learn about packet crafting, packet and certificate inspection, decompilation, debugging, open-source intelligence collection, and how to map and prioritize potential intruders. Identify common attack techniques. Conclude with an exercise to name five of the OWASP Top 10 for 2017, list five certificate inspection issues and common enumeration types, and list three UNIX/Linux enumeration tools.
12 videos | 57m has Assessment available Badge
CompTIA PenTest+: Vulnerability Identification
Discover how to properly perform and analyze vulnerability scans, in preparation for the PT0-001: CompTIA PenTest+ certification exam. During this course you will learn about scan types, their considerations, applications, and containers, such as the Docker software platform. Discover how to categorize assets for scans and how to adjudicate and prioritize scans. Review common scanning themes, such as the definition of vulnerability. See how to perform a vulnerability scan and analyze its results. As an exercise, you will list eight common examples of compliance scans, name three benefits of credentialed scans, and list three considerations about vulnerability scans.
9 videos | 44m has Assessment available Badge
CompTIA PenTest+: Social Engineering & Specialized System Attacks
Familiarize yourself with various aspects of social engineering exploits and attacks, as well as specialized system attacks. This course can be used to prepare for the PT0-001: CompTIA PenTest+ certification exam. Begin by learning about weaknesses in specialized systems, such as SCADA, which is used to remotely monitor and control unmanned critical infrastructure, such as parts of the electrical grid. Next, learn how to address phishing attacks, elicitation exploits, interrogation techniques, impersonation, hoaxing, shoulder surfing, USB key dropping, and motivation techniques. Finally, explore how to choose the best software for a pentesting lab, and how to configure a pentesting lab environment.
11 videos | 1h 1m has Assessment available Badge
CompTIA PenTest+: Network-Based Exploits
Discover how to exploit vulnerabilities in wired and wireless networks that take advantage of weaknesses at several layers of the OSI model. During this course, you will explore name resolution, SMB, FTP, DNS, and pass the hash exploits, as well as denial-of-service, NAC bypass and VLAN hopping. Other topics include evil twin, bluejacking, bluesnarfing, cloning, jamming, man-in-the-middle, and repeating. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. As a review exercise, you will name four weaknesses or specific attacks on WEP, list four scanner SMB auxiliary Metasploit modules, and list four of the five top DNS attacks during 2017/2018.
12 videos | 1h 23m has Assessment available Badge
CompTIA PenTest+: Application-Based Vulnerabilities
There are common exploits and vulnerabilities of applications and programs that security professionals be aware of. During this course, you will explore topics such as injection attacks, authentication and authorization exploits, cross-site scripting attacks, cross-site request forgery, clickjacking, security misconfiguration, file inclusion exploits, and unsecure code practices. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. As a review exercise, you will list three types of exploits from SQL injection attacks, name three SQLi attack tools, and name five unsecure coding practices.
10 videos | 56m has Assessment available Badge
CompTIA PenTest+: Local Host Vulnerabilities
Discover how to conduct penetration testing against specific local host operating systems, with an emphasis on Windows and Linux systems. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. You will learn how to recognize OS vulnerabilities, describe service and protocol configurations, and classify additional host-based exploits. As you delve into the topics, you will consider host-based and sandbox exploits and default account setting vulnerabilities. As a review exercise, you will list the five steps of a Linux privilege escalation exploit, name four protocol misconfiguration attack vectors, and name four features of securely encrypted enclaves.
8 videos | 41m has Assessment available Badge
CompTIA PenTest+: Post-Exploitation & Facilities Attacks
Explore topics that involve physical security attacks related to facilities, and learn about post-exploitation techniques. This course can be used to help prepare for the PT0-001: CompTIA PenTest+ certification exam. You will start with a reminder of the six phases of the pen testing life cycle, with a focus on phase five: post-exploitation or post-exploit. Learn about exploit tactics, such as lateral movement, persistence, covering tracks, piggybacking, tailgating, fence jumping, dumpster diving, lock picking, bypass, and badge cloning. As you delve deeper into the course, you will discover how to compare the features of various types of egress sensors, such as photoelectric, passive infrared, and vibration.
10 videos | 44m has Assessment available Badge
CompTIA PenTest+: Penetration Testing
Explore and evaluate various penetration testing tools, scripts, modules, and utilities, such as Nmap, scanner tools, credential testing tools, debuggers and software assurance tools, OSINT tools, networking and wireless tools, web proxies and social engineering tools, and remote access tools. This course can be used to help prepare for the PT0-001: CompTIA PenTest+ certification exam. As a review exercise, you will list five reason why an organization might need penetration tests, list five top candidate sectors that could use penetration tests, and name four OSINT tools. 
11 videos | 1h 28m has Assessment available Badge
CompTIA PenTest+: Analyzing Tool & Output
Explore and evaluate various penetration testing analysis techniques using tool and script output such as Password Cracking and Pass the Hash Outputs, Bind Shell and Reverse Shell, Analyzing Injections, and Analyzing Error Handling and Arrays. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
12 videos | 1h 2m has Assessment available Badge
CompTIA PenTest+: Reporting & Communication
Explore Domain 5 of the CompTIA PenTest+ exam, which includes report and communication topics, as well as mitigation solutions and remediation strategies. This course can be used to help prepare for the PT0-001: CompTIA PenTest+ certification exam. Start by learning about data normalization and how to write executive summaries of your findings. Next, observe secure practices to dispose of reports, remove shells and tools, clear tester-created credentials, and delete all other artifacts. Conclude by learning how to recommend mitigation strategies for vulnerabilities while maintaining clear communication with the client. 
8 videos | 39m has Assessment available Badge
SHOW MORE
FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

BOOKS INCLUDED

Book

CompTIA PenTest+ Study Guide: Exam PT0-001
Whether you’re just embarking on your certification journey or finalizing preparations for the big day, this invaluable resource helps you solidify your understanding of essential skills and concepts.
Book Duration 8h 45m Book Authors By David Seidl, Mike Chapple

Book

CompTIA PenTest+ Practice Tests: Exam PT0-001
Providing over 1,000 questions that cover the concepts of the CompTIA PenTest+ certification exam objectives, this book will help you determine what you need to focus more on prior to taking the actual exam.
Book Duration 13h 5m Book Authors By Crystal Panek, Robb Tracy

Book

CompTIA PenTest+ Certification All-in-One Exam Guide (Exam PT0-001)
With complete coverage of all the objectives included on the CompTIA PenTest+ exam, this definitive guide provides learning objectives, hands-on exercises, exam tips, and practice questions with in-depth answer explanations to help you pass the exam with ease.
Book Duration 7h 13m Book Authors By Ray Nutting

Book

CompTIA PenTest+ Certification Practice Exams (Exam PT0-001)
Prepare for the challenging PenTest+ exam from CompTIA using this highly effective self-study guide. This book offers accurate practice questions for all exam objectives and includes a valuable pre-assessment test that enables you to tailor a course for study.
Book Duration 3h 47m Book Authors By Jonathan Ammerman

Book

CompTIA PenTest+ Certification Passport: Exam PT0-001
Featuring end of chapter review sections and accurate practice exam questions with in-depth answer explanations, this concise, quick-review test preparation guide offers 100% coverage of all exam objectives for the new CompTIA PenTest+ exam.
Book Duration 7h 45m Book Authors By Heather Linn
SHOW MORE
FREE ACCESS

YOU MIGHT ALSO LIKE

CHANNEL CompTIA Linux+
Likes 409 Likes 409  
Likes 1 Likes 1